urlscan.io logo urlscan.io
SecurityTrails logo

www.mirror.in.th Open in urlscan Pro
178.208.83.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Effective URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Submission: On April 13 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 93 HTTP transactions. The main IP is 178.208.83.40, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, Moscow, Russia, RU. The main domain is www.mirror.in.th.
This is the only time www.mirror.in.th was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    178.208.83.40 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU)
PTR: s4.h.mchost.ru
mirror.in.th
www.mirror.in.th
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
2    2a03:2880:f012:10c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:3036::ac43:b0c2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.currency.wiki
3    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru
counter.yadro.ru
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
24    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
26 www.mirror.in.th www.mirror.in.th
24 tpc.googlesyndication.com www.mirror.in.th
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.mirror.in.th
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com www.mirror.in.th
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 www.google.com 2 redirects googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 counter.yadro.ru 2 redirects www.mirror.in.th
3 www.currency.wiki www.mirror.in.th
www.currency.wiki
2 code.jquery.com www.currency.wiki
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 connect.facebook.net www.mirror.in.th
connect.facebook.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com www.mirror.in.th
1 mirror.in.th 1 redirects
93 16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.liveinternet.ru
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
mirror.in.th
R3		 2021-01-27 -
2021-04-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-10 -
2021-07-10		 a year crt.sh
counter.yadro.ru
R3		 2021-03-22 -
2021-06-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 13 frames:

Primary Page: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Frame ID: 8B64A0FCE99C0A698EAF71085348B9CA
Requests: 47 HTTP requests in this frame

Frame: https://www.currency.wiki/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US
Frame ID: A343E5A0778D0BA2A32388DD8C26B26D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210407/r20190131/zrt_lookup.html
Frame ID: 2434B8E07A635328C3EC75B7BCB7FDB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&adk=1812271804&adf=3025194257&lmt=1618290377&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&ea=0&flash=0&pra=5&wgl=1&dt=1618290377055&bpp=13&bdt=180&idt=79&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2710399549474&frm=20&pv=2&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=95
Frame ID: CB46BFDA5F53850EFA8FEABC04AD1B60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Frame ID: 2E35D595CFA94A04C12F1226D24AA28A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Frame ID: B39AC0437E11C3A76F02D2AE9CFD933F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html
Frame ID: 5345D9D44FF35EF94D8BB4304EAD7240
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CZIo8ySZ1YIe6EZqq3gON8YX4C8uZkvFhhOKig4YOn9WYz9oZEAEg3e22D2CVAqABn-fS-QLIAQmpAvxtDBIE_bM-qAMByANIqgSJAk_QyNUkGAbuZQ9soGsw21zXSU1c7_Ni0iDQ1euu9nwPxxcaLN63kZ9QxhLey1A6HlgoW6nJmq-iohJzGWqxD1ULg_Isq_6RSL8mS4xZvwmfUgU6vEdV1ub9C5VSy2ByKNrMHlCPNtKxF0NvAZoEkBsW5PuvE5cA1kn60ygPKDRDXQi2Q1MbnnvFkJUKiQOdUrmuM9z-06rctdLnuzDsAjC5R7mBjuOgtL3yioUF9NetwjSajSRtolCjaCsN3ev4BVxdhS1i1PquZCPUB9uVUUmE7O7Pw-Yjx2FZB6RdOl9kRbbYkCEWghz1llvjjrd2lbxFPKkAZGTB_bjyY0mfnKigXs5XXavT6Z7ABNfx7rWwA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfJmK2GAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDIgGrSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItODQ4OTM3MjI2Mzc4ODg1Mw&sigh=eGBSEN3zvbo&template_id=419&tpd=AGWhJmvhTcTtfdnlh2ZrUSdDukwDrdJvvO7xBs0eaWcYzgThUQ
Frame ID: C04C75E33806DF21AD6808CC5C925FE9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 199824987DE87BD05DD29D85DC3708FC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/index.html
Frame ID: C2BCC0A3A4C4026AA658D559B78BA993
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CdeA2ySZ1YML0EY-GjuwPuduyyArLmZLxYfTjooOGDp_VmM_aGRABIN3ttg9glQKgAZ_n0vkCyAEJqQL8bQwSBP2zPqgDAcgDSKoEjwJP0PrWPqqszrwFN2sA13WqKWvVZ8_07v-cysaOKM32dqE2-zWagi6ZthRUsOSwqKFPHo3q6WY7weGt2kmRVs4ogvng0qvS-IcSAaIniO_V34bZAynrV4F8YlPRAvpFVkotOsQTGUNkpBYQ3vJp7aH40rCIWNkSkr0Rtm_91EsDL6lsJULeBdCL080dysjhmdg70mcdPqRoJVA2TgmlAVEzWc9bITQ6FvBUyTRyU_2lZnsZ3F_U13IpD4KVJ5qSeZ8cKUkK9t5Xs9V1LoEhhbyvnz27yCO4HdDRUBaY6sgNWhZgbe4Koanhz87UNykwUu_AGExHx7NjWm1LW8lR058aqyMFLsKHVxqMrVb-jp70wATX8e61sAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHyZithgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ28BA0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTg0ODkzNzIyNjM3ODg4NTM&sigh=IMcL5teVxUU&template_id=419&tpd=AGWhJmsuYWCVROQPvEZRsflITqV1l6dGXBrXAJEcPSMkMsJArA
Frame ID: 16564E4A3A01DAF0B5682FC6FC05F182
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 45BB25DC651202A8232D4FBAD9E97576
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: AF33A218C50B151EBBC974D7050DAE5B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb HTTP 301
    http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

93
Requests

67 %
HTTPS

80 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

1073 kB
Transfer

2509 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb HTTP 301
    http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • http://connect.facebook.net/th_TH/sdk.js HTTP 307
  • https://connect.facebook.net/th_TH/sdk.js
Request Chain 34
  • http://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20-%20mirror.in.th%20%u2013%20%u0E40%u0E27%u0E47%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E14%u0E48%u0E27%u0E19%u0E21%u0E32%u0E01%u0E41%u0E1A%u0E1A%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E09%u0E38%u0E01%u0E40%u0E09%u0E34%u0E19%u0E44%u0E14%u0E49%u0E08%u0E23%u0E34%u0E07%u0E41%u0E25%u0E30%u0E2A%u0E34%u0E19%u0E40%u0E0A%u0E37%u0E48%u0E2D%u0E01%u0E31%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E1A%u0E31%u0E15%u0E23%u0E01%u0E14%u0E40%u0E07%u0E34%u0E19%u0E2A%u0E14%u0E44%u0E21%u0E48%u0E21%u0E35%u0E2A%u0E25%u0E34%u0E1B%u0E40%u0E07%u0E34%u0E19%u0E40%u0E14%u0E37%u0E2D%u0E19%u0E43%u0E19%202021/2564;0.6535896628613769 HTTP 302
  • https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20-%20mirror.in.th%20%u2013%20%u0E40%u0E27%u0E47%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E14%u0E48%u0E27%u0E19%u0E21%u0E32%u0E01%u0E41%u0E1A%u0E1A%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E09%u0E38%u0E01%u0E40%u0E09%u0E34%u0E19%u0E44%u0E14%u0E49%u0E08%u0E23%u0E34%u0E07%u0E41%u0E25%u0E30%u0E2A%u0E34%u0E19%u0E40%u0E0A%u0E37%u0E48%u0E2D%u0E01%u0E31%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E1A%u0E31%u0E15%u0E23%u0E01%u0E14%u0E40%u0E07%u0E34%u0E19%u0E2A%u0E14%u0E44%u0E21%u0E48%u0E21%u0E35%u0E2A%u0E25%u0E34%u0E1B%u0E40%u0E07%u0E34%u0E19%u0E40%u0E14%u0E37%u0E2D%u0E19%u0E43%u0E19%202021/2564;0.6535896628613769 HTTP 302
  • https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20-%20mirror.in.th%20%u2013%20%u0E40%u0E27%u0E47%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E14%u0E48%u0E27%u0E19%u0E21%u0E32%u0E01%u0E41%u0E1A%u0E1A%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E09%u0E38%u0E01%u0E40%u0E09%u0E34%u0E19%u0E44%u0E14%u0E49%u0E08%u0E23%u0E34%u0E07%u0E41%u0E25%u0E30%u0E2A%u0E34%u0E19%u0E40%u0E0A%u0E37%u0E48%u0E2D%u0E01%u0E31%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E1A%u0E31%u0E15%u0E23%u0E01%u0E14%u0E40%u0E07%u0E34%u0E19%u0E2A%u0E14%u0E44%u0E21%u0E48%u0E21%u0E35%u0E2A%u0E25%u0E34%u0E1B%u0E40%u0E07%u0E34%u0E19%u0E40%u0E14%u0E37%u0E2D%u0E19%u0E43%u0E19%202021/2564;0.6535896628613769
Request Chain 63
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/
Redirect Chain
  • http://mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
  • http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
75 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx / PHP/7.1.21
Resource Hash
f7380f19ae51b5ee7cefd839677ff86e5a0a1da011150584b4706251b2e61e7a

Request headers

Host
www.mirror.in.th
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Vary
Accept-Encoding
X-Powered-By
PHP/7.1.21
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<https://www.mirror.in.th/wp-json/>; rel="https://api.w.org/"
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=5
X-Powered-By
PHP/7.1.21
Expires
Tue, 13 Apr 2021 06:06:16 GMT
Cache-Control
max-age=3600
X-Redirect-By
WordPress
Location
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
css
fonts.googleapis.com/ 		63 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Kanit:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6d92bc60b0e246165c3be165ac9e6a75a078258565e91669135f36ce0ea6830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 13 Apr 2021 05:06:16 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Tue, 13 Apr 2021 05:06:16 GMT
style.min.css
www.mirror.in.th/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 03:14:49 GMT
Server
nginx
ETag
W/"5fadfa29-d293"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
www.mirror.in.th/wp-content/plugins/Contact-Form-7-Range-Slider-Extender-master/css/ 		214 B
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/Contact-Form-7-Range-Slider-Extender-master/css/styles.css?ver=5.5.3
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
2e962b5f7f6f0418d10f095ae0f5e8e69fccdfc1f20a674ce0e6f6ac345752c8

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Last-Modified
Sat, 02 May 2020 21:15:18 GMT
Server
nginx
ETag
"5eade2e6-d6"
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
214
Expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
www.mirror.in.th/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.9
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 May 2020 09:21:35 GMT
Server
nginx
ETag
W/"5ed2259f-6d2"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
cf7msm.css
www.mirror.in.th/wp-content/plugins/contact-form-7-multi-step-module/resources/ 		100 B
426 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/contact-form-7-multi-step-module/resources/cf7msm.css?ver=4.0.7
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
87a003cf9e8a3c4bd9a64c68129a5a9712522f3ab6f6d8f1dd9a68bc6698eae0

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Last-Modified
Mon, 05 Oct 2020 14:16:44 GMT
Server
nginx
ETag
"5f7b2acc-64"
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
100
Expires
Thu, 31 Dec 2037 23:55:55 GMT
seed-social.css
www.mirror.in.th/wp-content/plugins/seed-social/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/seed-social/seed-social.css?ver=5.5.3
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
343a31cf03a38a641dab0a2b6998a8f7b6664e95a0c6af7b0676665972e8b416

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 05:27:05 GMT
Server
nginx
ETag
W/"5fae1929-25cc"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
www.mirror.in.th/wp-content/plugins/taxonomy-images/css/ 		447 B
589 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/taxonomy-images/css/style.css?ver=0.9.6
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 May 2020 17:48:12 GMT
Server
nginx
ETag
W/"5eb2f85c-1bf"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
www.mirror.in.th/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 		438 B
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.11
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 05:32:09 GMT
Server
nginx
ETag
W/"5fae1a59-1b6"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
screen.min.css
www.mirror.in.th/wp-content/plugins/easy-table-of-contents/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.11
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
d8faea6e218910bf83cd1e7fe9775b3b75195df3c16a3f4eea74b75f9b881dce

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 05:32:09 GMT
Server
nginx
ETag
W/"5fae1a59-13b8"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
unsemantic-grid.min.css
www.mirror.in.th/wp-content/themes/lalita/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/themes/lalita/css/unsemantic-grid.min.css?ver=1.1.1
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
9bd80d0cd9724399016838c2141ec1ad07492ff6eb7ed039c206bdd2fc2efd56

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 12:20:16 GMT
Server
nginx
ETag
W/"5f7b0f80-3107"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
www.mirror.in.th/wp-content/themes/lalita/ 		48 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/themes/lalita/style.min.css?ver=1.1.1
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
2dac88aee48ea7751b5f245a682f544de72c5572208f0396c30ea1ca22207e4b

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Dec 2020 15:45:02 GMT
Server
nginx
ETag
W/"5fcf9f7e-be72"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
mobile.min.css
www.mirror.in.th/wp-content/themes/lalita/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/themes/lalita/css/mobile.min.css?ver=1.1.1
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
e21beb66b137cd5016dba92f01a9ca2283c2a1e2c06572367103817199ab9c7b

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 12:20:16 GMT
Server
nginx
ETag
W/"5f7b0f80-1762"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
www.mirror.in.th/wp-content/themes/lalita/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/themes/lalita/css/font-awesome.min.css?ver=5.1
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 12:20:16 GMT
Server
nginx
ETag
W/"5f7b0f80-7918"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
www.mirror.in.th/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 03:14:08 GMT
Server
nginx
ETag
W/"5fadfa00-17a69"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2e177830a5036b9aedc8dad8d69cd5dd4e9d0e72875d88b442b81b8088ee577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48396
x-xss-protection
0
server
cafe
etag
16994672417906242137
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Apr 2021 05:06:16 GMT
logotheone.png
www.mirror.in.th/wp-content/uploads/2020/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mirror.in.th/wp-content/uploads/2020/11/logotheone.png
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
b554671ab1684f9a43cb7266fd45c3a531db503ff887350ca0d389d43d68899a

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
last-modified
Tue, 05 Jan 2021 15:24:02 GMT
server
nginx
etag
"5ff48492-1f89"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8073
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
www.mirror.in.th/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 03:12:41 GMT
Server
nginx
ETag
W/"5fadf9a9-37a6"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
www.mirror.in.th/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.9
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
72ebfeb1ce24b152349b7a231f6fc29ff2a2b7a5ede91dcdb80d6b9de1779046

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 May 2020 09:21:35 GMT
Server
nginx
ETag
W/"5ed2259f-3923"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
cf7msm.min.js
www.mirror.in.th/wp-content/plugins/contact-form-7-multi-step-module/resources/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/contact-form-7-multi-step-module/resources/cf7msm.min.js?ver=4.0.7
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
efffa60902896ad8ce90034c4b8544a2b25d9794134af7f9b6c90ed4e4f8a7f0

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 14:16:44 GMT
Server
nginx
ETag
W/"5f7b2acc-1120"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
seed-social.js
www.mirror.in.th/wp-content/plugins/seed-social/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/plugins/seed-social/seed-social.js?ver=2016-1
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
c32cd8708a0aed879977869bb1f6dbbfa34e0a52335b2a0c88091d4d9326f165

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 05:27:05 GMT
Server
nginx
ETag
W/"5fae1929-14b6"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
menu.min.js
www.mirror.in.th/wp-content/themes/lalita/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/themes/lalita/js/menu.min.js?ver=1.1.1
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
8a3a03898f0f6b6db74de0d56cc821ae7295d67d31a22b59a7c16eaa2daacd65

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 12:20:16 GMT
Server
nginx
ETag
W/"5f7b0f80-1089"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
a11y.min.js
www.mirror.in.th/wp-content/themes/lalita/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/themes/lalita/js/a11y.min.js?ver=1.1.1
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
be20de3a75c920215ec4a03716f1f865c19e75229ce4f4d1a0f99739ee1b0e07

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 12:20:16 GMT
Server
nginx
ETag
W/"5f7b0f80-87d"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
navigation-search.min.js
www.mirror.in.th/wp-content/themes/lalita/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/themes/lalita/js/navigation-search.min.js?ver=1.1.1
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
ca92a1432ce7addce0ffe6d4f6e2941673dcdd929c3ae71928416e044ae4f5fa

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 12:20:16 GMT
Server
nginx
ETag
W/"5f7b0f80-862"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
back-to-top.min.js
www.mirror.in.th/wp-content/themes/lalita/js/ 		688 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/themes/lalita/js/back-to-top.min.js?ver=1.1.1
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
97b0276c1d6ad342eb71280685c69628b2c07cf613a763e872d527faafc0e416

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 12:20:16 GMT
Server
nginx
ETag
W/"5f7b0f80-2b0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
www.mirror.in.th/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 03:12:41 GMT
Server
nginx
ETag
W/"5fadf9a9-59a"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sdk.js
connect.facebook.net/th_TH/
Redirect Chain
  • http://connect.facebook.net/th_TH/sdk.js
  • https://connect.facebook.net/th_TH/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44b8ddbdc890416292fdc331d4b0d0709dc750985f92f43536986faa4076501c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
+njsbzf0Tz0wuRupVG+Oww==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
XuYHLr5c0/n5o+qfXX7LFqNUvP5Hm37AAuGSg26IwcSRMNfjJ3H2lA+A5ypyLRl3b+kM8X7IdAgOLYvLJyLxHQ==
x-fb-trip-id
1512268381
x-fb-content-md5
37f4b3f29401d9d25add1e40bfb3c363
x-frame-options
DENY
date
Tue, 13 Apr 2021 05:06:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"97af1ace126074b0b018f63120120a99"
timing-allow-origin
*
expires
Tue, 13 Apr 2021 05:17:04 GMT

Redirect headers

Location
https://connect.facebook.net/th_TH/sdk.js#xfbml=1&version=v2.0
Non-Authoritative-Reason
HSTS
rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx / PHP/7.1.21
Resource Hash
2992b13039e6f3321baf946526a5e87ac0348d71909d2608a9c0c8eea7fcbf86

Request headers

Referer
http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:17 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.1.21
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Link
<https://www.mirror.in.th/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=5
Expires
Wed, 11 Jan 1984 05:00:00 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Kanit:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.mirror.in.th
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 11 Apr 2021 10:03:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:09:47 GMT
Server
sffe
Age
154957
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
14880
X-XSS-Protection
0
Expires
Mon, 11 Apr 2022 10:03:39 GMT
wpkoi.woff2
www.mirror.in.th/wp-content/themes/lalita/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.mirror.in.th/wp-content/themes/lalita/fonts/wpkoi.woff2
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/wp-content/themes/lalita/style.min.css?ver=1.1.1
Protocol
HTTP/1.1
Server
178.208.83.40 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
s4.h.mchost.ru
Software
nginx /
Resource Hash
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Origin
http://www.mirror.in.th
Referer
http://www.mirror.in.th/wp-content/themes/lalita/style.min.css?ver=1.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 05:06:16 GMT
Last-Modified
Mon, 05 Oct 2020 12:20:16 GMT
Server
nginx
ETag
"5f7b0f80-4f0"
Content-Type
application/octet-stream
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1264
Expires
Thu, 31 Dec 2037 23:55:55 GMT
XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Kanit:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.mirror.in.th
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 02:03:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25 Nov 2020 02:44:23 GMT
Server
sffe
Age
442974
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
19088
X-XSS-Protection
0
Expires
Fri, 08 Apr 2022 02:03:22 GMT
nKKU-Go6G5tXcr4WPBWzVaF5NQ.woff2
fonts.gstatic.com/s/kanit/v7/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/kanit/v7/nKKU-Go6G5tXcr4WPBWzVaF5NQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Kanit:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4b56bba8e2c262f1b78006ecb414fc8454576dd594ec9a58c1f0946fc63e370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.mirror.in.th
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 22:18:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 01 Sep 2020 04:20:09 GMT
Server
sffe
Age
456459
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13764
X-XSS-Protection
0
Expires
Thu, 07 Apr 2022 22:18:37 GMT
embed
www.currency.wiki/widget/ Frame A343 		80 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.currency.wiki/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b0c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bbc433c7f40e466a9a9d90f036b4989cb2296919aaddad12fe6c1a979e9f2bf

Request headers

:method
GET
:authority
www.currency.wiki
:scheme
https
:path
/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.mirror.in.th/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.mirror.in.th/

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d75485c9c26c39e0779f3494ae13f212b1618290377; expires=Thu, 13-May-21 05:06:17 GMT; path=/; domain=.currency.wiki; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6InNDcm5aUTFTOVYxVWo3T3A4eTBDY0E9PSIsInZhbHVlIjoicEtzWlFJYnVGVGNzZHpoSXRqc0VXenBQcG1Jbk5yanV5WlB5bS9hU1Ftdm5nU2xEL3dHZm45OGh1dzQ1TXVzdHJPUEhCS1cyUHkwOXNqekdqNXMwZlJGV2tVbWFWRWp0NFQwY2RZeWNZcWtoRjcrZ25GdjlWSWVRWldmc3Z0R3IiLCJtYWMiOiJlZWNjOTNhNjgwZTdhNGU4YmZiYjE2OTU5MzI1ZDk5NDRhNmRlYTA0ZmYyMzdkZWM2ZTFlMzNjNWU2YmM4YWVhIn0%3D; expires=Tue, 13-Apr-2021 07:06:17 GMT; Max-Age=7200; path=/; samesite=lax currencywiki_session=eyJpdiI6InRibmZPeWwwc0xYZlNTbmtJdjNFSmc9PSIsInZhbHVlIjoiaE0ya1NUczlTZkwzQ3RlWFkxbm90T2ZQUHpnZjd2bVJweDYyOTNzWU15TGtVckVJYitEWXVYZ21lTTBpTmRMRkFURWtzcGNlNzAwRGY1b2w3S1pxMWdkSFlzOXpYMjlzTkxTUWJZdnMrNFIvZFE4UUtCdllQeG9tWTYvanpWM2QiLCJtYWMiOiJkZjQ0MzQwMTE0NmE5NzMzMzUwNTU3MmMyZjM3YmI2YjJkOWJmZTFmMDUxNjFiNDVhY2I3YTFjMWU3NjA5NTc4In0%3D; expires=Tue, 13-Apr-2021 07:06:17 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control
no-cache, private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
096b38995800004d84cb331000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mfv566DNK4BE%2BVqghk%2Bf%2BlnkpyAJtB%2BzrZLuOrtXU%2FpzNa%2BLh4rijYm24bu4s2GjwjzBp7FNCgj44OAEZPa%2Fo8Zm%2FjeaN0AfIpXHANqlcYXfAqIxxZqr2qWgTm5Kcw%3D%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
63f22a088d9f4d84-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Kanit:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic|Nunito:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.mirror.in.th
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 03:32:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:09:33 GMT
Server
sffe
Age
92051
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9604
X-XSS-Protection
0
Expires
Tue, 12 Apr 2022 03:32:06 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u04...
  • https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0...
  • https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%...
393 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20-%20mirror.in.th%20%u2013%20%u0E40%u0E27%u0E47%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E14%u0E48%u0E27%u0E19%u0E21%u0E32%u0E01%u0E41%u0E1A%u0E1A%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E09%u0E38%u0E01%u0E40%u0E09%u0E34%u0E19%u0E44%u0E14%u0E49%u0E08%u0E23%u0E34%u0E07%u0E41%u0E25%u0E30%u0E2A%u0E34%u0E19%u0E40%u0E0A%u0E37%u0E48%u0E2D%u0E01%u0E31%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E1A%u0E31%u0E15%u0E23%u0E01%u0E14%u0E40%u0E07%u0E34%u0E19%u0E2A%u0E14%u0E44%u0E21%u0E48%u0E21%u0E35%u0E2A%u0E25%u0E34%u0E1B%u0E40%u0E07%u0E34%u0E19%u0E40%u0E14%u0E37%u0E2D%u0E19%u0E43%u0E19%202021/2564;0.6535896628613769
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.17.9 /
Resource Hash
08546d488fce714d533594d2eb6480005267aa542f1d16e84bc49b5e381a8ed8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Apr 2021 05:06:17 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
393
Expires
Sun, 12 Apr 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 13 Apr 2021 05:06:17 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20-%20mirror.in.th%20%u2013%20%u0E40%u0E27%u0E47%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E14%u0E48%u0E27%u0E19%u0E21%u0E32%u0E01%u0E41%u0E1A%u0E1A%u0E40%u0E07%u0E34%u0E19%u0E01%u0E39%u0E49%u0E09%u0E38%u0E01%u0E40%u0E09%u0E34%u0E19%u0E44%u0E14%u0E49%u0E08%u0E23%u0E34%u0E07%u0E41%u0E25%u0E30%u0E2A%u0E34%u0E19%u0E40%u0E0A%u0E37%u0E48%u0E2D%u0E01%u0E31%u0E1A%u0E2A%u0E21%u0E31%u0E04%u0E23%u0E1A%u0E31%u0E15%u0E23%u0E01%u0E14%u0E40%u0E07%u0E34%u0E19%u0E2A%u0E14%u0E44%u0E21%u0E48%u0E21%u0E35%u0E2A%u0E25%u0E34%u0E1B%u0E40%u0E07%u0E34%u0E19%u0E40%u0E14%u0E37%u0E2D%u0E19%u0E43%u0E19%202021/2564;0.6535896628613769
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sun, 12 Apr 2020 21:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/ 		220 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
524ab8ce722fd84999ab057cfa8eba4cc8352b38873cb72bfce586bc9e07a5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84040
x-xss-protection
0
server
cafe
etag
6419256952387698069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Apr 2021 05:06:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210407/r20190131/ Frame 2434 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210407/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210407/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.mirror.in.th/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.mirror.in.th/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 12 Apr 2021 22:47:46 GMT
expires
Mon, 26 Apr 2021 22:47:46 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
22711
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		202 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.mirror.in.th&callback=_gfp_s_&client=ca-pub-8489372263788853
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
6eaca8706c642d30cd4b619a2050ffa098f10d419d4a7a38e45d8895e28bbb8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mirror.in.th
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mirror.in.th
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CB46 		6 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&adk=1812271804&adf=3025194257&lmt=1618290377&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&ea=0&flash=0&pra=5&wgl=1&dt=1618290377055&bpp=13&bdt=180&idt=79&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2710399549474&frm=20&pv=2&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=95
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a40502d62feec710025eaf5a6686562d03a9a8bcede64f8e24c55dee0d2d901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8489372263788853&output=html&adk=1812271804&adf=3025194257&lmt=1618290377&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&ea=0&flash=0&pra=5&wgl=1&dt=1618290377055&bpp=13&bdt=180&idt=79&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2710399549474&frm=20&pv=2&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=95
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.mirror.in.th/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.mirror.in.th/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 13 Apr 2021 05:06:17 GMT
server
cafe
content-length
883
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 13-Apr-2021 05:21:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Apr 2021 05:06:17 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988871915048"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28262
x-xss-protection
0
expires
Tue, 13 Apr 2021 05:06:17 GMT
api.js
www.currency.wiki/cdn-cgi/bm/cv/669835187/ Frame A343 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.currency.wiki/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: www.currency.wiki
URL: https://www.currency.wiki/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b0c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.currency.wiki/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aQUebQZR%2BIdugKsA0bHEY3PbJgEz11Bn0053AT1jFbZuB%2FcQ0psPuMsRbfHlgzM%2F9HyMmLtei%2FGddouq2SgB2sFwBqXQGlzJ9FdGOxrblSNgUIY1NcHAtCfQ%2F6tv7g%3D%3D"}]}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
63f22a098f8d4d84-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096b3899f700004d84f792d000000001
jquery-1.12.0.min.js
code.jquery.com/ Frame A343 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.0.min.js
Requested by
Host: www.currency.wiki
URL: https://www.currency.wiki/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

Referer
https://www.currency.wiki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2016 19:57:42 GMT
server
nginx
etag
W/"569014b6-17c52"
vary
Accept-Encoding
x-hw
1618290377.dop201.fr8.t,1618290377.cds219.fr8.hn,1618290377.cds284.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33820
jquery-migrate-1.2.1.min.js
code.jquery.com/ Frame A343 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: www.currency.wiki
URL: https://www.currency.wiki/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer
https://www.currency.wiki/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
etag
W/"54499a48-1c1f"
vary
Accept-Encoding
x-hw
1618290377.dop201.fr8.t,1618290377.cds219.fr8.hn,1618290377.cds161.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3063
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mirror.in.th
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mirror.in.th
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2E35 		108 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d18a96a16ad3a6a28a35f0ad1f8ed8be0c4e60550ad3aa4cacd9b65a1bf2424
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMfC07i5-u8CFRqVdwodjXgBvw&gqi=ySZ1YMiCEZKk3wOj8pSYBQ&layout=/sadbundle/%24csp%253Der3%24/10720351998250112385/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.mirror.in.th/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.mirror.in.th/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMfC07i5-u8CFRqVdwodjXgBvw&gqi=ySZ1YMiCEZKk3wOj8pSYBQ&layout=/sadbundle/%24csp%253Der3%24/10720351998250112385/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 13 Apr 2021 05:06:17 GMT
server
cafe
content-length
36186
x-xss-protection
0
set-cookie
IDE=AHWqTUmIH-_OGq9W8xfub_boHbk1EmUP9Z6fdOmIPAKlWF_hmaSPhJET8hYht3LhJN8; expires=Sun, 08-May-2022 05:06:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Apr 2021 05:06:17 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B39A 		107 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
236161370ec57bc8eaa893a9094cf0e2cfc85f333ec3742de41e4e50af7f2426
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIL907i5-u8CFQ-Dgwcdua0MqQ&gqi=ySZ1YMe3EZTd3wPq6ZPYCg&layout=/sadbundle/%24csp%253Der3%24/18061461920401464292/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.mirror.in.th/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.mirror.in.th/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIL907i5-u8CFQ-Dgwcdua0MqQ&gqi=ySZ1YMe3EZTd3wPq6ZPYCg&layout=/sadbundle/%24csp%253Der3%24/18061461920401464292/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 13 Apr 2021 05:06:17 GMT
server
cafe
content-length
36031
x-xss-protection
0
set-cookie
IDE=AHWqTUkTIHuvGS2EcoR8A8k55c9rqS2oQjmesGRi83Wg-b2SftZzs2SQySaUzaXjvnM; expires=Sun, 08-May-2022 05:06:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Apr 2021 05:06:17 GMT
cache-control
private
sdk.js
connect.facebook.net/th_TH/ 		217 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js?hash=fd2fdf91bbf376288e876925c91a78f3&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/th_TH/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2b9842aa1fe82f73d4f20ac8bb1d8682590e36c6efe25632976b98aab47ff417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://www.mirror.in.th
Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
CgLWd1iJKoUIU1zB7HNkAA==
cross-origin-resource-policy
cross-origin
expires
Wed, 13 Apr 2022 04:57:14 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65555
x-fb-rlafr
0
x-fb-debug
R6tKf6eo/Si1xLOpB9fBjwxa+vOdSWV7m1SJMk5UtjPq0fWtHhld2rwYLx4lPN5+5TMTSxCHuApOm0u5HwM4gg==
x-fb-trip-id
1512268381
x-fb-content-md5
98cfb7eec1221542860e02406723e301
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 13 Apr 2021 05:06:17 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"eea33ed86b1a5f900226b3aae7634b26"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
result
www.currency.wiki/cdn-cgi/bm/cv/ Frame A343 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.currency.wiki/cdn-cgi/bm/cv/result?req_id=63f22a088d9f4d84
Requested by
Host: www.currency.wiki
URL: https://www.currency.wiki/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b0c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.currency.wiki/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I0kNf4Kt2l6hKsksg6HD5X92ljx2otT15WJjuZlddEnanJp8lprprWSw9R%2FuMvrqvqTyXXpg1jCQ%2Fhk0f6YPwGYZBjW7r1ldqQXNel%2F1dueod3I%2BqOUtynsWiz3Nig%3D%3D"}]}
cf-ray
63f22a0a795c4d84-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096b389a8a00004d84959ac000000001
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 5345 		62 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
def51a725fcbf670ed1ca1d44fdfaea4ba74f4ed993d59fd28e8e35d88d2190e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/10720351998250112385/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 06 Apr 2021 15:19:47 GMT
expires
Wed, 06 Apr 2022 15:19:47 GMT
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
16675
age
567990
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame C04C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZIo8ySZ1YIe6EZqq3gON8YX4C8uZkvFhhOKig4YOn9WYz9oZEAEg3e22D2CVAqABn-fS-QLIAQmpAvxtDBIE_bM-qAMByANIqgSJAk_QyNUkGAbuZQ9soGsw21zXSU1c7_Ni0iDQ1euu9nwPxxcaLN63kZ9QxhLey1A6HlgoW6nJmq-iohJzGWqxD1ULg_Isq_6RSL8mS4xZvwmfUgU6vEdV1ub9C5VSy2ByKNrMHlCPNtKxF0NvAZoEkBsW5PuvE5cA1kn60ygPKDRDXQi2Q1MbnnvFkJUKiQOdUrmuM9z-06rctdLnuzDsAjC5R7mBjuOgtL3yioUF9NetwjSajSRtolCjaCsN3ev4BVxdhS1i1PquZCPUB9uVUUmE7O7Pw-Yjx2FZB6RdOl9kRbbYkCEWghz1llvjjrd2lbxFPKkAZGTB_bjyY0mfnKigXs5XXavT6Z7ABNfx7rWwA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfJmK2GAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDIgGrSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItODQ4OTM3MjI2Mzc4ODg1Mw&sigh=eGBSEN3zvbo&template_id=419&tpd=AGWhJmvhTcTtfdnlh2ZrUSdDukwDrdJvvO7xBs0eaWcYzgThUQ
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 13 Apr 2021 05:06:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/ Frame C04C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
3769647970510480794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Apr 2021 05:03:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame C04C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Apr 2021 05:01:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C04C 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988883687958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Tue, 13 Apr 2021 05:06:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame C04C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Apr 2021 05:00:23 GMT
l
www.google.com/ads/measurement/ Frame C04C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxIEcVAFXafxO1CIvuJ-MrJJzeEVKQZ4ZqlYWrBjuQ2GSXH59JMClZ0dM6VBrpNzKQEP_QmSLsolVqetMIMtIvrbdBUQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1998 		143 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmIH-_OGq9W8xfub_boHbk1EmUP9Z6fdOmIPAKlWF_hmaSPhJET8hYht3LhJN8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 13 Apr 2021 04:23:25 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2572
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame C04C 		0
433 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMfC07i5-u8CFRqVdwodjXgBvw&gqi=ySZ1YMiCEZKk3wOj8pSYBQ&layout=/sadbundle/%24csp%253Der3%24/10720351998250112385/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 13 Apr 2021 05:06:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5345 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 01:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 14 Apr 2021 01:08:59 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5345 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 18:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 13 Apr 2021 18:54:37 GMT
truncated
/ Frame C04C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d48d99ae252bc67b006d50e02db7f6aa76165d7e5054796904c1071f12fd6b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1998
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=600&adk=1911123662&adf=1198547945&pi=t.aa~a.2527645129~rp.3&w=240&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=240x600&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1618290377258&bpp=2&bdt=383&idt=-M&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1100&ady=1269&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kf8GHU1TlV&p=http%3A//www.mirror.in.th&dtd=11
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmIH-_OGq9W8xfub_boHbk1EmUP9Z6fdOmIPAKlWF_hmaSPhJET8hYht3LhJN8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 13 Apr 2021 05:06:17 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 13-Apr-2021 06:06:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Apr 2021 05:06:17 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 13 Apr 2021 05:06:17 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
pagead2.googlesyndication.com/bg/ Frame 5345 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 12:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
145943
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Mon, 11 Apr 2022 12:33:54 GMT
cta_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 5345 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/cta_DE.png
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
567990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8540
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 06 Apr 2021 15:19:47 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:19:47 GMT
fechas_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 5345 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/fechas_vertical_DE.png
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
567990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13906
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 06 Apr 2021 15:19:47 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:19:47 GMT
experiencia_vertical_DE_3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 5345 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/experiencia_vertical_DE_3.png
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
567990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15206
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 06 Apr 2021 15:19:47 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:19:47 GMT
summercamp_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 5345 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/summercamp_vertical_DE.png
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
567990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16162
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 06 Apr 2021 15:19:47 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:19:47 GMT
fondo300x600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/ Frame 5345 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10720351998250112385/fondo300x600.jpg
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68f96405ee7361a1d6c8f0749d87ae10e5d2c10c76330d1eb23b92c11a875603
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
567990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88114
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:33:45 GMT
server
sffe
date
Tue, 06 Apr 2021 15:19:47 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:19:47 GMT
truncated
/ Frame 5345 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/ Frame C2BC 		62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/index.html
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c21b52cae73bd0405eac4f1fd6f979491f5053bfc385d84cd3c4b45bb4fcf3a1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/18061461920401464292/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 06 Apr 2021 15:06:26 GMT
expires
Wed, 06 Apr 2022 15:06:26 GMT
last-modified
Tue, 06 Apr 2021 13:34:02 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
16683
age
568791
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 1656 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CdeA2ySZ1YML0EY-GjuwPuduyyArLmZLxYfTjooOGDp_VmM_aGRABIN3ttg9glQKgAZ_n0vkCyAEJqQL8bQwSBP2zPqgDAcgDSKoEjwJP0PrWPqqszrwFN2sA13WqKWvVZ8_07v-cysaOKM32dqE2-zWagi6ZthRUsOSwqKFPHo3q6WY7weGt2kmRVs4ogvng0qvS-IcSAaIniO_V34bZAynrV4F8YlPRAvpFVkotOsQTGUNkpBYQ3vJp7aH40rCIWNkSkr0Rtm_91EsDL6lsJULeBdCL080dysjhmdg70mcdPqRoJVA2TgmlAVEzWc9bITQ6FvBUyTRyU_2lZnsZ3F_U13IpD4KVJ5qSeZ8cKUkK9t5Xs9V1LoEhhbyvnz27yCO4HdDRUBaY6sgNWhZgbe4Koanhz87UNykwUu_AGExHx7NjWm1LW8lR058aqyMFLsKHVxqMrVb-jp70wATX8e61sAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHyZithgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ28BA0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTg0ODkzNzIyNjM3ODg4NTM&sigh=IMcL5teVxUU&template_id=419&tpd=AGWhJmsuYWCVROQPvEZRsflITqV1l6dGXBrXAJEcPSMkMsJArA
Requested by
Host: www.mirror.in.th
URL: http://www.mirror.in.th/ubuntu/pool/universe/r/rsyslog/rsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 13 Apr 2021 05:06:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/ Frame 1656 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
3769647970510480794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Apr 2021 05:03:38 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 1656 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 04:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
788
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Apr 2021 04:53:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1656 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988883687958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Tue, 13 Apr 2021 05:06:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/ Frame 1656 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210407/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Apr 2021 05:00:23 GMT
l
www.google.com/ads/measurement/ Frame 1656 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIMu5Sj6SjHXLBGMDARhK5FAKEz_FohemdJGvJS0wodhfkLBBfw-8NSXXrGr_0A6PQIcBiO5AXJuskFvtnUrK17UNAFw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame 45BB 		143 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkTIHuvGS2EcoR8A8k55c9rqS2oQjmesGRi83Wg-b2SftZzs2SQySaUzaXjvnM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 13 Apr 2021 04:23:25 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2572
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 1656 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIL907i5-u8CFQ-Dgwcdua0MqQ&gqi=ySZ1YMe3EZTd3wPq6ZPYCg&layout=/sadbundle/%24csp%253Der3%24/18061461920401464292/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 13 Apr 2021 05:06:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C2BC 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 01:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 14 Apr 2021 01:08:59 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C2BC 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 18:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 13 Apr 2021 18:54:37 GMT
truncated
/ Frame 1656 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23f41b1c971b3368a875bf75f1fd536fb5ae924349b3796ead199f032c6f7584

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210407&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55af3fdfdc5925d2cf72a57ea07b262827f5e53fd0a0091f8b4543687e020cde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6477
x-xss-protection
0
truncated
/ Frame A343 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
018e10b5b0a2934f9305885806e671af8f1f66ad6efee6af2d508227942b0a37

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A343 		535 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d24628c01669011268da9e920146b99d3d1687aa0efc5445595116b8a2ab380

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
si
googleads.g.doubleclick.net/pagead/drt/ Frame 45BB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8489372263788853&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1974816263~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1618290377&rafmt=1&to=qs&pwprc=8770163591&psa=0&format=1200x90&url=http%3A%2F%2Fwww.mirror.in.th%2Fubuntu%2Fpool%2Funiverse%2Fr%2Frsyslog%2Frsyslog-gnutls_8.16.0-1ubuntu3.1_i386.deb&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1618290377258&bpp=1&bdt=383&idt=1&shv=r20210407&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x600&nras=3&correlator=2710399549474&frm=20&pv=1&ga_vid=216492135.1618290377&ga_sid=1618290377&ga_hid=161388294&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2606&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44736525%2C44740079&oid=3&pvsid=3117396109949730&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2NGKavAQCU&p=http%3A//www.mirror.in.th&dtd=18
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUkTIHuvGS2EcoR8A8k55c9rqS2oQjmesGRi83Wg-b2SftZzs2SQySaUzaXjvnM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 13 Apr 2021 05:06:17 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 13-Apr-2021 06:06:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Apr 2021 05:06:17 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 13 Apr 2021 05:06:17 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210407/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8489372263788853&plah=www.mirror.in.th&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 05:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 13 Apr 2021 05:06:17 GMT
DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
pagead2.googlesyndication.com/bg/ Frame C2BC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 12:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
145943
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Mon, 11 Apr 2022 12:33:54 GMT
cta_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/ Frame C2BC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/cta_DE.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
568790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8540
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:34:02 GMT
server
sffe
date
Tue, 06 Apr 2021 15:06:27 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:06:27 GMT
fecha_horiz_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/ Frame C2BC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/fecha_horiz_DE.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bb53a58d114d0b517b2409c1fed60d5f4da839a2c756536ef6b9106e7831d8c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
568790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11553
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:34:02 GMT
server
sffe
date
Tue, 06 Apr 2021 15:06:27 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:06:27 GMT
experiencia_horiz_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/ Frame C2BC 		11 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/experiencia_horiz_DE.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9b4015860e510fa7949c2dad3f004e40d3aaaf6acd36f443dba77dc2762e8c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
568790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11625
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:34:02 GMT
server
sffe
date
Tue, 06 Apr 2021 15:06:27 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:06:27 GMT
summercamp_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/ Frame C2BC 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/summercamp_vertical_DE.png
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
568790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16162
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:34:02 GMT
server
sffe
date
Tue, 06 Apr 2021 15:06:27 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:06:27 GMT
fondo728x90_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/ Frame C2BC 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18061461920401464292/fondo728x90_1.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79649b88e223357ccb014f0b2d30c65923a2834167a845ca2e0e754106bc24b3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
568790
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68304
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:34:02 GMT
server
sffe
date
Tue, 06 Apr 2021 15:06:27 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 15:06:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame AF33 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.mirror.in.th/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.mirror.in.th/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 12 Apr 2021 20:39:41 GMT
expires
Tue, 12 Apr 2022 20:39:41 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
30396
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
pagead2.googlesyndication.com/bg/ Frame AF33 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 12:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
145943
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Mon, 11 Apr 2022 12:33:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210407&jk=3117396109949730&bg=!V1SlVBDNAAY56aLOOek7ACkAdvg8WnSZx91NKANNd9V8BUBmasvicdmv4zFz-wTsjcOrgUm373T-zwIAAABFUgAAAAtoAQcKAUenBUpJsHJDgGr-PprqVYokxpdkP3r51X9j4MYGSzVS2jcEbs4UFDLDmqwjt_z5zJ2fe9oZVWGWDFXAy5ALAYrDKgb8KOXAC9O_G-GABWO6aTap0Ioksewflgec-dD2d0CmFRE9zupgJpOxDRBQWgzw7NFWRzDz5x79mdjvH20qYsYwha9ysiRQaTbY5OxKCHyD8yxctLlFIyQ_0ki_Q8MpR32bkhYFeocQNGcNHlx-qK7WLqYWVUNqfNE6Nb7mxLaGhR2ueBPkJrTcOmliAmZNgNi8cADtn6qahL13b79Mx6RszvNSOe33NGO5FlSrZ0DUcjcCZahUeAitnbmU_panjqashMyC7ptLxpbnROrYW9oby2lYVspaUF_W2718co1vp-6Rm0cM1Qu2V0lYd32AXrIWQMrIXIcbexo6yZvBpjR6z0rDThCZAdJBQjeSVtQE1zPs7Ai2nzwe4BPdMKiMRLAMf-mbyEmlO9giETKtshFMaydKWmfVQVz-YAFKRTeVCQtlGN8qd1j1nznr6T1yV5DvDbZ_XAdKgoZlbMX29DvviFtwh509-dAYvRIaOU9zo-NcBeuqyF7mqT6M5KrpoBK_oaQC8KyD9J_UYMhqvVbwQKoG_8kElxouQz35JQds9CY33gibY-11P7Z_qc8LyYMxvMH1h-z3oZVeIUT6Hekt9QKL-TKBomKU8lEDN9BehX1No9LHQ7bKT4WwyKRdLZHWvINpXtiOZhaf4MXfixOcPHide9-ihpFqV6wGx-FmiV0o17yVQvt8n48dj8uQ9dCb7Faz4bCKruoKa1RjpHY1XkoxeJf4GfJLZutLGPpAeln5zYZRFqiDKg15qjxcM79YgpFYF81AdgP1mpvyIhujhRuUhLuSnrFEAqFe_-yqyp0D2KkHfu9XYngduXA_wkLl7_XU3ImK8DDB5r7-ZLyv6NIDefaM8worxDdWUH5_aK1t0nf8S0-ZKRY5UBc7GLXVhTKRFSzBE1YzUL0kfU13IBvm7Zf23W1b-1MyinAz0I24G6O4KgW638D8iPuxZQh_4NOcBWytHz6a
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Apr 2021 05:06:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-8489372263788853&su=www.mirror.in.th&doc=complete&pg_h=2866&pg_w=1600&pg_hs=2866&c=0&aa_c=2&av_h=345&av_w=920&av_a=144000&all_s=737&all_b=170&d=0&all_d=0.241&ard=0&all_ard=0.063&dt=d
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mirror.in.th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Apr 2021 05:06:18 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| wc function| widgetTrigger object| wpcf7 object| cf7msm_posted_data function| cf7msm_uniqueArray function| cf7msm_hasSS function| quoteattr function| escapeattr undefined| cf7msm_ss object| passfield undefined| uri undefined| passencrypt undefined| url undefined| fbcount undefined| fbRawCount undefined| fbNumCount undefined| request object| seedButtons function| passdecrypt object| wp object| twemoji object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| google_lpabyc object| FB object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.currency.wiki/ Name: __cf_bm
Value: 0cbea540d800ee3b93da314de5bc533bd17a95b7-1618290377-1800-AboKzm7ZgZwZbGG3+Vq9aN2iw/nBYzmZ/oSU75X4FtxLZdy5tov0WZuBGrQbz9VFZ6JBqOM94ePv2QFdF3WSksrxO77NUowWM4LnvKWnGrSnxbZNYZUzG45C3S2yrQ+NpKfRgYVwjphn6MRvcSb0dKc=
.doubleclick.net/ Name: IDE
Value: AHWqTUkTIHuvGS2EcoR8A8k55c9rqS2oQjmesGRi83Wg-b2SftZzs2SQySaUzaXjvnM
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mirror.in.th/ Name: __gads
Value: ID=65ee7e2141a77c82-2295e23d81a70017:T=1618290377:RT=1618290377:S=ALNI_MZi-YGMgAoWIKsU0aqld3evlVr8UQ

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.currency.wiki/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US(Line 1449)
Message:
tm [object Object]
console-api log URL: https://www.currency.wiki/widget/embed?wd=1&f=THB&t=USD&cs=&d=1&tm=1618290376&lang=en-US(Line 1800)
Message:
hererer widget show

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
connect.facebook.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mirror.in.th
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.currency.wiki
www.google.com
www.googletagservices.com
www.mirror.in.th
142.250.185.66
178.208.83.40
2001:4de0:ac18::1:a:3a
2606:4700:3036::ac43:b0c2
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a03:2880:f012:10c:face:b00c:0:3
88.212.201.210
018e10b5b0a2934f9305885806e671af8f1f66ad6efee6af2d508227942b0a37
08546d488fce714d533594d2eb6480005267aa542f1d16e84bc49b5e381a8ed8
0a40502d62feec710025eaf5a6686562d03a9a8bcede64f8e24c55dee0d2d901
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d48d99ae252bc67b006d50e02db7f6aa76165d7e5054796904c1071f12fd6b2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
236161370ec57bc8eaa893a9094cf0e2cfc85f333ec3742de41e4e50af7f2426
23f41b1c971b3368a875bf75f1fd536fb5ae924349b3796ead199f032c6f7584
2992b13039e6f3321baf946526a5e87ac0348d71909d2608a9c0c8eea7fcbf86
2b9842aa1fe82f73d4f20ac8bb1d8682590e36c6efe25632976b98aab47ff417
2dac88aee48ea7751b5f245a682f544de72c5572208f0396c30ea1ca22207e4b
2e962b5f7f6f0418d10f095ae0f5e8e69fccdfc1f20a674ce0e6f6ac345752c8
343a31cf03a38a641dab0a2b6998a8f7b6664e95a0c6af7b0676665972e8b416
3d18a96a16ad3a6a28a35f0ad1f8ed8be0c4e60550ad3aa4cacd9b65a1bf2424
44b8ddbdc890416292fdc331d4b0d0709dc750985f92f43536986faa4076501c
460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4d24628c01669011268da9e920146b99d3d1687aa0efc5445595116b8a2ab380
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
524ab8ce722fd84999ab057cfa8eba4cc8352b38873cb72bfce586bc9e07a5dc
55af3fdfdc5925d2cf72a57ea07b262827f5e53fd0a0091f8b4543687e020cde
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
621c1887d62b0efc13debf4c23006b8b7d50b13880651e72b2602544592fcfc4
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68f96405ee7361a1d6c8f0749d87ae10e5d2c10c76330d1eb23b92c11a875603
6bb53a58d114d0b517b2409c1fed60d5f4da839a2c756536ef6b9106e7831d8c
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
6eaca8706c642d30cd4b619a2050ffa098f10d419d4a7a38e45d8895e28bbb8d
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
72ebfeb1ce24b152349b7a231f6fc29ff2a2b7a5ede91dcdb80d6b9de1779046
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
79649b88e223357ccb014f0b2d30c65923a2834167a845ca2e0e754106bc24b3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
87a003cf9e8a3c4bd9a64c68129a5a9712522f3ab6f6d8f1dd9a68bc6698eae0
8a3a03898f0f6b6db74de0d56cc821ae7295d67d31a22b59a7c16eaa2daacd65
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
97b0276c1d6ad342eb71280685c69628b2c07cf613a763e872d527faafc0e416
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bbc433c7f40e466a9a9d90f036b4989cb2296919aaddad12fe6c1a979e9f2bf
9bd80d0cd9724399016838c2141ec1ad07492ff6eb7ed039c206bdd2fc2efd56
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6d92bc60b0e246165c3be165ac9e6a75a078258565e91669135f36ce0ea6830
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
b554671ab1684f9a43cb7266fd45c3a531db503ff887350ca0d389d43d68899a
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
ba9b4015860e510fa7949c2dad3f004e40d3aaaf6acd36f443dba77dc2762e8c
be20de3a75c920215ec4a03716f1f865c19e75229ce4f4d1a0f99739ee1b0e07
c21b52cae73bd0405eac4f1fd6f979491f5053bfc385d84cd3c4b45bb4fcf3a1
c32cd8708a0aed879977869bb1f6dbbfa34e0a52335b2a0c88091d4d9326f165
c4b56bba8e2c262f1b78006ecb414fc8454576dd594ec9a58c1f0946fc63e370
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
ca92a1432ce7addce0ffe6d4f6e2941673dcdd929c3ae71928416e044ae4f5fa
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
d8faea6e218910bf83cd1e7fe9775b3b75195df3c16a3f4eea74b75f9b881dce
def51a725fcbf670ed1ca1d44fdfaea4ba74f4ed993d59fd28e8e35d88d2190e
e21beb66b137cd5016dba92f01a9ca2283c2a1e2c06572367103817199ab9c7b
e2e177830a5036b9aedc8dad8d69cd5dd4e9d0e72875d88b442b81b8088ee577
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
efffa60902896ad8ce90034c4b8544a2b25d9794134af7f9b6c90ed4e4f8a7f0
f7380f19ae51b5ee7cefd839677ff86e5a0a1da011150584b4706251b2e61e7a