ucqemggd.shemrockiddies.com Open in urlscan Pro
149.28.140.151 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx
Submission: On July 06 via manual (July 6th 2021, 2:56:50 pm UTC) from TH

Summary HTTP 306 Redirects Behaviour Indicators

Summary

This website contacted 77 IPs in 11 countries across 53 domains to perform 306 HTTP transactions. The main IP is 149.28.140.151, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is ucqemggd.shemrockiddies.com.

This is the only time ucqemggd.shemrockiddies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	149.28.140.151 149.28.140.151	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
120	27.254.43.247 27.254.43.247	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	202.183.165.226 202.183.165.226	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
1	13.224.193.108 13.224.193.108	16509 (AMAZON-02) (AMAZON-02)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
3	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	178.79.227.76 178.79.227.76	22822 (LLNW) (LLNW)
1	203.151.144.214 203.151.144.214	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
4	2600:9000:215... 2600:9000:2156:7a00:1d:47ad:2280:93a1	16509 (AMAZON-02) (AMAZON-02)
4	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2 5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	13.224.193.12 13.224.193.12	16509 (AMAZON-02) (AMAZON-02)
3	104.111.224.62 104.111.224.62	16625 (AKAMAI-AS) (AKAMAI-AS)
1	27.254.43.243 27.254.43.243	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
15	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	202.183.165.228 202.183.165.228	4750 (CSLOXINFO...) (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED)
1	188.65.124.59 188.65.124.59	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	188.65.124.90 188.65.124.90	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
5	149.129.240.178 149.129.240.178	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
3	119.81.216.16 119.81.216.16	36351 (SOFTLAYER) (SOFTLAYER)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
3	202.183.165.85 202.183.165.85	9891 (CSLOX-IDC...) (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited.)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
2 3	34.246.39.97 34.246.39.97	16509 (AMAZON-02) (AMAZON-02)
8 9	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3 3	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	52.207.62.93 52.207.62.93	14618 (AMAZON-AES) (AMAZON-AES)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
3 3	52.58.55.232 52.58.55.232	16509 (AMAZON-02) (AMAZON-02)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1 1	52.205.83.58 52.205.83.58	14618 (AMAZON-AES) (AMAZON-AES)
1 2	204.2.255.233 204.2.255.233	2914 (NTT-COMMU...) (NTT-COMMUNICATIONS-2914)
1	119.63.197.150 119.63.197.150	38627 (BAIDUJP B...) (BAIDUJP Baidu)
4	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.220.135.169 3.220.135.169	14618 (AMAZON-AES) (AMAZON-AES)
1	152.228.227.62 152.228.227.62	16276 (OVH) (OVH)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.48.137.92 52.48.137.92	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c004... 2602:803:c004:200::152	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
6	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.172 119.63.198.172	38627 (BAIDUJP B...) (BAIDUJP Baidu)
10	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
306	77

1 149.28.140.151 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.140.151.vultr.com

ucqemggd.shemrockiddies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

120 27.254.43.247 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)

hilight.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
football.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.183.165.226 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p352-nasbkkST3.C.csloxinfo.net

cdn.thelead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-108.fra2.r.cloudfront.net

pubmatic.mainroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.79.227.76 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-227-76.vie.llnw.net

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.151.144.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 214.144.151.203.sta.inet.co.th

lvs.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:7a00:1d:47ad:2280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.bluebillywig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net

stats.mainroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

ssl-avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.254.43.243 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)

cacheportal.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.183.165.228 (Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p354-nasbkkST3.C.csloxinfo.net

connect.thelead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.59 (Puteaux, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg

pebed.dm-event.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.90 (Puteaux, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com

api.pxl.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.145 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 149.129.240.178 (Jakarta, Indonesia)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.81.216.16 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.183.165.85 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p211-nasbkkST3.C.csloxinfo.net

api-center.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s359.kapook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.246.39.97 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.23.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-mon-1.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.199 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.49 (Frankfurt am Main, Germany) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.62.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.55.232 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.83.58 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.2.255.233 (United States) 1 redirects

ASN2914 (NTT-COMMUNICATIONS-2914, US)

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.150 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

th.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.220.135.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.228.227.62 (France)

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-fra2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4e401fa095cf543f1b9d7ebaaf55bdd1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

imagehwc.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
124	kapook.com hilight.kapook.com my.kapook.com www.kapook.com cacheportal.kapook.com api-center.kapook.com i.kapook.com football.kapook.com s359.kapook.com	3 MB
24	doubleclick.net 8 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	280 KB
20	pubmatic.com 1 redirects ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com image4.pubmatic.com image2.pubmatic.com simage2.pubmatic.com t.pubmatic.com simage4.pubmatic.com	141 KB
19	popin.cc api.popin.cc th.popin.cc log.popin.cc imagehwc.popin.cc r.popin.cc inrecsys.popin.cc	269 KB
18	googlesyndication.com fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com tpc.googlesyndication.com 4e401fa095cf543f1b9d7ebaaf55bdd1.safeframe.googlesyndication.com pagead2.googlesyndication.com	82 KB
12	rubiconproject.com 3 redirects ads.rubiconproject.com smarttag.rubiconproject.com eus.rubiconproject.com beacon-fra2.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	24 KB
10	fbcdn.net static.xx.fbcdn.net	550 KB
8	innity.com as.innity.com avd.innity.com	8 KB
8	googletagservices.com www.googletagservices.com	263 KB
6	facebook.com 2 redirects www.facebook.com graph.facebook.com	32 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads.yahoo.com	4 KB
5	criteo.com 1 redirects gum.criteo.com mug.criteo.com dis.criteo.com	2 KB
5	thelead.tech cdn.thelead.tech connect.thelead.tech	6 KB
4	createjs.com code.createjs.com	251 KB
4	adsrvr.org 2 redirects match.adsrvr.org	2 KB
4	google.com adservice.google.com www.google.com	2 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	bluebillywig.com cdn.bluebillywig.com	362 KB
4	facebook.net connect.facebook.net	167 KB
4	google-analytics.com www.google-analytics.com	75 KB
3	treasuredata.com in.treasuredata.com	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	880 B
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	rlcdn.com idsync.rlcdn.com api.rlcdn.com id.rlcdn.com	331 B
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	innity.net ssl-avd.innity.net avd.innity.net	13 KB
3	mainroll.com pubmatic.mainroll.com stats.mainroll.com	23 KB
2	mxptint.net 1 redirects pmp.mxptint.net	965 B
2	adform.net 1 redirects c1.adform.net	951 B
2	dmcdn.net api.dmcdn.net	18 KB
2	jsdelivr.net cdn.jsdelivr.net	9 KB
2	instagram.com 1 redirects www.instagram.com	5 KB
2	googleapis.com fonts.googleapis.com	904 B
1	google.be adservice.google.be	853 B
1	crwdcntrl.net id.crwdcntrl.net	830 B
1	id5-sync.com id5-sync.com	536 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	clientgear.com 1 redirects event.clientgear.com	262 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	adentifi.com rtb.adentifi.com	88 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	518 B
1	simpli.fi um.simpli.fi	609 B
1	deepintent.com match.deepintent.com	44 B
1	adgrx.com cm.adgrx.com	408 B
1	google.de adservice.google.de	853 B
1	dailymotion.com api.pxl.dailymotion.com	1 KB
1	dm-event.net pebed.dm-event.net	296 B
1	2mdn.net s0.2mdn.net	117 KB
1	truehits.in.th lvs.truehits.in.th	9 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	shemrockiddies.com ucqemggd.shemrockiddies.com	1 KB
306	53

	Domain	Requested by
53	my.kapook.com	hilight.kapook.com my.kapook.com
52	i.kapook.com	securepubads.g.doubleclick.net hilight.kapook.com fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com code.createjs.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ucqemggd.shemrockiddies.com fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com smarttag.rubiconproject.com
11	hilight.kapook.com	ucqemggd.shemrockiddies.com hilight.kapook.com
10	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com hilight.kapook.com
10	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
9	cm.g.doubleclick.net	8 redirects hilight.kapook.com
8	www.googletagservices.com	hilight.kapook.com securepubads.g.doubleclick.net fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
7	simage2.pubmatic.com	1 redirects ads.pubmatic.com
6	imagehwc.popin.cc	hilight.kapook.com
5	tpc.googlesyndication.com	fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	as.innity.com	ads.pubmatic.com
5	www.facebook.com	2 redirects hilight.kapook.com connect.facebook.net
4	pixel.rubiconproject.com	hilight.kapook.com
4	code.createjs.com	securepubads.g.doubleclick.net fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
4	log.popin.cc	hilight.kapook.com
4	match.adsrvr.org	2 redirects ads.pubmatic.com hilight.kapook.com
4	image2.pubmatic.com	ads.pubmatic.com
4	ib.adnxs.com	3 redirects ads.pubmatic.com
4	connect.thelead.tech	cdn.thelead.tech
4	api.popin.cc	hilight.kapook.com api.popin.cc
4	cdn.bluebillywig.com	pubmatic.mainroll.com cdn.bluebillywig.com hilight.kapook.com
4	connect.facebook.net	hilight.kapook.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com hilight.kapook.com
3	r.popin.cc	hilight.kapook.com
3	token.rubiconproject.com	3 redirects
3	in.treasuredata.com	api.popin.cc
3	x.bidswitch.net	3 redirects
3	sync-tm.everesttech.net	3 redirects
3	sync.mathtag.com	3 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	avd.innity.com	avd.innity.net hilight.kapook.com
3	ads.pubmatic.com	hilight.kapook.com ads.pubmatic.com
3	www.kapook.com	hilight.kapook.com
2	www.google.com	tpc.googlesyndication.com
2	eus.rubiconproject.com	smarttag.rubiconproject.com eus.rubiconproject.com
2	pmp.mxptint.net	1 redirects ads.pubmatic.com
2	ups.analytics.yahoo.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	c1.adform.net	1 redirects ads.pubmatic.com
2	fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	api-center.kapook.com	my.kapook.com
2	avd.innity.net	ssl-avd.innity.net ucqemggd.shemrockiddies.com
2	stats.mainroll.com	hilight.kapook.com
2	mug.criteo.com	hilight.kapook.com
2	gum.criteo.com	1 redirects
2	api.dmcdn.net	hilight.kapook.com api.dmcdn.net
2	cdn.jsdelivr.net	hilight.kapook.com
2	www.instagram.com	1 redirects hilight.kapook.com
2	fonts.googleapis.com	hilight.kapook.com my.kapook.com
1	s359.kapook.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	t.pubmatic.com	ads.pubmatic.com
1	inrecsys.popin.cc	hilight.kapook.com
1	football.kapook.com	hilight.kapook.com
1	ads.yahoo.com	hilight.kapook.com
1	id.rlcdn.com	hilight.kapook.com
1	4e401fa095cf543f1b9d7ebaaf55bdd1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	beacon-fra2.rubiconproject.com	hilight.kapook.com
1	smarttag.rubiconproject.com	ads.rubiconproject.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	th.popin.cc	api.popin.cc
1	sync.ipredictive.com	1 redirects
1	event.clientgear.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	rtb.adentifi.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	idsync.rlcdn.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	graph.facebook.com	my.kapook.com
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	api.pxl.dailymotion.com	api.dmcdn.net
1	pebed.dm-event.net	api.dmcdn.net
1	cacheportal.kapook.com	my.kapook.com
1	ssl-avd.innity.net	my.kapook.com
1	s0.2mdn.net	cdn.bluebillywig.com
1	lvs.truehits.in.th	hilight.kapook.com
1	pubmatic.mainroll.com	hilight.kapook.com
1	cdn.thelead.tech	hilight.kapook.com
1	www.googletagmanager.com	ucqemggd.shemrockiddies.com
1	ucqemggd.shemrockiddies.com
306	93

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.kapook.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-16` - `2022-10-18`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-07` - `2021-08-30`	3 months	crt.sh
cdn.thelead.tech R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
*.mainroll.com Amazon	`2020-09-24` - `2021-10-24`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-06-19` - `2021-09-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.dmcdn.net ZeroSSL RSA Domain Secure Site CA	`2021-05-19` - `2021-08-17`	3 months	crt.sh
lvs.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2020-07-06` - `2021-10-14`	a year	crt.sh
*.bluebillywig.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2020-11-12` - `2021-11-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.innity.net DigiCert SHA2 Secure Server CA	`2021-05-12` - `2022-05-17`	a year	crt.sh
connect.thelead.tech R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
*.dm-event.net ZeroSSL RSA Domain Secure Site CA	`2021-06-15` - `2021-09-13`	3 months	crt.sh
api.pxl.dailymotion.com ZeroSSL RSA Domain Secure Site CA	`2021-06-30` - `2021-09-28`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-11` - `2021-12-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.mxptint.net Starfield Secure Certificate Authority - G2	`2020-07-21` - `2021-07-21`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.treasuredata.com Amazon	`2020-10-16` - `2021-11-15`	a year	crt.sh
*.id5-sync.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.be GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-16` - `2021-07-28`	a month	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh

This page contains 21 frames:

Primary Page: http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx
Frame ID: 148ED200BF3ACFF47657E3A71A31295D
Requests: 4 HTTP requests in this frame

Frame: https://hilight.kapook.com/view/122112
Frame ID: F43A53176EACB7C51ED8FF38611E0DF4
Requests: 154 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff2312f2222550b4%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Frame ID: BE4A6257A0D1AABF029168358C30D90F
Requests: 11 HTTP requests in this frame

Frame: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BEE7F63BB1C4E7178CB065EF3A4D44E5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0559BAC1EF90B89965009CCC000A885D
Requests: 22 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F75F9305-09C1-416C-A605-43646CEDDC16
Frame ID: AF079AE66FE036F3940C0F404C3020E6
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: A06E1696E128EE7C0E06ABC5BAAF8705
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E2522B82C9C7542E894ECBB3CC66C934
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E18E09AE61442BA5E3D716D988CB9B2B
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 1E1EDCCC780D558709ECEE5B5A02F93A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucK5rih8IUUDeS8Di3xNRi9glfj61XwddcGzFmljKzLDMinoydf5bSedlrokUzhOgrojMfRLqHxW_xxKdb8-_jEt73zPOnlWydKWFBBzkKsCdT9AEgtChIwhozKNbXaYnXjs7zTP1hcPftdF5m-JqwGFLo2YgV8F6QsC7qYqO8eE802PCcbEtWwLISjuTilhY5CibMfGwaHdFjwmq7SHDEbOaxeHN1IJ9cGg1AyA3EXEqUHoNvhYkej50Q74G9GRjvexFODDokHAuy1zzCn8cewFKevE1gTZJjavzfJMgEP6qlUH3pF7OqSRvF64xuNVXmmdjtHbkCSYlRKn4m&sig=Cg0ArKJSzJhjZuT6gD3kEAE&urlfix=1&adurl=
Frame ID: 285552A91A83779D8D5B3E48D30771AD
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_u5x5u0uD-YGgfIDe_iMVzg-FT_wKY2k4OGIKiYYqDC0y29dSrkTTH9KIUpZ3TPy6w3elGuprJw0z56sx_pGdNHqcYwzt-iB_LCvw8neT9kGQG-2-8sfFx_X3SYYu02fqsLE2XMKBHlW6mrdESBmjjjFpQOkocp8ZLQd3RKfaDHRGvInWV7_4zHpqtNti6DgfC9vFyGfFQuvxL45lYj6xtXq0W-lij_qkmkr01AG6g1S6khHg53q5DiXrog6WTHCkwsSQol_Zhg66TcNpp38EhsTOnqmyANvnAifnw1T7FjQGtLIgojxlbNjHXFVhHrz3J6jc&sig=Cg0ArKJSzFjjIMHjuWQUEAE&urlfix=1&adurl=
Frame ID: EA4E17D2A85AB18270B8BA37D74916B3
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgHPeqySZMbcyU0LpJ5UhU-qGH6-wZWRY4hzPDh9sNFXX1BUQlpQZVDDHHZKb_UbueZicB0PNoeuuukjfp-N489U1MdDltGfqerEN4usPpwS8q-uywGDRXe6hLbpPzwUji7h7J5Oqk5JmLPrwue0HWAD1Zv_ycn47A_jvf_JtuUtwPO948EUlIv6C0i19hPSP8NGnhZ97mjnuwAqlRfmjBuxsfslyzPypqQiN37GJNA77kkZ5AExKQlA5Hpe6AZSbxW299pl7xevvTdOELpSCFRxrS3TBPUBK32kSJjgx3Yoe-ocTjx-CnhXg&sig=Cg0ArKJSzIwFlMTtKLGOEAE&urlfix=1&adurl=
Frame ID: FD6DEBBBC42DA0D00A72B7240D8F58B7
Requests: 18 HTTP requests in this frame

Frame: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1A00BD6556BEFCF9FF2867C8853CCD17
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Frame ID: 0E709460892C5D6868EE617ECCBB98F2
Requests: 10 HTTP requests in this frame

Frame: https://4e401fa095cf543f1b9d7ebaaf55bdd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 80A5FCDF19F6F269BB8AE2E4EA6A40E2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNNnqafKQ252zpFAcCzEzS2eGfACSS_1Ewrd3UpDI4_TVHwUfe8N0NdLRlpIj5kffGEvWbZLDbPTasCWfHF6q7OW_K8LfkSDtNKwxZvMHWNh2mjNR0n8i_9_AWyLnictofYDMGn-saFL4p3yhwOJWUoqMU8wX_w-beMEymaP_7cm-1L4CQdsUJu--nfvM8fgTGhkALA9ADpLPAeyP9BeGpBRoZv-aRcns9QOEBE3Tk-3TEjidfifQmP0JWH7GiclR9rAXo5Bi4Nh8PdHh3VpihhNk20WUSubkG16Y84xPd4IQ9bhMNwff5Eg_fuLVOF2s&sig=Cg0ArKJSzIRjP1CcL1ikEAE&urlfix=1&adurl=
Frame ID: 68B8ECFCF37F655571748FE73AC6630E
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9E7808C0FE0F08C0C31D8931B8E60879
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF098282CF9526346A0021CDB47B037C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B15394B3D66B48E85ACDCD44AD9566CE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81CD1AE3286554B2A4D06BB1AED679D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

306
Requests

100 %
HTTPS

32 %
IPv6

53
Domains

93
Subdomains

77
IPs

11
Countries

6021 kB
Transfer

13071 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 66

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fucqemggd.shemrockiddies.com%2F&domain=hilight.kapook.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=iYyHcnxoRkcxbnJVQ3NBWXAwNzNUMGpTRGQyUk5kRUx6VDdoeUJ0dWVOMGVNcDNyK254cHZ3N0pLT0ZZT21xa3RmOS85WVNkVGRydVR5ejN1ZHJrUklRazlUNHBxckx5dGk3T2l5WjBZMUNvdFFwZ2g2ODE1QnF4RTFoaHlDd3lOcjUxc01SK2p1Q3ZES2hLUnVaaEgrSFIrMHJTUEJLdHVjb1c4SlE0UHRPVTZoMzY0WHBjdFBCUzRqTTAybnZzcHZHb1Y5cldhMXpDVitxWHdGMnBSSW1CMFpWVFc0NkpBM1ZxM01ENFRkOEhqZ1FmUUYrQmI1cGxNUDNXZmI2NkhOTHlsfA&cppv=2

Request Chain 78

https://www.facebook.com/v2.12/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff2312f2222550b4%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff2312f2222550b4%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff2312f2222550b4%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200

Request Chain 121

https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1625583385983 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1625583385983 HTTP 302
https://avd.innity.com/sync/?partner=appnexus&token=2851905031281157622&type=cookie&itmcb=1625583385983

Request Chain 129

https://c1.adform.net/serving/cookie/match?party=14&cid=F75F9305-09C1-416C-A605-43646CEDDC16 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F75F9305-09C1-416C-A605-43646CEDDC16

Request Chain 130

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdjEwN0J5TjRBQURYSEhTU2hYdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=91-TBQnBQWymBUNkbO3cFg%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=91-TBQnBQWymBUNkbO3cFg%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 136

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=76ae60e4-6f1a-4400-9a5f-03d028043279

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc1RjkzMDUtMDlDMS00MTZDLUE2MDUtNDM2NDZDRUREQzE2&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc1RjkzMDUtMDlDMS00MTZDLUE2MDUtNDM2NDZDRUREQzE2&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKJNJPlEG3Qi4UhN1sjoyu4&google_cver=1

Request Chain 140

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7433541427833917502&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 141

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=111a7cf2-c531-49de-bae7-c516c96b3819

Request Chain 142

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YORvGgACkXaeOgA4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YORvGgACkXaeOgA4&gdpr=0&gdpr_consent=&_test=YORvGgACkXaeOgA4

Request Chain 143

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:05a060e4-6f1a-4b00-9bec-82bf4b8f2c24&gdpr=0&gdpr_consent=

Request Chain 145

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F75F9305-09C1-416C-A605-43646CEDDC16&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F75F9305-09C1-416C-A605-43646CEDDC16&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mIaSWLJE2uXXm7gLqKwApXgtPZzY0oY-~A&gdpr=0&gdpr_consent=

Request Chain 146

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2851905031281157622&gdpr=0&gdpr_consent=

Request Chain 149

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 150

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=62649fb2-6671-4eb1-9e60-f7076ea3c504 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk81b66d77-276b-48b0-85e1-89fb0f021e91&expires=7&user_group=5&ssp=pubmatic&bsw_param=62649fb2-6671-4eb1-9e60-f7076ea3c504 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=62649fb2-6671-4eb1-9e60-f7076ea3c504&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 151

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=56f0e752-de6a-11eb-98c1-f311d18549d8&gdpr=0&gdpr_consent=

Request Chain 152

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_DFCC9C69_AE034A1F&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 206

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/jN7Cy2AFjlhgxAqCJygRxsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3664336995615306503

Request Chain 207

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTU2YjI3ZWNmNDMwMGE2MmQzMDMzODIzNjg5MjYwMjZiNWRjMmMwYg

Request Chain 209

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YORvGgACkXaeOgA4

Request Chain 210

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQS6DL50-28-LWUH&sigv=1&esig=2~ecd6de9b4ecc47d74ff31d8b3549fa5131f80a4c

Request Chain 212

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=05a060e4-6f1a-4b00-9bec-82bf4b8f2c24

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIi4tTtgNrAx4RAWreZRzSk&google_cver=1

306 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 0-1yczsewon.aspx Show response
ucqemggd.shemrockiddies.com/gk0607/ 4 KB
1 KB 342ms
327ms Document
text/html 149.28.140.151
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx
Protocol: HTTP/1.1
Server: 149.28.140.151 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.140.151.vultr.com
Software: nginx /
Resource Hash: c64ee951da40891dbccc7776f9abe5c58738c4a0c57bc5a01dd7161dbd430a68

Request headers

Host: ucqemggd.shemrockiddies.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 06 Jul 2021 14:56:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-116306602-1

Requested by

Host: ucqemggd.shemrockiddies.com
URL: http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d43cc5b6c13952e25e7aa74ebe31175c9bc1f74219e962e2ba16c2f6c631c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://ucqemggd.shemrockiddies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37014
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Jul 2021 14:56:22 GMT

GET
H2 200 122112 Show response
hilight.kapook.com/view/ Frame F43A 56 KB
14 KB 914ms
446ms Document
text/html 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://hilight.kapook.com/view/122112
Requested by: Host: ucqemggd.shemrockiddies.com
URL: http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: ad50eece40f0621eb5cafa828ded1536c5dee2ec8776470de3b62a49aa2eea4b

Request headers

:method: GET
:authority: hilight.kapook.com
:scheme: https
:path: /view/122112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://ucqemggd.shemrockiddies.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://ucqemggd.shemrockiddies.com/

Response headers

date: Tue, 06 Jul 2021 14:56:23 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
kp-cache-status: EXPIRED
kp-device: desktop
content-encoding: gzip

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116306602-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ucqemggd.shemrockiddies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5437
date: Tue, 06 Jul 2021 13:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 06 Jul 2021 15:25:45 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1614966757&t=pageview&_s=1&dl=http%3A%2F%2Fucqemggd.shemrockiddies.com%2Fgk0607%2F0-1yczsewon.aspx&ul=en-us&de=UTF-8&dt=%E0%B8%A3%E0%B8%B0%E0%B8%97%E0%B8%B6%E0%B8%81%20%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%97%E0%B9%89%E0%B8%B2%E0%B8%A2%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%9E%E0%B8%B8%E0%B9%88%E0%B8%87%E0%B8%97%E0%B8%B0%E0%B8%A5%E0%B8%B8%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B8%88%E0%B8%81%E0%B8%AB%E0%B8%A5%E0%B8%B1%E0%B8%87-%E0%B8%AD%E0%B8%B2%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%AA%E0%B8%B2%E0%B8%AB%E0%B8%B1%E0%B8%AA%20(%E0%B8%A1%E0%B8%B5%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=739202253&gjid=2045745002&cid=881526209.1625583383&tid=UA-116306602-1&_gid=639414799.1625583383&_r=1&gtm=2ou6u0&z=250773659

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ucqemggd.shemrockiddies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ucqemggd.shemrockiddies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontface.css
my.kapook.com/fonts/kittithada_roman/ Frame F43A 387 B
762 B 243ms
231ms Stylesheet
text/css 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/fonts/kittithada_roman/fontface.css

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:23 GMT
last-modified: Thu, 24 Jan 2019 03:24:26 GMT
etag: "5c492fea-183"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 387
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:23 GMT

GET
H2 200 fontface.css
my.kapook.com/fonts/chatthai/ Frame F43A 321 B
696 B 241ms
230ms Stylesheet
text/css 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/fonts/chatthai/fontface.css

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:23 GMT
last-modified: Thu, 24 Jan 2019 03:24:26 GMT
etag: "5c492fea-141"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 321
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F43A 1 KB
539 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kanit:700

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ff4ad5f791e76df0cdc0b00c109ef3e2cc952982be33a56cf2a1bb73fa8a229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 14:50:26 GMT
server: ESF
date: Tue, 06 Jul 2021 14:56:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jul 2021 14:56:23 GMT

GET
H2 200 theme.css
my.kapook.com/css/portal/ Frame F43A 10 KB
3 KB 242ms
231ms Stylesheet
text/css 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/css/portal/theme.css

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

990361213a788f276de016ed7f9f42e96c2a4d91bb97bb59acf026ea9cbf4d56

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:23 GMT
content-encoding: gzip
last-modified: Tue, 06 Apr 2021 08:34:59 GMT
etag: W/"606c1d33-2909"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:23 GMT

GET
H2 200 main.css
my.kapook.com/signin_2017/css/ Frame F43A 4 KB
2 KB 240ms
229ms Stylesheet
text/css 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/signin_2017/css/main.css

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

303b701d48a7993b4176e72cf7e6f990959046b802acf41d0682d7344a40f4a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:23 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:35 GMT
etag: W/"5c493593-116b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:23 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
my.kapook.com/jquery/ Frame F43A 90 KB
33 KB 244ms
239ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/jquery-1.9.1.min.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:23 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-169d5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:23 GMT

GET
H2 200 content_template2017.css
my.kapook.com/css-template2017/ Frame F43A 14 KB
4 KB 237ms
232ms Stylesheet
text/css 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/css-template2017/content_template2017.css

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

07d5f877fd8af54f4fb1e1a562af64fdeba316d4b6e69a6d1aa6412c085f61da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:23 GMT
content-encoding: gzip
last-modified: Thu, 08 Apr 2021 03:48:52 GMT
etag: W/"606e7d24-38a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:23 GMT

GET
H2 200 lead-latest.js Show response
cdn.thelead.tech/lead/ Frame F43A 10 KB
4 KB 697ms
233ms Script
application/javascript 202.183.165.226
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thelead.tech/lead/lead-latest.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.226 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

p352-nasbkkST3.C.csloxinfo.net

Software

nginx/1.19.2 /

Resource Hash

0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 09:22:42 GMT
server: nginx/1.19.2
etag: W/"60bf36e2-28da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate, max-age=3600
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 logo-kapook.png
my.kapook.com/img-portal/ Frame F43A 29 KB
29 KB 350ms
349ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-portal/logo-kapook.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-7206"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 29190
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 twitter.svg
my.kapook.com/review/svg/ Frame F43A 1 KB
1 KB 351ms
350ms Image
image/svg+xml 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/review/svg/twitter.svg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

632f5cd08bf1e4b618918edafe034f3ce838afe3b8a010b8fd26b08e79e50599

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:48:35 GMT
etag: "5c493593-43d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 1085
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 facebook.svg
my.kapook.com/review/svg/ Frame F43A 492 B
873 B 351ms
350ms Image
image/svg+xml 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/review/svg/facebook.svg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

078485c2ef3f95d9c63732cb9445ba6814ee1b9f2cb6a2f9eaebc85a59227b3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:48:35 GMT
etag: "5c493593-1ec"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 492
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 Motor_5.jpg
hilight.kapook.com/img_cms2/user/chatkul/june_2558/Week_3/ Frame F43A 71 KB
71 KB 482ms
461ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/img_cms2/user/chatkul/june_2558/Week_3/Motor_5.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: bcb3acf087e6b852649f3a4f2129a21f83c4aca41177681a3709596900a10f9e

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 26 Sep 2019 13:27:26 GMT
etag: "9b98b5-11b94-59374bafa2b80"
content-type: image/jpeg
cache-control: private, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 72596
kp-cache-status: EXPIRED

GET
H2 200 Motor_4.jpg
hilight.kapook.com/img_cms2/user/chatkul/june_2558/Week_3/ Frame F43A 110 KB
110 KB 284ms
262ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/img_cms2/user/chatkul/june_2558/Week_3/Motor_4.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 26b5858140b60b994049fd6a6a6d800a2e8fbfec1de9605aa8e2232356b5f117

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 26 Sep 2019 13:27:26 GMT
etag: "9b98b4-1b654-59374bafa2b80"
content-type: image/jpeg
cache-control: private, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 112212
kp-cache-status: HIT

GET
H/1.1 200
OK kapook_outstream_live.js Show response
pubmatic.mainroll.com/a/ Frame F43A 123 KB
22 KB 538ms
472ms Script
text/javascript 13.224.193.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmatic.mainroll.com/a/kapook_outstream_live.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-108.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: cb7c93f29ddebf3dd503acd39fef1ef3a086868a346e1236dee05fbc5fc57df0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:24 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-ovp-host: vms-prod-frontend-spot-10-1-19-77
Access-Control-Allow-Origin: *
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
Cache-Control: public,max-age=90
Content-Length: 21729
X-Amz-Cf-Id: 7q09h3ULobMZXI51qDE2oVk45tMKq9rKvPmYia0BRa1q_RRmal3acg==
Expires: Tue, 06 Jul 2021 14:57:53 GMT

GET
H2 200 footer2018.css
my.kapook.com/css/portal/ Frame F43A 5 KB
2 KB 233ms
232ms Stylesheet
text/css 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/css/portal/footer2018.css

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

dbe0dcee665cb5c72fac087ef2893dd7ae05cd88115e62874c7f5ce8f4879f38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 07:56:23 GMT
etag: W/"5ff81027-15ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 ic-sv-01.png
my.kapook.com/img-services/ Frame F43A 3 KB
3 KB 235ms
228ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/ic-sv-01.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-b5a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 2906
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 ic-sv-02.png
my.kapook.com/img-services/ Frame F43A 2 KB
3 KB 235ms
228ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/ic-sv-02.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-954"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 2388
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 ic-sv-03.png
my.kapook.com/img-services/ Frame F43A 2 KB
3 KB 235ms
228ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/ic-sv-03.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-988"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 2440
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 ic-sv-04.png
my.kapook.com/img-services/ Frame F43A 2 KB
3 KB 236ms
228ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/ic-sv-04.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-8e8"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 2280
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 icon-dailymotion.png
my.kapook.com/img-services/ Frame F43A 2 KB
2 KB 236ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/icon-dailymotion.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

41f5f41fae57894923b9c02c9b5d619b8492bb1e4ab823a00cfd7dea2e70232c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Wed, 15 May 2019 04:45:21 GMT
etag: "5cdb9961-7be"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 1982
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 icon-fb.png
my.kapook.com/img-services/ Frame F43A 2 KB
2 KB 237ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/icon-fb.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-6f6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 1782
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 icon-tw.png
my.kapook.com/img-services/ Frame F43A 2 KB
2 KB 237ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/icon-tw.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-7c7"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 1991
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 icon-yt.png
my.kapook.com/img-services/ Frame F43A 2 KB
2 KB 237ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/icon-yt.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-6bb"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 1723
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 icon-ig.png
my.kapook.com/img-services/ Frame F43A 2 KB
2 KB 238ms
231ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/icon-ig.png

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-84e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 2126
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 app-store.jpg
www.kapook.com/assets_2017/images/ Frame F43A 2 KB
2 KB 431ms
427ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kapook.com/assets_2017/images/app-store.jpg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Wed, 25 Mar 2020 07:34:26 GMT
etag: "8fe-5a1a8e5e15276"
content-type: image/jpeg
cache-control: max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2302
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 google-play.jpg
www.kapook.com/assets_2017/images/ Frame F43A 2 KB
2 KB 351ms
350ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kapook.com/assets_2017/images/google-play.jpg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Wed, 25 Mar 2020 07:34:26 GMT
etag: "7cf-5a1a8e5e27b57"
content-type: image/jpeg
cache-control: max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1999
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 swiper.min.js Show response
my.kapook.com/portal_view/js/ Frame F43A 94 KB
25 KB 263ms
239ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/portal_view/js/swiper.min.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:35 GMT
etag: W/"5c493593-178a3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 galleryPlugin-loadmore.js Show response
my.kapook.com/portal_view/js/ Frame F43A 17 KB
5 KB 264ms
240ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/portal_view/js/galleryPlugin-loadmore.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

2257a1847773bc2f2273720e446fb019b71e6c4b2410ab2ff8c2961b7c538a0b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 11:25:04 GMT
etag: W/"5d836590-43a9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 head.load.min.js Show response
my.kapook.com/jquery/ Frame F43A 4 KB
2 KB 265ms
241ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/head.load.min.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-11fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 jquery.easing.1.3.js Show response
my.kapook.com/js_emocomment/ Frame F43A 8 KB
2 KB 265ms
242ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/js_emocomment/jquery.easing.1.3.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-1fa1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 jquery.worldjwplayer.js Show response
my.kapook.com/jquery/ Frame F43A 4 KB
2 KB 266ms
243ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/jquery.worldjwplayer.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

bf42d056ce8cf3ccacfcfcd4319b5f5d96a9bd63b60a2d0899f30cc209bf60b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-fa1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 oembed.js Show response
my.kapook.com/jquery/ Frame F43A 2 KB
1 KB 322ms
321ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/oembed.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

44b1dfba3096651cfa5bf09eabf8e6ae420490fce25bfb4dcf8a46101549f9d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-841"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 run_oembed.js Show response
my.kapook.com/jquery/ Frame F43A 1 KB
981 B 234ms
226ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/run_oembed.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

1869a799ad8fcb8ed4f7ca265940db5656e2d369376e6a7c8ba2d0b041fedd79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-507"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/ Frame F43A
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

17ms
6ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 03:18:39 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Tue, 06 Jul 2021 14:56:24 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: vll
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 dmp.js Show response
my.kapook.com/js_tag/ Frame F43A 1 KB
1 KB 234ms
227ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/js_tag/dmp.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: "5c493592-466"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 1126
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 tag.js Show response
my.kapook.com/jquery/ Frame F43A 2 KB
1 KB 235ms
227ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/tag.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

58c108b0b7425f99e28785064ce0115cbf054aeca694841ab23498bceaa6304c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-8b4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 intersection-observer.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.7.0/ Frame F43A 22 KB
7 KB 50ms
9ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.7.0/intersection-observer.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 930068
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6401
etag: W/"57ad-m3EaUx6495LHE8zS0+QpFP8kqM0"
x-served-by: cache-fra19122-FRA
date: Tue, 06 Jul 2021 14:56:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/ Frame F43A 6 KB
2 KB 51ms
10ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1001227
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2436
etag: W/"1926-ftj+zhhSvu4E/RMH3S02cxSkfWc"
x-served-by: cache-fra19122-FRA
date: Tue, 06 Jul 2021 14:56:24 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazysizes.min.js Show response
www.kapook.com/js/ Frame F43A 7 KB
3 KB 262ms
258ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kapook.com/js/lazysizes.min.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 07:45:44 GMT
etag: "1b91-5a1a90e454b08-gzip"
content-type: application/javascript
cache-control: max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 3307
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156743/740/ Frame F43A 339 KB
104 KB 103ms
27ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1879e8ade5a1c169209e1c9d36e54db19ee13adacb36a489dc6204699da308a

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 09:38:09 GMT
server: Apache/2.2.15 (CentOS)
etag: "fe0ad3-54b08-5c20aa6e6b04f"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=144895
accept-ranges: bytes
content-type: text/javascript
content-length: 105366
expires: Thu, 08 Jul 2021 07:11:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame F43A 95 KB
24 KB 12ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: sHi3xy1tBHB7ImEDTccRtsp1Jwbzp7CszgzIiVsqqTJJvBc0Wu3lFy4SXU5edMOH4KEz6tV5l7FJ1ba5v8MWlg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 06 Jul 2021 14:56:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 client.min.js Show response
api.dmcdn.net/pxl/cpe/ Frame F43A 1 KB
1 KB 132ms
34ms Script
application/javascript 178.79.227.76
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/pxl/cpe/client.min.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.76 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 0829ac43b09c9a9cfe273be88bf9afaf03db7837cff62366b371938f3dbd93b6

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
nel: {"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age: 19125
x-amz-request-id: 3XBKCX7X4N7H5W4W
x-amz-id-2: TA3Beq7P5Q2hu7g6D7FXKkClQ5+LCcoXyBaRf/eoY5jb+Ro0tAgcrHLnfgZ2k1XwxipwfR0m9q4=
last-modified: Mon, 11 Jan 2021 08:50:38 GMT
server: DMS/1.0.42
etag: "449ce35e4e70119dde62d6977e35b103"
vary: Accept-Encoding
report-to: {"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
content-length: 724
x-llid: c27d46f33d32a6453dcaa6620cca70f4
expires: Wed, 07 Jul 2021 09:37:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/th_TH/ Frame F43A 3 KB
2 KB 12ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/th_TH/sdk.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab9eedd8e256a293a36a04146cc316aa5ab098734ae2c72bdd04201479faa4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IKKC2nXzQBcwdneiS98A5Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 2+gXBr94L+DKwE2dL36hD9PX5yZ0oEFLEsGcue16eOgReg+ic0FRk2G5lACoOR+BAg1FkOmpqwMj/fU6ZciBoA==
x-fb-trip-id: 686109401
x-fb-content-md5: af1419e791c7e1312dc02e312810767e
x-frame-options: DENY
date: Tue, 06 Jul 2021 14:56:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "43a16a80336e32c45ee4b191c29fd3a3"
timing-allow-origin: *
expires: Tue, 06 Jul 2021 15:09:12 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame F43A 48 KB
19 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5439
date: Tue, 06 Jul 2021 13:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 06 Jul 2021 15:25:45 GMT

GET
H2 200 a0000034.js Show response
lvs.truehits.in.th/dataa/ Frame F43A 9 KB
9 KB 1042ms
550ms Script
application/x-javascript 203.151.144.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs.truehits.in.th/dataa/a0000034.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.151.144.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 214.144.151.203.sta.inet.co.th
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0f77f1d0086aef2cf6ffc35c9a4d61f6a71d3768673948099af17fe93fa3bc45

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
last-modified: Thu, 1 Jul 2021 07:02:00 GMT
server: nginx/1.14.0 (Ubuntu)
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
cache-control: max-age=604800
content-type: application/x-javascript
content-length: 9086
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 arrow-down.svg
my.kapook.com/portal_config_desktop/header/svg/ Frame F43A 213 B
594 B 350ms
349ms Image
image/svg+xml 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/portal_config_desktop/header/svg/arrow-down.svg

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://my.kapook.com/css/portal/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:48:35 GMT
etag: "5c493593-d5"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 213
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 ico-hilight.svg
my.kapook.com/svg-portal/ Frame F43A 16 KB
16 KB 350ms
349ms Image
image/svg+xml 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/svg-portal/ico-hilight.svg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

47fd2d89da6d57a193dcdfde77680f8b0511740db8df42efe176f7683e835e8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Wed, 08 May 2019 06:43:54 GMT
etag: "5cd27aaa-3e2c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 15916
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 kit55p-webfont.woff2
my.kapook.com/fonts/kittithada_roman/ Frame F43A 20 KB
21 KB 909ms
441ms Font
application/octet-stream 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/fonts/kittithada_roman/kit55p-webfont.woff2

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/fonts/kittithada_roman/fontface.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Origin: https://hilight.kapook.com
Referer: https://my.kapook.com/fonts/kittithada_roman/fontface.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:24:26 GMT
etag: "5c492fea-5160"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 20832
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 CSChatThaiUI.woff2
my.kapook.com/fonts/chatthai/ Frame F43A 16 KB
16 KB 1122ms
653ms Font
application/octet-stream 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/fonts/chatthai/CSChatThaiUI.woff2

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/fonts/chatthai/fontface.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Origin: https://hilight.kapook.com
Referer: https://my.kapook.com/fonts/chatthai/fontface.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:24:26 GMT
etag: "5c492fea-3fb4"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 16308
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 icomoon.woff
my.kapook.com/fonts/ Frame F43A 4 KB
4 KB 886ms
444ms Font
application/font-woff 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/fonts/icomoon.woff?-3adk29

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

e0fe3cf3f4b694a7bc4bb1b11462e00a89eebf156fdb9436f7f01c38fea73e26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Origin: https://hilight.kapook.com
Referer: https://my.kapook.com/css/portal/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:24:26 GMT
etag: W/"5c492fea-11d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ Frame F43A 92 KB
37 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TTM3PW3&cid=1029418554.1625583384

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1550949b2a901cd629815ff2381cb66aff9c68215acc77ddfab44dab4ba9e373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37453
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Jul 2021 14:56:24 GMT

GET
H2 200 player.js Show response
cdn.bluebillywig.com/apps/player/20210626.071645/ Frame F43A 2 MB
327 KB 70ms
7ms Script
application/javascript 2600:9000:2156:7a00:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/apps/player/20210626.071645/player.js
Requested by: Host: pubmatic.mainroll.com
URL: https://pubmatic.mainroll.com/a/kapook_outstream_live.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7a00:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8cedddc55b1783916b5d2baa40491a8726ed68a6a04651a6b283c38e01a89b7

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:48:04 GMT
content-encoding: gzip
age: 500
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
last-modified: Sat, 26 Jun 2021 07:18:00 GMT
server: AmazonS3
etag: W/"30b6b720a00ba8a369e7f1cd44ca4f27"
access-control-allow-methods: PUT, GET, POST
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: public,max-age=1209600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OPbAJ2qGnoy8PRIDBkk5jVktwg-SXQ8q8O46DNg763I8k7xSu-KmXA==

GET
H/1.1 200
OK kapook_th.js Show response
api.popin.cc/searchbox/ Frame F43A 267 KB
54 KB 1221ms
449ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/kapook_th.js
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: e9eb8b1cfad7247c194a52f15bc062ca5da020a3f8027a953cbe63e620670832

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Jun 2021 08:57:46 GMT
Server: nginx
ETag: W/"c8edae3a03233caa4b7b166730b5f31b"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: hk1fX1ij71KOQhEnHardJ4l6QuUtAENW
Expires: Tue, 06 Jul 2021 15:56:25 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/th_TH/ Frame F43A 229 KB
66 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/th_TH/sdk.js?hash=ea1bb62b4749044605d7426198e3d1b5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/th_TH/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

773b5f1cf4060a8320e999f9fc507ffd1fc39e60cc477208ceb81a231e9341ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://hilight.kapook.com
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yGJspjcF3O5Ncmd5cG6uiQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67988
x-fb-rlafr: 0
x-fb-debug: K16Y9jvtCTe2J0p5aHJXjQrCexg4hIwT8o1z3Gi91EOSdDe/UV9A1KKNCBMcoazJIAgifw/npvgHXFnvBUCyPA==
x-fb-content-md5: 2436ac6b4e441a533da1d74f840530f0
x-frame-options: DENY
date: Tue, 06 Jul 2021 14:56:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f81290a3b462404a0009aa85345e691b"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 06 Jul 2022 13:36:46 GMT

GET
H3-29 200 162488171107136 Show response
connect.facebook.net/signals/config/ Frame F43A 260 KB
74 KB 13ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/162488171107136?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a0663e47416841962f8767d6a268d034ea2dbfa2af743340254c95aaeb9794c3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75627
x-xss-protection: 0
pragma: public
x-fb-debug: Uk9TkPgi+c/liA37LaIu56rR8rNeE3d0CrYXsFM4h2WxEpfdCVLR2nzp4+6GZZu6ZKP7AI0NlIAB4A7d/AGRyQ==
x-frame-options: DENY
date: Tue, 06 Jul 2021 14:56:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 skrollr.min.js Show response
my.kapook.com/jquery/ Frame F43A 8 KB
4 KB 239ms
232ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/skrollr.min.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

638b569a555e5237e935eaa674fca4ef1317347d53c41171b811759c47534d0e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-211b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 jquery.fbbutton.js Show response
my.kapook.com/jquery/ Frame F43A 10 KB
3 KB 240ms
233ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/jquery.fbbutton.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

ab0335a147eedff460c9dcd5fd249b78606c81898e57db7397d1a4bacb962d5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 14:06:01 GMT
etag: W/"60c0cac9-2714"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 main_2020.js Show response
my.kapook.com/angular/app/content_relate/js/ Frame F43A 779 B
1 KB 249ms
242ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/angular/app/content_relate/js/main_2020.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

ebd473d7f288cf6fc7cd00a65cece7f14fa649b25b4f47effd1acc7ad5f4c1eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 14 May 2020 02:53:48 GMT
etag: "5ebcb2bc-30b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 779
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 jquery.tagCenter.js Show response
my.kapook.com/jquery/ Frame F43A 8 KB
2 KB 249ms
242ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/jquery.tagCenter.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

33ceac8852b43e0afb94ba6646ebda4654e9aba3c178e3d4819e4de6be134c8c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-2176"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 circle-list.png
my.kapook.com/img-services/ Frame F43A 989 B
1 KB 250ms
241ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/img-services/circle-list.png

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/css/portal/footer2018.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://my.kapook.com/css/portal/footer2018.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Thu, 24 Jan 2019 03:44:39 GMT
etag: "5c4934a7-3dd"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 989
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:24 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame F43A 44 B
147 B 11ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=162488171107136&ev=PageView&dl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&rl=http%3A%2F%2Fucqemggd.shemrockiddies.com%2F&if=true&ts=1625583384589&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&it=1625583384391&coo=false&rqm=GET

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 06 Jul 2021 14:56:24 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 74ms
28ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fucqemggd.shemrockiddies.com%2F&domain=hilight.kapook.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hilight.kapook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://hilight.kapook.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1486
date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame F43A
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fucqemggd.shemrockiddies.com%2F&domain=hilight.kapook.com&cw=1
https://mug.criteo.com/sid?cpp=iYyHcnxoRkcxbnJVQ3NBWXAwNzNUMGpTRGQyUk5kRUx6VDdoeUJ0dWVOMGVNcDNyK254cHZ3N0pLT0ZZT21xa3RmOS85WVNkVGRydVR5ejN1ZHJrUklRazlUNHBxckx5dGk3T2l5WjBZMUNvdFFwZ2g2ODE1QnF4RTFoaH...

336 B
594 B

57ms
17ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=iYyHcnxoRkcxbnJVQ3NBWXAwNzNUMGpTRGQyUk5kRUx6VDdoeUJ0dWVOMGVNcDNyK254cHZ3N0pLT0ZZT21xa3RmOS85WVNkVGRydVR5ejN1ZHJrUklRazlUNHBxckx5dGk3T2l5WjBZMUNvdFFwZ2g2ODE1QnF4RTFoaHlDd3lOcjUxc01SK2p1Q3ZES2hLUnVaaEgrSFIrMHJTUEJLdHVjb1c4SlE0UHRPVTZoMzY0WHBjdFBCUzRqTTAybnZzcHZHb1Y5cldhMXpDVitxWHdGMnBSSW1CMFpWVFc0NkpBM1ZxM01ENFRkOEhqZ1FmUUYrQmI1cGxNUDNXZmI2NkhOTHlsfA&cppv=2

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cbfb81dcdf1039f1a14a693ec04741446f587cb8bd6193da1ecf01aa0f28e12f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 06 Jul 2021 14:56:24 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1758
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 06 Jul 2021 14:56:24 GMT
location: https://mug.criteo.com/sid?cpp=iYyHcnxoRkcxbnJVQ3NBWXAwNzNUMGpTRGQyUk5kRUx6VDdoeUJ0dWVOMGVNcDNyK254cHZ3N0pLT0ZZT21xa3RmOS85WVNkVGRydVR5ejN1ZHJrUklRazlUNHBxckx5dGk3T2l5WjBZMUNvdFFwZ2g2ODE1QnF4RTFoaHlDd3lOcjUxc01SK2p1Q3ZES2hLUnVaaEgrSFIrMHJTUEJLdHVjb1c4SlE0UHRPVTZoMzY0WHBjdFBCUzRqTTAybnZzcHZHb1Y5cldhMXpDVitxWHdGMnBSSW1CMFpWVFc0NkpBM1ZxM01ENFRkOEhqZ1FmUUYrQmI1cGxNUDNXZmI2NkhOTHlsfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1703
content-length: 509
expires: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F43A 68 KB
24 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f0bc02d973e6e4e3ef63d0271525fd2899205370d17414a937e370c8a8baf39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "922 / 513 of 1000 / last-modified: 1625264026"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24229
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:24 GMT

GET
H2 200 ima3.js Show response
s0.2mdn.net/instream/html5/ Frame F43A 339 KB
117 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/html5/ima3.js

Requested by

Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20210626.071645/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

719b1af2893ff975889a82445ec4cfed41ad7e9180b7ab72cc465e7561f651bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:24 GMT

GET
H2 200 admanager.js Show response
cdn.bluebillywig.com/apps/player/20210626.071645/components/ Frame F43A 44 B
479 B 7ms
6ms Script
application/javascript 2600:9000:2156:7a00:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/apps/player/20210626.071645/components/admanager.js
Requested by: Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20210626.071645/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7a00:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d83682d408b8a5341dccb1e99215ef987833d80b13f28c2e19b91e1c4ea3df3

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:48:05 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
age: 500
x-cache: Hit from cloudfront
content-length: 44
last-modified: Sat, 26 Jun 2021 07:18:00 GMT
server: AmazonS3
etag: "3e5a0ee4658a47e9066d1c307c5ee323"
access-control-allow-methods: PUT, GET, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: public,max-age=1209600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 1MBw_d2_m-nAcgcGcxZMSQnqSzUZ30l05djctQQTtMryAdavAVee_Q==

GET
H2 200 ubuntu.css
cdn.bluebillywig.com/fonts/ Frame F43A 555 B
984 B 7ms
6ms Stylesheet
text/css 2600:9000:2156:7a00:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/fonts/ubuntu.css
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7a00:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:49:25 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
age: 420
x-cache: Hit from cloudfront
content-length: 555
last-modified: Tue, 18 May 2021 09:41:13 GMT
server: AmazonS3
etag: "2a6307abebf25c55ddb0722a4b7ef277"
access-control-allow-methods: PUT, GET, POST
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: go5KT9hIvzwNFUYgxKSWiO5Y-4X-RwRasxBdoEfkU0eit5xRlPlXaw==

GET
H/1.1 200
OK /
stats.mainroll.com/ Frame F43A 43 B
515 B 107ms
48ms Image
image/gif 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.mainroll.com/?pm=html5&sid=Z6hXZ4QUjIbg&prid=&ts=1625583384851&pp=pubmatic&ev=xst&id=eHR6iyX2ulnZ&et=Session&cid=0&xu=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&xr=http%3A%2F%2Fucqemggd.shemrockiddies.com%2F&pt=%5Buntitled%5D&aup=1&aum=1&aul=0&sn=0
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-12.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:24 GMT
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: Oh0k8GM_dQ35FkG7UR8bQBIBvZrdV5E67Ab4_JgDMGUsXNQ6hBod7w==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK /
stats.mainroll.com/ Frame F43A 43 B
515 B 110ms
50ms Image
image/gif 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.mainroll.com/?vu=35FEBB5A%2d9855%2d4F55%2d82E1%2d7B34E8FC1276&pm=html5&sid=Z6hXZ4QUjIbg&prid=&ts=1625583384852&pp=pubmatic&pt=%5Buntitled%5D&pv=6.x&ev=it&id=0&ct=Kapook%20Outstream&pd=&vs=n%2Fa&rs=1600x1200&fs=0&mt=mainroll&du=0&xu=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&xr=http%3A%2F%2Fucqemggd.shemrockiddies.com%2F&aup=1&aum=1&aul=0&ut=commercial&sn=1
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-12.fra2.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:24 GMT
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: XplULfuVDAZKwRzVKRR-WDpGJ8AMZSea_XjnG0Q84xnesK6bwuD9Eg==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 61ms
19ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1124
date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 ubuntu.woff2
cdn.bluebillywig.com/fonts/ Frame F43A 33 KB
34 KB 22ms
7ms Font
font/woff2 2600:9000:2156:7a00:1d:47ad:2280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bluebillywig.com/fonts/ubuntu.woff2
Requested by: Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/fonts/ubuntu.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7a00:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Request headers

Origin: https://hilight.kapook.com
Referer: https://cdn.bluebillywig.com/fonts/ubuntu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:41:55 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
age: 869
x-cache: Hit from cloudfront
content-length: 34260
last-modified: Tue, 18 May 2021 09:41:13 GMT
server: AmazonS3
etag: "5b23eeb3a32b30e91682d601535d2a89"
access-control-allow-methods: PUT, GET, POST
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Ls9agVh0E-6ehDLPzxjZ5dGQrGZor-ettWmxWRi4aoUv8BeC5GlJrA==

GET
H/1.1 200
OK container_56d8ee121c51b14f6e964404.js Show response
ssl-avd.innity.net/143/ Frame F43A 8 KB
4 KB 94ms
26ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Requested by: Host: my.kapook.com
URL: https://my.kapook.com/js_tag/dmp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:15:51 GMT
Server: nginx/1.18.0
ETag: "5f48bd37-20f7-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=855077
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3228
Expires: Fri, 16 Jul 2021 12:27:42 GMT

GET
H2 200 1 Show response
cacheportal.kapook.com/tag/compound/tag/122112/hilight/ Frame F43A 69 B
305 B 907ms
238ms Script
application/json 27.254.43.243
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://cacheportal.kapook.com/tag/compound/tag/122112/hilight/1?jsoncallback=jQuery19105578250264680016_1625583384032&_=1625583384033
Requested by: Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 2cd0bc9326bfb92a5f14dbb463d4a4bb4e2181aeda009d885ef5321f6065e3a6

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Jul 2021 14:56:25 GMT
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
access-control-allow-credentials: false
kp-cache-status: MISS
content-type: application/json

GET
H2 200 app.min.js Show response
api.dmcdn.net/pxl/cpe/ Frame F43A 62 KB
16 KB 42ms
42ms Script
application/javascript 178.79.227.76
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Requested by: Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/client.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.76 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: DMS/1.0.42 /
Resource Hash: 1a64c6a2497c7c6e1eeb1d1e58ddd9d460d99ef5c45bace3f3fe672402d6ee65

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-encoding: gzip
nel: {"report_to":"telemetry","max_age":7776000,"include_subdomains":true,"failure_fraction":1.0}
age: 8406
x-amz-request-id: D93FFBDD54DD669B
x-amz-id-2: vXtvLBk9blCP8S3uPYgCIidbI8p+ibBc+G/UHR6LMCisIX6bSTEtNA+7gNDClLdp7VYPGPBqPmc=
last-modified: Mon, 11 Jan 2021 08:50:38 GMT
server: DMS/1.0.42
etag: "d8ba3fcac734452ef6120c094cad2b03"
vary: Accept-Encoding
report-to: {"group":"telemetry","max_age":7776000,"endpoints":[{"url":"https://telemetry.dailymotion.com/"}],"include_subdomains":true}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
content-length: 16095
x-llid: f466b9adf5353762edcb162a59c1f2a5
expires: Wed, 07 Jul 2021 12:36:18 GMT

GET
H3-29

200

feedback.php Show response
www.facebook.com/plugins/ Frame BE4A
Redirect Chain

https://www.facebook.com/v2.12/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook....
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26o...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26o...

137 KB
31 KB

106ms
106ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff2312f2222550b4%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/th_TH/sdk.js?hash=ea1bb62b4749044605d7426198e3d1b5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80eb8a913c7b9d4ed917690e28a2b708d5101032787fdb7c1b003b03b2ca6e8b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff2312f2222550b4%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hilight.kapook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 60x5X93SBlQk2UcqPYLNyAFyhM7ltHxYRzcwzsF8nakSe1i2NZxi8jMzfW4wDjO9eco/yAKjNdcK0L/BbOZWyg==
date: Tue, 06 Jul 2021 14:56:25 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff2312f2222550b4%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: HXh5cy8q99tU22csN673hU1Qin+AjJenkVAagR0VY+mleRzhADcyOixxX9RJ1bMVMnTe2PMH8I1qE9udw1nMlg==
content-length: 0
date: Tue, 06 Jul 2021 14:56:25 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 pubads_impl_2021063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F43A 329 KB
115 KB 88ms
31ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

99e3d0a0f7b92b109c9c21035daef51486ff1ed73b5a3bdbe5b487e5619d8240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 08:36:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117131
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:25 GMT

POST
H2 200 bulk Show response
connect.thelead.tech/event/ Frame F43A 77 B
239 B 704ms
226ms XHR
application/json 202.183.165.228
CSLOXINFO-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.thelead.tech/event/bulk

Requested by

Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.228 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),

Reverse DNS

p354-nasbkkST3.C.csloxinfo.net

Software

nginx/1.19.2 /

Resource Hash

beb1eb290dc95e73d9346fa7bc87a4b272f875740f39753849543e7d65b260b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Jul 2021 14:56:25 GMT
vary: Origin
server: nginx/1.19.2
content-length: 77
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

GET
H2 200 angular.min.js Show response
my.kapook.com/angular/1.3.15/ Frame F43A 123 KB
47 KB 233ms
230ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/angular/1.3.15/angular.min.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:24:24 GMT
etag: W/"5c492fe8-1ebd5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 angular-aria.min.js Show response
my.kapook.com/angular/1.3.15/ Frame F43A 3 KB
2 KB 237ms
233ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/angular/1.3.15/angular-aria.min.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:24:24 GMT
etag: W/"5c492fe8-d05"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 angular-sanitize.min.js Show response
my.kapook.com/angular/1.3.15/ Frame F43A 6 KB
3 KB 237ms
233ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/angular/1.3.15/angular-sanitize.min.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

1c37b9f272a717c741e9294666fec7c6f3bdfb63ca3544803f4770668047c788

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:24:24 GMT
etag: W/"5c492fe8-17c0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 angular-resource.min.js Show response
my.kapook.com/angular/1.3.15/ Frame F43A 3 KB
2 KB 237ms
234ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/angular/1.3.15/angular-resource.min.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

fc856d4345031aa1129a23530aa157b64f231ae829b8e1954a2c80ae14ac9d71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:24:24 GMT
etag: W/"5c492fe8-dfe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 fontface.css
my.kapook.com/fonts/display/ Frame F43A 326 B
701 B 235ms
234ms Stylesheet
text/css 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/fonts/display/fontface.css

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

bd14d25fb8b5f98af810efea7049fad966e15e3c4bae892398398cacf2950e19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
last-modified: Thu, 24 Jan 2019 03:24:26 GMT
etag: "5c492fea-146"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 326
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 relate_th.css
my.kapook.com/css/ Frame F43A 3 KB
1 KB 235ms
234ms Stylesheet
text/css 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/css/relate_th.css

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

786c04f75c9e13cec3f0aceccba3e6a87d9e1dff0a905fbf89c32ec104793c88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:24:25 GMT
etag: W/"5c492fe9-b0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 headLoadComplete.js Show response
my.kapook.com/jquery/ Frame F43A 2 KB
886 B 230ms
230ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/jquery/headLoadComplete.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

1cf1f7132ec2b6e9966d683b1fe193d130ae40191ec77e5449f3c3de6cb4456c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:48:34 GMT
etag: W/"5c493592-646"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

POST
H/1.1 200
OK / Show response
pebed.dm-event.net/ Frame F43A 15 B
296 B 100ms
30ms Fetch
application/json 188.65.124.59
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL: https://pebed.dm-event.net/
Requested by: Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.65.124.59 Puteaux, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS: ebed2.dm.gg
Software: edward-ed/2.0.4 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 06 Jul 2021 14:56:25 GMT
Server: edward-ed/2.0.4
Access-Control-Max-Age: 604800
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Encoding
Content-Length: 15

GET
H/1.1 200
OK 5d5cee4ac52b3f494eabac4d Show response
api.pxl.dailymotion.com/players/ Frame F43A 926 B
1 KB 99ms
31ms XHR
application/json 188.65.124.90
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pxl.dailymotion.com/players/5d5cee4ac52b3f494eabac4d?fields=config

Requested by

Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

188.65.124.90 Puteaux, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

fp.dc3.dailymotion.com

Software

nginx/1.15.6 /

Resource Hash

f651e0344ed67b104b79c3b8cfb88260a7f5bc6bc9ed9a70737ac09b7bdc7289

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:25 GMT
Content-Encoding: gzip
Vary: Origin
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Length: 444
X-Dm-Lb-Name: icscale-01-01
Expires: Tue, 06 Jul 2021 14:59:46 GMT
Last-Modified: Fri, 12 Jun 2020 13:48:43 GMT
Server: nginx/1.15.6
Access-Control-Max-Age: 0
Access-Control-Allow-Methods: DELETE, PUT, PATCH, POST, HEAD, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://hilight.kapook.com
Access-Control-Expose-Headers
Cache-Control: max-age=600,must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, X-HTTP-Method-Override, Content-Type, Accept
X-Proxy-Cache: HIT

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ Frame F43A 20 KB
7 KB 83ms
26ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 01:29:24 GMT
Server: nginx/1.18.0
ETag: "5fa203f4-51a4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=857870
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6437
Expires: Fri, 16 Jul 2021 13:14:15 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ Frame F43A 8 KB
3 KB 83ms
27ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: ucqemggd.shemrockiddies.com
URL: http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.18.0
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=799553
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
Expires: Thu, 15 Jul 2021 21:02:18 GMT

POST
H3-29 200 /
www.facebook.com/tr/ Frame F43A 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary1KOsInEoJBKHIT9F

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 06 Jul 2021 14:56:25 GMT
content-type: text/plain
access-control-allow-origin: https://hilight.kapook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame F43A 0
118 B 82ms
36ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hilight.kapook.com
date: Tue, 06 Jul 2021 14:56:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F43A 249 B
933 B 67ms
27ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

92929f05dc49f9f17e9e9e3853393180471a286f71c45524cdf3178e898e92d1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:25 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 137ac926-0415-49e3-91f3-2fdfe604aea1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://hilight.kapook.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 249
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame F43A 688 B
1 KB 1087ms
283ms XHR
application/json 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1625583385193&ver=2&hb=1&output=js&pub=2768&zone=68404&url=http%253A%252F%252Fucqemggd.shemrockiddies.com%252F&width=1&height=1&vpw=1600&vph=1200&callback=json&callback_uid=13cf18e01e91563&auction=e9d61d77-bdf7-4a08-9721-2ff1139fb7b4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 7fc05c656ae179292fd84fad3fc774a2ad0ddec146c58dfd6ec7825bf3279c89

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 14:56:26 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://hilight.kapook.com
Access-Control-Max-Age: 86400
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 420
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame F43A 688 B
1 KB 1293ms
474ms XHR
application/json 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1625583385194&ver=2&hb=1&output=js&pub=2768&zone=68404&url=http%253A%252F%252Fucqemggd.shemrockiddies.com%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=1409c044e5e0e98&auction=e9d61d77-bdf7-4a08-9721-2ff1139fb7b4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 6294eb822b5c5671148e911684409051ae7016f16fa5825797dbaa17f69d6d02

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 14:56:26 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://hilight.kapook.com
Access-Control-Max-Age: 86400
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 420
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame F43A 687 B
1 KB 3310ms
2464ms XHR
application/json 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1625583385194&ver=2&hb=1&output=js&pub=2768&zone=68422&url=http%253A%252F%252Fucqemggd.shemrockiddies.com%252F&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=150068758d61643&auction=e9d61d77-bdf7-4a08-9721-2ff1139fb7b4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 6ff7ba0f826e15f429fd80aeeb81b3d38d0327b974444f036669caa6163a8cc2

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 14:56:26 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://hilight.kapook.com
Access-Control-Max-Age: 86400
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 420
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame F43A 862 B
1 KB 1379ms
289ms XHR
application/json 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1625583385194&ver=2&hb=1&output=js&pub=2768&zone=68419&url=http%253A%252F%252Fucqemggd.shemrockiddies.com%252F&width=970&height=250&vpw=1600&vph=1200&callback=json&callback_uid=1672f292f6b54e9&auction=e9d61d77-bdf7-4a08-9721-2ff1139fb7b4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 477eec233ceefe3c2b65025b45bea43a5d932066192d2e247e15a25c7801d2e4

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 14:56:26 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://hilight.kapook.com
Access-Control-Max-Age: 86400
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 463
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ Frame F43A 687 B
1 KB 1574ms
279ms XHR
application/json 149.129.240.178
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1625583385194&ver=2&hb=1&output=js&pub=2768&zone=68422&url=http%253A%252F%252Fucqemggd.shemrockiddies.com%252F&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=17a11a93a7009b1&auction=e9d61d77-bdf7-4a08-9721-2ff1139fb7b4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 87967d55d6cfe0b0cdd78fc9295fc9f6255bb2f8eafc994abc3fcfab327457e1

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 14:56:26 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://hilight.kapook.com
Access-Control-Max-Age: 86400
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 419
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ Frame F43A 59 B
726 B 750ms
199ms Script
application/javascript 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 5e7b018ebac6543fb47d79b97dde5dc7cf5ab5638d53a1c6bcefdf5bcb5b7797

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 14:56:25 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: application/javascript
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 8kV4ZUEosSs.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/2,cross/ Frame BE4A 942 B
643 B 11ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/2,cross/8kV4ZUEosSs.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ca7381c3c978%26domain%3Dhilight.kapook.com%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff2312f2222550b4%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

08a0d5ca25d877c9468ac0c090ade201aa7216d1cc8d780b34a77530507de330

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Kn9Q9Bzb2gQzEBNTgL4juQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 450
x-fb-rlafr: 0
x-fb-debug: 0rIUiutzxwSW9KatlYHHTe1mEIyNFjoNXOPGxODNg+M63Eb3omWAru/fWrl72b4qCS9gX2RbdAqeC1S+UondZQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 04 Jul 2022 17:52:40 GMT

GET
H2 200 5tfKlAr2zsp.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/2,cross/ Frame BE4A 128 KB
21 KB 14ms
10ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/2,cross/5tfKlAr2zsp.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3dcc234e328ebc4a0f55f89a38b103af33f0dc227d1257b2e5ec0d173886d0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XE6fU3t1p0+Fs9tw3tAFvQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20913
x-fb-rlafr: 0
x-fb-debug: 5Tyo4DmCzDzg7PE95hQyY2W0fNhCdKojaZchyhw+4P3dsiNM5KVAHrPpe3rz0rIahot5OSzzNMUcfAE3xhBPYw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 01 Jul 2022 22:42:02 GMT

GET
H2 200 _7Fp1_8TZ3D.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame BE4A 299 KB
81 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/_7Fp1_8TZ3D.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c53c5edc42ac6fa5434fe633999ddceafdd508bfebbe5715a8c0a604e676dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: trBbjcKAQZ2mHCh0FttDUQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 82939
x-fb-rlafr: 0
x-fb-debug: 2ffiZ/Mufg15m+cbyqKgC7RRCNCtj5mvUB+bIYDvOlFWfGbK6DsT5yRQ0pwHXSYjf/Uo1g3gP7jAn3HS9VpgoA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:15:38 GMT

GET
H2 200 k-3XR1vJ4fY.js Show response
static.xx.fbcdn.net/rsrc.php/v3i_oH4/yK/l/th_TH/ Frame BE4A 157 KB
44 KB 14ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i_oH4/yK/l/th_TH/k-3XR1vJ4fY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

554bd0321fddc3a9f62fb0dea40cc6603f7b315a9bec1ee578fb614a47c217cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RDp5w3z+p3sFMRkcFTOALw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44416
x-fb-rlafr: 0
x-fb-debug: LzosW+GqJuVt6ou+a+rKyW88PVnKcPbwd847oaFWnasZA9/6F/L3xAaS8xs+oN4nWsUYmKyr6AQkvjdg4Zr5Rw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 01 Jul 2022 18:53:01 GMT

GET
H2 200 tl2mTgCPej3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame BE4A 36 KB
12 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/tl2mTgCPej3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6cf66dfe6d3fe08050c95a346b87c6336b3e9804508bd2c45b208f425f719d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WTGtwSPHp0Qoe+pXP7yynQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11725
x-fb-rlafr: 0
x-fb-debug: Q1KbKbKY/zhMVcnr1hHCBwdzlUEjLsUykL24v56nTKOSUuZyrIpAjruW3ar3MSPdN3hTuolaytN5ShnydN4HUg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 02 Jul 2022 00:02:42 GMT

GET
H2 200 x0_NGgN-uXe.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame BE4A 6 KB
2 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/x0_NGgN-uXe.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad1c5a5d967afa5be6fc81e20c24fbcbfce88bea3e8dc948d6cdfa6622c840bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VuPxNKzHcYPUvXmL6+B7jg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1995
x-fb-rlafr: 0
x-fb-debug: E25KrExOONsw3ABiMIPHc3YG80n/r9/QWZSooP16eo2pUlu6sosWYDgwK+n78M8MjfG5X7dhM+o4lfyx4FtS2A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Jul 2022 23:57:36 GMT

GET
H2 200 7jK0tMFCk-B.js Show response
static.xx.fbcdn.net/rsrc.php/v3ictc4/ym/l/th_TH/ Frame BE4A 1 MB
326 KB 23ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ictc4/ym/l/th_TH/7jK0tMFCk-B.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b383e84b0e8607042d7d5ad553927915eada5e27451a3028817e65007eec308e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3O8ld+Ak9SUc0lMBWoHieg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 333146
x-fb-rlafr: 0
x-fb-debug: K7dhD6XFM4iFtrUFfEhborzNeJB8w4ZlI3YBax3y4J71+wTAiQqZeVg7JMID52xQFRZeGzkE20x6yRP2FsOcFA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 04 Jul 2022 21:02:48 GMT

GET
H2 200 okhvk7_ek8z.js Show response
static.xx.fbcdn.net/rsrc.php/v3ijN54/yV/l/th_TH/ Frame BE4A 38 KB
11 KB 22ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ijN54/yV/l/th_TH/okhvk7_ek8z.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22960b6325e3fc25c9ab5514e6d41773c5099adf5b9badb8f98ab8a4fa50b0e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sdgtRCmPGwzB8l8H56fCCA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11497
x-fb-rlafr: 0
x-fb-debug: Y9J4ctgv4tw2CEIgqpyu6jrJkaHuNcXPZ+OKgeUAQaE7nGiRitxTxZRHWJBQiB9SNUPkLHDxuAleRgo4rT/wyw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 30 Jun 2022 04:59:57 GMT

GET
H2 200 app_t.js Show response
my.kapook.com/angular/app/content_relate/js/ Frame F43A 9 KB
2 KB 231ms
230ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/angular/app/content_relate/js/app_t.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

2f54e8a76f78dc7236969087cfef1e06b5ef42fc4f96ab8c5dd29180e36267ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: gzip
last-modified: Thu, 24 Jan 2019 03:24:25 GMT
etag: W/"5c492fe9-258d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 signin-drt.js Show response
my.kapook.com/signin_2020/js/ Frame F43A 3 KB
2 KB 231ms
231ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/signin_2020/js/signin-drt.js

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
content-encoding: gzip
last-modified: Wed, 20 May 2020 08:35:07 GMT
etag: W/"5ec4ebbb-c3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 / Show response
graph.facebook.com/v2.3/ Frame F43A 264 B
692 B 72ms
58ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v2.3/?id=https://hilight.kapook.com/view/122112&fields=og_object{engagement}&access_token=222400011275296|668e04dcb5543692e87188b1e4d8c92f&callback=jQuery19105578250264680016_1625583384034&_=1625583384035

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

10e4e209a85c75e0d723c863f998aba93b2ded69eef16cf026b8be6d0d7bab00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "1d21e8fb4d6549ad320457ef69de11353a76922a"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
x-fb-rev: 1004078508
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 184
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: bWiBgHSoENyRqTSKFl1TXaT/qW/0BKvuxGcp/dkcRx94Q90ijuoeMuv0WSQ/HBY2kSXAL6og1oB+GZkudhb9NA==
x-fb-trace-id: D7ormRjeOKQ
date: Tue, 06 Jul 2021 14:56:25 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AnhgnE6BQGb6en5xzZeYMii
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.3
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 4vSS-ujAKMP.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame BE4A 51 KB
51 KB 7ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/4vSS-ujAKMP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/2,cross/5tfKlAr2zsp.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/2,cross/5tfKlAr2zsp.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: SPazRB2OmKyt02EWuoLjaA5XeqD9a8FzQbeTzzMOq6nkjLdmcIXsVHZjYZTcY7Yxp7NxrZ4PvWY6BkVLK60KrQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: umwqwUgDRbunxPVSLaal0g==
date: Tue, 06 Jul 2021 14:56:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 52671
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
x-fb-rlafr: 0
expires: Thu, 30 Jun 2022 03:53:20 GMT

GET
H3-29 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame BE4A 1 KB
1 KB 6ms
6ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: jx3Juaw64p6ZbvWCJA7xy1b96GbBz13TjnlOLagvSfxTh1RzuAbWu+ompKA5AlLXNWp/+WczI7vxePjNC9QxOA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
date: Tue, 06 Jul 2021 14:56:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1131
x-fb-rlafr: 0
expires: Wed, 29 Jun 2022 05:44:48 GMT

GET
H2 200 my-profile.html Show response
my.kapook.com/signin_2020/templates/ Frame F43A 1 KB
2 KB 233ms
231ms XHR
text/html 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/signin_2020/templates/my-profile.html

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/angular/1.3.15/angular.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

d3b3a603c3c709ff564c8f2e3ea5703116008e997674664f3f341ead54bd6958

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept: application/json, text/plain, */*
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
last-modified: Thu, 04 Jun 2020 08:52:41 GMT
etag: "5ed8b659-4b4"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 1204
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

OPTIONS
H2 200 me
api-center.kapook.com/v1/market/ Frame 0
0 1172ms
235ms Preflight
application/json 202.183.165.85
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-center.kapook.com/v1/market/me
Protocol: H2
Server: 202.183.165.85 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p211-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: kuid
Origin: https://hilight.kapook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-type: application/json; charset=UTF-8
content-length: 21
vary: Accept-Encoding
access-control-allow-origin: https://hilight.kapook.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-headers: X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin

GET
H2 200 me Show response
api-center.kapook.com/v1/market/ Frame F43A 55 B
570 B 246ms
244ms XHR
application/json 202.183.165.85
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-center.kapook.com/v1/market/me
Requested by: Host: my.kapook.com
URL: https://my.kapook.com/angular/1.3.15/angular.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.183.165.85 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p211-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f

Request headers

Accept: application/json, text/plain, */*
Kuid
Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hilight.kapook.com
access-control-allow-credentials: true
access-control-allow-headers: X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
content-length: 79

GET
H2 200 ic_create.svg
my.kapook.com/signin_2017/svg/ Frame F43A 630 B
1012 B 232ms
231ms Image
image/svg+xml 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/signin_2017/svg/ic_create.svg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
last-modified: Thu, 24 Jan 2019 03:48:35 GMT
etag: "5c493593-276"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 630
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 ic_settings.svg
my.kapook.com/signin_2017/svg/ Frame F43A 1 KB
1 KB 232ms
231ms Image
image/svg+xml 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/signin_2017/svg/ic_settings.svg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
last-modified: Thu, 24 Jan 2019 03:48:35 GMT
etag: "5c493593-476"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 1142
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 sign-out.svg
my.kapook.com/signin_2017/svg/ Frame F43A 709 B
1 KB 232ms
232ms Image
image/svg+xml 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/signin_2017/svg/sign-out.svg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
last-modified: Thu, 24 Jan 2019 03:48:35 GMT
etag: "5c493593-2c5"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 709
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H2 200 switch2.svg
my.kapook.com/portal_config_desktop/header/svg/ Frame F43A 756 B
1 KB 230ms
229ms Image
image/svg+xml 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.kapook.com/portal_config_desktop/header/svg/switch2.svg

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://my.kapook.com/css/portal/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
last-modified: Thu, 24 Jan 2019 03:48:35 GMT
etag: "5c493593-2f4"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 756
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:25 GMT

GET
H/1.1

200
OK

/
avd.innity.com/sync/ Frame F43A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1625583385983
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1625583385983
https://avd.innity.com/sync/?partner=appnexus&token=2851905031281157622&type=cookie&itmcb=1625583385983

43 B
471 B

968ms
618ms

Image
image/gif

119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=appnexus&token=2851905031281157622&type=cookie&itmcb=1625583385983
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
Last-Modified: Tue, 06 Jul 2021 14:56:26 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2a4c7f0d-66cc-4361-a747-fd0b6dbf3342
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://avd.innity.com/sync/?partner=appnexus&token=2851905031281157622&type=cookie&itmcb=1625583385983
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/sync/ Frame F43A 43 B
471 B 976ms
623ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=8c1c70b2e1378515f35ba17f883d21e8&type=cookie&itmcb=1625583385983
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 10.d8.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
Last-Modified: Tue, 06 Jul 2021 14:56:26 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame F43A 107 B
853 B 36ms
13ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hilight.kapook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F43A 107 B
570 B 41ms
19ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F43A 51 KB
16 KB 345ms
344ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1994118335866282&correlator=2512865398802573&output=ldjh&impl=fifs&eid=31061160%2C31061663%2C31061744&vrg=2021063001&ptt=17&sc=1&sfv=1-0-38&ecs=20210706&iu_parts=16357739%2CBloomblock_Hilight_300x250_ATF_(18)%2CHilight_news_300_2_PC%2Chilight_news_728_pc%2Chilight_news_970_pc%2C1px_hilight_PC_inread%2Cskin_hilight%2Cgallery_desktop_728&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=1x1%7C300x250%2C300x250%7C1x1%7C300x600%2C728x90%7C1x1%2C970x250%7C1x1%2C1x1%2C1x1%7C1500x900%2C728x90%7C1x1&prev_scp=pwtsid_pubmatic%3D234553ff2bc261e%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D24d70cac8547b25%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D257daf8526ea597%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D260cf2461470946%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2759f5bcb699721%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D28e554429e40ccc%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2928e334a8d3b69%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&cdm=hilight.kapook.com&bc=23&abxe=1&lmt=1625583386&dt=1625583386157&dlt=1625583383551&idt=1593&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=1069%2C1069%2C436%2C315%2C231%2C100%2C-9&adys=374%2C452%2C1953%2C342%2C1834%2C301%2C-9&adks=3445020646%2C719977154%2C937166789%2C4208516631%2C1060165196%2C1675199816%2C509936929&ucis=83yrud851y19%7Ct66622obda3s%7Chizxmjkw0h9k%7Czcmqcua7cyz2%7Cnucq1wt2v124%7Cxoog34pig5a3%7Ciska4a8kyxia&ifi=1&ifk=3834433620&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&ref=http%3A%2F%2Fucqemggd.shemrockiddies.com%2F&top=http%3A%2F%2Fucqemggd.shemrockiddies.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x1470%7C300x1470%7C728x-1%7C1138x32%7C798x1460%7C1500x-1%7C0x-1&msz=300x0%7C300x250%7C728x-1%7C1002x32%7C798x0%7C1500x-1%7C0x-1&ga_vid=1029418554.1625583384&ga_sid=1625583386&ga_hid=764393361&ga_fc=false&fws=256%2C768%2C256%2C256%2C256%2C768%2C258&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

36c54d119c4dac44eaa992a8992a11268140fca91322ac51b4413c39fa5f4189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16838
x-xss-protection: 0
google-lineitem-id: 5409938773,5446139414,5410249604,5409937915,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138315522807,138319434761,138315487331,138315522582,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BEE7 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hilight.kapook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hilight.kapook.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 06 Jul 2021 14:56:26 GMT
expires: Wed, 06 Jul 2022 14:56:26 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0559 38 KB
14 KB 28ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hilight.kapook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hilight.kapook.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=61597
expires: Wed, 07 Jul 2021 08:03:03 GMT
date: Tue, 06 Jul 2021 14:56:26 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0559 4 KB
4 KB 66ms
19ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29213966&p=156743&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 771912bed15be8133c5c30a277e41fc160de85b19c6ace465ed6f9fe4dbdd052

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame AF07
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=F75F9305-09C1-416C-A605-43646CEDDC16
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F75F9305-09C1-416C-A605-43646CEDDC16

35 B
468 B

32ms
31ms

Document
image/gif

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F75F9305-09C1-416C-A605-43646CEDDC16

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=F75F9305-09C1-416C-A605-43646CEDDC16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 06 Jul 2021 14:56:26 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=8841190337075136926; expires=Sat, 04 Sep 2021 14:56:26 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 06 Jul 2021 14:56:26 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F75F9305-09C1-416C-A605-43646CEDDC16
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Fri, 06 Aug 2021 14:56:26 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame A06E
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCdjEwN0J5TjRBQURYSEhTU2hYdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

37ms
37ms

Document
image/gif

34.246.39.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AABv107ByN4AADXHHSShXw; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 06 Jul 2021 14:56:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Tue, 06 Jul 2021 14:56:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
set-cookie: IDE=AHWqTUn5i28ZVzUy8lN21DFs9089XDwanrPHNyIKK4T93jaGYSzvlSa5JoHkL1z4uFI; expires=Sun, 31-Jul-2022 14:56:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame E252 43 B
338 B 77ms
22ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 06 Jul 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1294
date: Tue, 06 Jul 2021 14:56:26 GMT
content-length: 43

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame E18E 43 B
408 B 66ms
21ms Document
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-mon-1.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 06 Jul 2021 14:56:26 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-2
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 1E1E 0
44 B 299ms
99ms Document
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Tue, 06 Jul 2021 14:56:25 GMT
server: b

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0559
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=91-TBQnBQWymBUNkbO3cFg%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=91-TBQnBQWymBUNkbO3cFg%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

26ms
25ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=38378
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 07 Jul 2021 01:36:04 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame 0559 0
66 B 69ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=F75F9305-09C1-416C-A605-43646CEDDC16
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=76ae60e4-6f1a-4400-9a5f-03d028043279

0
260 B

66ms
20ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=76ae60e4-6f1a-4400-9a5f-03d028043279
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 06 Jul 2021 14:56:29 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=76ae60e4-6f1a-4400-9a5f-03d028043279
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 06 Jul 2021 14:56:28 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc1RjkzMDUtMDlDMS00MTZDLUE2MDUtNDM2NDZDRUREQzE2&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc1RjkzMDUtMDlDMS00MTZDLUE2MDUtNDM2NDZDRUREQzE2&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
341 B

64ms
19ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:402
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKJNJPlEG3Qi4UhN1sjoyu4&google_cver=1

42 B
362 B

64ms
20ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKJNJPlEG3Qi4UhN1sjoyu4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:386
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKJNJPlEG3Qi4UhN1sjoyu4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 0559 43 B
609 B 80ms
24ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 05 Jul 2021 14:56:26 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7433541427833917502&gdpr=0&gdpr_consent=&us_privacy=

1 B
481 B

89ms
28ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7433541427833917502&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:445
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7433541427833917502&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 06 Jul 2021 14:56:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=111a7cf2-c531-49de-bae7-c516c96b3819

42 B
292 B

29ms
28ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=111a7cf2-c531-49de-bae7-c516c96b3819
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:494
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=111a7cf2-c531-49de-bae7-c516c96b3819
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YORvGgACkXaeOgA4&gdpr=0&gdpr_consent=&_test=YORvGgACkXaeOgA4

1 B
238 B

29ms
26ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YORvGgACkXaeOgA4&gdpr=0&gdpr_consent=&_test=YORvGgACkXaeOgA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:496
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1625583387.526693,VS0,VE0
x-served-by: cache-hhn4072-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YORvGgACkXaeOgA4&gdpr=0&gdpr_consent=&_test=YORvGgACkXaeOgA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:05a060e4-6f1a-4b00-9bec-82bf4b8f2c24&gdpr=0&gdpr_consent=

42 B
357 B

38ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:05a060e4-6f1a-4b00-9bec-82bf4b8f2c24&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:566
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 06 Jul 2021 14:56:29 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:05a060e4-6f1a-4b00-9bec-82bf4b8f2c24&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 06 Jul 2021 14:56:28 GMT

GET
H2 200 F75F9305-09C1-416C-A605-43646CEDDC16
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0559 43 B
839 B 113ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/F75F9305-09C1-416C-A605-43646CEDDC16?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F75F9305-09C1-416C-A605-43646CEDDC16&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F75F9305-09C1-416C-A605-43646CEDDC16&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mIaSWLJE2uXXm7gLqKwApXgtPZzY0oY-~A&gdpr=0&gdpr_consent=

0
128 B

24ms
20ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mIaSWLJE2uXXm7gLqKwApXgtPZzY0oY-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 06 Jul 2021 14:56:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mIaSWLJE2uXXm7gLqKwApXgtPZzY0oY-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2851905031281157622&gdpr=0&gdpr_consent=

42 B
366 B

63ms
20ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2851905031281157622&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:25 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:430
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 914fdc09-7404-4f48-8418-aecdc7ce0c6e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2851905031281157622&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 0559 0
104 B 105ms
63ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F75F9305-09C1-416C-A605-43646CEDDC16&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:26 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 0559 0
88 B 489ms
103ms Image
text/plain 52.207.62.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.62.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
203 B

24ms
19ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:527
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:26 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=62649fb2-6671-4eb1-9e60-f7076ea3c504
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk81b66d77-276b-48b0-85e1-89fb0f021e91&expires=7&user_group=5&ssp=pubmatic&bsw_param=62649fb2-6671-4eb1-9e60-f7076ea3c504
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=62649fb2-6671-4eb1-9e60-f7076ea3c504&gdpr=&gdpr_consent=&gdpr_pd=

1 B
337 B

26ms
26ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=62649fb2-6671-4eb1-9e60-f7076ea3c504&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:459
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=62649fb2-6671-4eb1-9e60-f7076ea3c504&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 06 Jul 2021 14:56:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0559
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=56f0e752-de6a-11eb-98c1-f311d18549d8&gdpr=0&gdpr_consent=

1 B
373 B

27ms
26ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=56f0e752-de6a-11eb-98c1-f311d18549d8&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:371
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=56f0e752-de6a-11eb-98c1-f311d18549d8&gdpr=0&gdpr_consent=
Date: Tue, 06 Jul 2021 14:56:26 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 56f0e753-de6a-11eb-98c1-f311d18549d8

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame 0559
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_DFCC9C69_AE034A1F&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

134ms
132ms

Image
image/gif

204.2.255.233
NTT-COMMUNICATION...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.255.233 , United States, ASN2914 (NTT-COMMUNICATIONS-2914, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-308570187; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:26 GMT
Cache-Control: no-cache
Expires: -1
Content-Length: 43
Strict-Transport-Security: max-age=-308570187; includeSubDomains
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Tue, 06 Jul 2021 14:56:27 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:482
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ Frame F43A 34 KB
13 KB 276ms
275ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/kapook_th.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Tue, 06 Jul 2021 15:56:26 GMT

GET
H/1.1 200 recommend Show response
th.popin.cc/popin_discovery/ Frame F43A 208 KB
42 KB 1349ms
553ms Script
application/javascript 119.63.197.150
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://th.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&&device=pc&media=kapook.com&extra=windows&agency=popinag&topn=200&ad=100&r_category=all&redirect=true&country=th&alias=kapook_task&uid=091e9f45569ceb451a91625576186347&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6Imh0dHA6Ly91Y3FlbWdnZC5zaGVtcm9ja2lkZGllcy5jb20vIiwidXNlcl90ZF9wYXRoIjoiL3ZpZXcvMTIyMTEyIiwidXNlcl90ZF9jaGFyc2V0IjoidXRmLTgiLCJ1c2VyX3RkX2xhbmd1YWdlIjoiZW4tdXMiLCJ1c2VyX3RkX2NvbG9yIjoiMjQtYml0IiwidXNlcl90ZF90aXRsZSI6IiVFMCVCOCVBMyVFMCVCOCVCMCVFMCVCOCU5NyVFMCVCOCVCNiVFMCVCOCU4MSUyMCVFMCVCOCVBMSVFMCVCOCVBRCVFMCVCOSU4MCVFMCVCOCU5NSVFMCVCOCVBRCVFMCVCOCVBMyVFMCVCOSU4QyVFMCVCOSU4NCVFMCVCOCU4QiVFMCVCOCU4NCVFMCVCOSU4QyVFMCVCOCU4QSVFMCVCOCU5OSVFMCVCOCU5NyVFMCVCOSU4OSVFMCVCOCVCMiVFMCVCOCVBMiVFMCVCOSU4MCVFMCVCOCU4MSVFMCVCOSU4QiVFMCVCOCU4NyUyMCVFMCVCOCVBMyVFMCVCOSU4OCVFMCVCOCVCMiVFMCVCOCU4NyVFMCVCOCU5RSVFMCVCOCVCOCVFMCVCOSU4OCVFMCVCOCU4NyVFMCVCOCU5NyVFMCVCOCVCMCVFMCVCOCVBNSVFMCVCOCVCOCVFMCVCOCU4MSVFMCVCOCVBMyVFMCVCOCVCMCVFMCVCOCU4OCVFMCVCOCU4MSVFMCVCOCVBQiVFMCVCOCVBNSVFMCVCOCVCMSVFMCVCOCU4Ny0lRTAlQjglQUQlRTAlQjglQjIlRTAlQjglODElRTAlQjglQjIlRTAlQjglQTMlRTAlQjglQUElRTAlQjglQjIlRTAlQjglQUIlRTAlQjglQjElRTAlQjglQUElMjAoJUUwJUI4JUExJUUwJUI4JUI1JUUwJUI4JTg0JUUwJUI4JUE1JUUwJUI4JUI0JUUwJUI4JTlCKSIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly9oaWxpZ2h0LmthcG9vay5jb20vdmlldy8xMjIxMTIiLCJ1c2VyX3RkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidXNlcl90ZF9ob3N0IjoiaGlsaWdodC5rYXBvb2suY29tIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTYyNTU4MzM4NjM0OCwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&alg=ltr&callback=_p6_93d890079569
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/kapook_th.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.197.150 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: e722ae42174ea606dabbf73ba46d5858302a53dc4409688d01eccdbeacbba543

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:27 GMT
Content-Encoding: gzip
Server: nginx/1.13.5
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ Frame F43A 160 KB
44 KB 767ms
500ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/kapook_th.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 149ffde0cc4b2f720a361d1198d61319766bc657e7a6ee9dbc36bce8d131a6f4

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 05:29:34 GMT
Server: nginx
ETag: W/"f79eec0db79e4ee72508fa8efd009240"
X-Cache-Status: HIT from 10.252.55.25
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: jEbzWfZyhCQGPbOuuiAnvhe2d7E0IQE3
Expires: Tue, 06 Jul 2021 15:56:26 GMT

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ Frame F43A 66 B
347 B 1902ms
270ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0ZF9ob3N0IjoiaGlsaWdodC5rYXBvb2suY29tIiwidGRfdXJsIjoiaHR0cHM6Ly9oaWxpZ2h0LmthcG9vay5jb20vdmlldy8xMjIxMTIiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwibWVkaWEiOiJrYXBvb2siLCJ0eXBlIjoxMH0=&t=1625583386341
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2855 0
0 73ms
72ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucK5rih8IUUDeS8Di3xNRi9glfj61XwddcGzFmljKzLDMinoydf5bSedlrokUzhOgrojMfRLqHxW_xxKdb8-_jEt73zPOnlWydKWFBBzkKsCdT9AEgtChIwhozKNbXaYnXjs7zTP1hcPftdF5m-JqwGFLo2YgV8F6QsC7qYqO8eE802PCcbEtWwLISjuTilhY5CibMfGwaHdFjwmq7SHDEbOaxeHN1IJ9cGg1AyA3EXEqUHoNvhYkej50Q74G9GRjvexFODDokHAuy1zzCn8cewFKevE1gTZJjavzfJMgEP6qlUH3pF7OqSRvF64xuNVXmmdjtHbkCSYlRKn4m&sig=Cg0ArKJSzJhjZuT6gD3kEAE&urlfix=1&adurl=

Requested by

Host: ucqemggd.shemrockiddies.com
URL: http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 2855 236 KB
63 KB 254ms
22ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 06 Jul 2021 15:11:26 GMT

GET
H2 200 300x250.js Show response
i.kapook.com/gorralit/kapookmarket1/300x250/ Frame 2855 25 KB
6 KB 236ms
230ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/300x250.js?1593430650619

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 12:17:35 GMT
etag: W/"5ef9dbdf-65d2"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2855 123 KB
37 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a35708a776c4c51024ec463b3d21d04b1007cfc8286309c13ded97a4119e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625225346277716"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37896
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:26 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA4E 0
0 61ms
60ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_u5x5u0uD-YGgfIDe_iMVzg-FT_wKY2k4OGIKiYYqDC0y29dSrkTTH9KIUpZ3TPy6w3elGuprJw0z56sx_pGdNHqcYwzt-iB_LCvw8neT9kGQG-2-8sfFx_X3SYYu02fqsLE2XMKBHlW6mrdESBmjjjFpQOkocp8ZLQd3RKfaDHRGvInWV7_4zHpqtNti6DgfC9vFyGfFQuvxL45lYj6xtXq0W-lij_qkmkr01AG6g1S6khHg53q5DiXrog6WTHCkwsSQol_Zhg66TcNpp38EhsTOnqmyANvnAifnw1T7FjQGtLIgojxlbNjHXFVhHrz3J6jc&sig=Cg0ArKJSzFjjIMHjuWQUEAE&urlfix=1&adurl=

Requested by

Host: ucqemggd.shemrockiddies.com
URL: http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK 22392.js Show response
ads.rubiconproject.com/ad/ Frame EA4E 30 KB
9 KB 241ms
24ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/22392.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: a969a9b32705092663a8c9019ac9835cf93fff0d525457961e309bf04dba1424

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:26 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=11884
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 8969
Expires: Tue, 06 Jul 2021 18:14:30 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA4E 123 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a35708a776c4c51024ec463b3d21d04b1007cfc8286309c13ded97a4119e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625225346277716"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37896
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:26 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F43A 72 KB
27 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4a89afd48453d83067f4f59988766d5bded647ac8e316bbb5fe7572bbce06c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625225358082386"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27725
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:26 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FD6D 0
0 63ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgHPeqySZMbcyU0LpJ5UhU-qGH6-wZWRY4hzPDh9sNFXX1BUQlpQZVDDHHZKb_UbueZicB0PNoeuuukjfp-N489U1MdDltGfqerEN4usPpwS8q-uywGDRXe6hLbpPzwUji7h7J5Oqk5JmLPrwue0HWAD1Zv_ycn47A_jvf_JtuUtwPO948EUlIv6C0i19hPSP8NGnhZ97mjnuwAqlRfmjBuxsfslyzPypqQiN37GJNA77kkZ5AExKQlA5Hpe6AZSbxW299pl7xevvTdOELpSCFRxrS3TBPUBK32kSJjgx3Yoe-ocTjx-CnhXg&sig=Cg0ArKJSzIwFlMTtKLGOEAE&urlfix=1&adurl=

Requested by

Host: ucqemggd.shemrockiddies.com
URL: http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame FD6D 236 KB
63 KB 216ms
26ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 06 Jul 2021 15:11:26 GMT

GET
H2 200 728x90.js Show response
i.kapook.com/gorralit/kapookmarket1/728x90/ Frame FD6D 25 KB
6 KB 236ms
233ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/728x90.js?1593426663539

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

5c3cce8b8b874c74b9689d26608f7ca173bbf1982a809be6ee9670ebb9c38824

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 12:11:54 GMT
etag: W/"5ef9da8a-658c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD6D 123 KB
37 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a35708a776c4c51024ec463b3d21d04b1007cfc8286309c13ded97a4119e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625225346277716"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37896
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:26 GMT

GET
H3-29 200 container.html Show response
fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1A00 6 KB
3 KB 24ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hilight.kapook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hilight.kapook.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 06 Jul 2021 14:56:26 GMT
expires: Wed, 06 Jul 2022 14:56:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK add_read_more Show response
in.treasuredata.com/js/v3/event/fe_monitor/ Frame F43A 89 B
316 B 434ms
106ms Script
application/javascript 3.220.135.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/fe_monitor/add_read_more?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1625583386640&data=eyJkZXZpY2UiOiJwYyIsInRkX2hvc3QiOiJoaWxpZ2h0LmthcG9vay5jb20iLCJ0ZF91cmwiOiJodHRwczovL2hpbGlnaHQua2Fwb29rLmNvbS92aWV3LzEyMjExMiIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJtZWRpYSI6ImthcG9vay5jb20iLCJjbGllbnRfaGVpZ2h0IjoxMjAwLCJ0eXBlIjoiY29udGFpbmVyTm90RmluZCJ9&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.135.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:27 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

POST
H/1.1 200 621.json Show response
id5-sync.com/g/v2/ Frame F43A 213 B
536 B 375ms
34ms XHR
application/json 152.228.227.62
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/621.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

152.228.227.62 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

20d0be66a529cbed9e874705a9e0c952779435ce77f2487051a1c58cab452f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://hilight.kapook.com
Date: Tue, 06 Jul 2021 14:56:26 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame F43A 0
223 B 1328ms
26ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://hilight.kapook.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame F43A 77 B
830 B 1136ms
42ms XHR
application/json 52.48.137.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8b73f79f43166ba34b6ce483b0fc63141fb9b53a5a1232631b3343953567734d

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:27 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache
x-server: 10.45.21.189
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 77
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame F43A 108 B
677 B 39ms
38ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 73e49d94d67ea6c5c05ce7dad75aa33c8345cd32ca13a328a95035682e12018b

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 06 Jul 2021 14:56:26 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Thu, 05 Aug 2021 14:56:26 GMT

GET
H/1.1 200
OK 1774396-15.js Show response
smarttag.rubiconproject.com/a/22392/330930/ Frame EA4E 2 KB
2 KB 436ms
91ms Script
text/javascript 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/22392/330930/1774396-15.js?&cb=0.9983216199319831&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2de3d37538d5f8e3d9fa1678dc15bd6a61063b444484b7ffd7cd6a9eca461c43

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:27 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=5
Content-Length: 1017
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
DATA 200
OK truncated
/ Frame 2855 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e80a7779750a3ac7ed483f5432e59cbae4a9cd4bdd9bbc4d61de080ff3fe7268

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 16 KB
17 KB 233ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/Bitmap1.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-40fd"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 16637
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2855 0
0 68ms
67ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssztvhwrGoZFi8sv4IZ7W7hwqMWQRAMcv4jEKWi1I2fGIFlpJJ2jKFFHptRWLydKoiy1Vxk8LPGTFExsvGkoOQMlQNi5vsTt-vmPNAdNLH_cyE7bmgTd9fxeetTriOsLmNr2ZibLkgt1q2GhnXUyW3GU0luctUcuWcvcNjr7uMkTwSI3nPz8pjADDRzoBZQsqQAduWHdV4x8GdDjMblfOrC2xLNRl1B4Kv15xpxka6jQphcQAD9RyB8X-L_ClSfzfIgaRX6frs_49-oJ4--X5rBebVBMFuujrdSASdOTLOr3enGdmGQsAkGp114CFNC0pU_xhz8T2zobJNWNkdRHJU&sig=Cg0ArKJSzGeddso4ptTNEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Jul 2021 14:56:27 GMT

GET
DATA 200
OK truncated
/ Frame FD6D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ae8b72c791fcc43fe1bc024947755c4616dfc2e1e4b8f8fcdd1797211e8a19e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 16 KB
17 KB 233ms
233ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/Bitmap1.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-40fd"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 16637
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FD6D 0
0 60ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUlj3uGRlf9bjUqyPGOHpOY9Em5ipbxcEdZge0eyYseeoNax-XJZCJ2YLMvBSwrZjPrIvxXv6Sp-W74JfrRHhpqxo9gHityddkv0LSAaWdb_23f5i-nUYJhgs3QwtW4NlUewd8Tm3iV8TWmdySO5t7nd0zNPmTod1WCWdxppJ7e1KZWlPSVs-Ug4736GG3B-pE1uTkH0BYBFlMKx0v32GDN38cNFaseUAyTZNKnlMBAxr2X4ADeg-MIcfNe5hVmjmPWrJYW8SItIXzXwVGMpgEjCEV4P0yuL1_Blhqz4USJkes9yNjywrbBbauDw&sig=Cg0ArKJSzAagWuKQIjRhEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Jul 2021 14:56:27 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1A00 22 KB
7 KB 48ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
URL: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 13:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 13:09:27 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1A00 236 KB
63 KB 22ms
18ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
URL: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 06 Jul 2021 15:11:27 GMT

GET
H2 200 970x250.js Show response
i.kapook.com/gorralit/kapookmarket1/970x250/ Frame 1A00 22 KB
5 KB 233ms
230ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/970x250.js?1593422211847

Requested by

Host: fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
URL: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

288f6e8c235a885732fe11fbb164377baa2a8571f7bb7d589cd575e1e1873031

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 12:01:38 GMT
etag: W/"5ef9d822-573b"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A00 123 KB
37 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
URL: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a35708a776c4c51024ec463b3d21d04b1007cfc8286309c13ded97a4119e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625225346277716"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37896
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:27 GMT

GET
H2 200 button.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 8 KB
8 KB 233ms
232ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/button.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1f17"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7959
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A00 0
0 65ms
60ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6eGdePuftS9HRT2d8_jccPE-WKnOaP6b1saMFv_ASZcfgvJ163wXryngsmiJ3dsgs_rF2-i9ShtWcxDL8-2G2qw6EI_5QKupU3GXQrmYf4UbUY3upme2-3721L-7PSdm3CMVGfU_r5tGfVfAUysgMqQsBWHJMFXeQ-5utuy88df7i2pQm0h33T5NsfVRUeQa5kr8BAsib6A1uAin5v2hbUspN7MU_L99SwEv8niFMXFZUYhyJIXUrnXKcT04sh6FKurTvfWqe19UxWfDVoAgFm91PgYYeHp3dijeNGiaGVAPJm4x2CPqRZm71&sig=Cg0ArKJSzH939TLSm0gAEAE&urlfix=1&adurl=

Requested by

Host: fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
URL: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EA4E 68 KB
24 KB 41ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774396-15.js?&cb=0.9983216199319831&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

475c3c0cdfaf37d4e790a56f01f674b1fb518e8af12069a1a7370871dd17a78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "922 / 749 of 1000 / last-modified: 1625264026"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24232
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:27 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0E70 281 B
554 B 95ms
24ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774396-15.js?&cb=0.9983216199319831&tk_st=1&rp_s=c&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://hilight.kapook.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KQS6DL50-28-LWUH; rsid=1|AIfsdBUO++vuGxiryvY+NyLgp5lhZ/St03M8TvrwOw51wYv5J2jhQaqUZdWKiY+fGXPxtjmvETb3SijGM3W9Ggv+olMKg21epF9zPvGLCx8hzG7GXPQDU6uTSg==; ses15=330930^1; vis15=330930^1; audit=1|hLZGFuTafB347KLee3vsLG2GJI/YgkPnRp//jvY/jKWZD3odGsRZlP8MgMWYBfwz+QsoEQ6kzz7gcRgjl6EitSf0fhbrAYas3OlDu/ORdD8=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hilight.kapook.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 06 Jul 2021 14:56:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200 a535109b-7008-4092-9c3d-f2e57093dd9a
beacon-fra2.rubiconproject.com/beacon/d/ Frame EA4E 43 B
378 B 71ms
21ms Image
image/avif 2602:803:c004:200::152
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/a535109b-7008-4092-9c3d-f2e57093dd9a?oo=0&accountId=22392&siteId=330930&zoneId=1774396&sizeId=15&e=6A1E40E384DA563B570C33FBDC18FE852A2A1639D8BC15EC31FF80820605DD80DB59B8F0FCA493CD672E91CEEA848044172DB22D3B21A9B50141EBA1F56E75B82156FB741001C10DB8EFC21D83CF2A4C63AF685AF18256F35A912800543D7DEDCEAA71F143718EDFECF879811D2312C0D82D574BB593C59832997889F1DA11D8

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Jul 2021 14:56:27 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EA4E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41ee125b6143123e6dc10a89cc47d18926112931504697148b58a183067cbd39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 button.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 8 KB
8 KB 239ms
234ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/button.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-1f17"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7959
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H3-29 200 pubads_impl_2021070101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EA4E 329 KB
114 KB 33ms
32ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 08:37:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117092
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:27 GMT

GET
DATA 200
OK truncated
/ Frame 1A00 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ffabbd96e2fc8c41e2357ed464532d3f8430a7bd6ef19be5a8683989b992a89

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 16 KB
17 KB 231ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/Bitmap1.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-40fd"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 16637
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A00 0
0 59ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDbqZsGHA9dtx79iLgz7B6Ca8UyBhHlRX3TWl1sJne4YC56Ug7B2148Rn9EBhaKymVLDBrw6IEufd-Rbi_C3a6Hvp5scrhoVfE_Hl16xzZnkwrPqgGQAABnXIgby6YnKbd3jXONxbZN2jAabV1CI3E940Bc9qs-fu4VHJD5f6k95P4eq-4R1pvs6Nv81Xq2dJosBk5LX85WLcKl26f5BqolaeaFGvT0m8v15Yz0-t72DpdAQp_AP8PwcXk91miA8ZcOfwm3wLGg5Mru70z6JNuvfDMrAujL4OjP3mR_Z4WtpDTveS7UNoriY9W20c&sig=Cg0ArKJSzIYR0Gs4vgKREAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Jul 2021 14:56:27 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0E70 31 KB
9 KB 33ms
25ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9ddda23179d75bf5090b03b5ca00786004a82b54dd9346599aa9eece613c9ed5

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=79021
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9276
Expires: Wed, 07 Jul 2021 12:53:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame EA4E 107 B
853 B 46ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=hilight.kapook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame EA4E 107 B
122 B 44ms
26ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EA4E 16 KB
9 KB 529ms
528ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3023381392948440&correlator=2593842027640678&output=ldjh&impl=fif&eid=31061664%2C31061751%2C31061036%2C44741898%2C31061382&vrg=2021070101&ptt=17&sc=1&sfv=1-0-38&ecs=20210706&iu_parts=16357739%2CHilight_news_300_2_PC&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250%7C336x280&prev_scp=passback%3Dmagnite&cdm=hilight.kapook.com&bc=23&abxe=1&lmt=1625583387&dt=1625583387580&dlt=1625583386560&idt=946&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=3&adxs=1069&adys=952&adks=999895451&ucis=mpjhtn7chdg8&ifi=1&ifk=2148675101&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&top=http%3A%2F%2Fucqemggd.shemrockiddies.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&ga_vid=847091006.1625583388&ga_sid=1625583388&ga_hid=1651041396&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0a12e287eb1b5d6a9739c18b362816759fe9f91d607fa467a4730ceee39557c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
google-lineitem-id: 5409938773
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138315522807
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4e401fa095cf543f1b9d7ebaaf55bdd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 80A5 6 KB
3 KB 53ms
13ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4e401fa095cf543f1b9d7ebaaf55bdd1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4e401fa095cf543f1b9d7ebaaf55bdd1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hilight.kapook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hilight.kapook.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 06 Jul 2021 14:56:27 GMT
expires: Wed, 06 Jul 2022 14:56:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 customer.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 10 KB
10 KB 232ms
232ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/customer.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-26c0"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9920
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H2 200 customer.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 10 KB
10 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/customer.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-26c0"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9920
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H2 200 button.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 8 KB
8 KB 234ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/button.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-1f17"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7959
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA4E 0
0 74ms
71ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufY-13ml3T9Hk-_Jc6E0gP_xImmBjUjaj4UXlr4ut9MuE4vBLCbBD1cYT2NQbAlzJuj_bQ2_Cyc3Q1hhJ5eogYSSDQ3Yagr2z60B6rVER4I72zpfZJHaaFgCSLn_30iS8eP7jfxMG3-IzytPYp8i0CACU_aJThBvSFAWhVt3To6xoH-9ZMsXXj9aot-40SIa1uBjp5L9rCurhd0OVWsgshEgilylauBd95DeXJL_YBEUk_jgckrXKww7n_tiSYgVsJGSGRlPwAAQ-g-AowTCmlC25c40EzrTbnUCfxvS_ncn80n_ZB5y-og4T4M0lM80-tNoDg2gI&sig=Cg0ArKJSzEOfVsSL1ezwEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Jul 2021 14:56:27 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0E70
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/jN7Cy2AFjlhgxAqCJygRxsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3664336995615306503

0
239 B

27ms
26ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3664336995615306503
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

date: Tue, 06 Jul 2021 14:56:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3664336995615306503
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0E70
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTU2YjI3ZWNmNDMwMGE2MmQzMDMzODIzNjg5MjYwMjZiNWRjMmMwYg

170 B
188 B

35ms
35ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTU2YjI3ZWNmNDMwMGE2MmQzMDMzODIzNjg5MjYwMjZiNWRjMmMwYg

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTU2YjI3ZWNmNDMwMGE2MmQzMDMzODIzNjg5MjYwMjZiNWRjMmMwYg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 0E70 0
42 B 45ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0E70
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YORvGgACkXaeOgA4

0
239 B

129ms
27ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YORvGgACkXaeOgA4
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1625583388.782329,VS0,VE0
x-served-by: cache-hhn4072-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YORvGgACkXaeOgA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 0E70
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQS6DL50-28-LWUH&sigv=1&esig=2~ecd6de9b4ecc47d74ff31d8b3549fa5131f80a4c

0
444 B

32ms
6ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQS6DL50-28-LWUH&sigv=1&esig=2~ecd6de9b4ecc47d74ff31d8b3549fa5131f80a4c

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KQS6DL50-28-LWUH&sigv=1&esig=2~ecd6de9b4ecc47d74ff31d8b3549fa5131f80a4c
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 0E70 70 B
264 B 62ms
44ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0E70
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=05a060e4-6f1a-4b00-9bec-82bf4b8f2c24

0
239 B

163ms
27ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=05a060e4-6f1a-4b00-9bec-82bf4b8f2c24
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

Date: Tue, 06 Jul 2021 14:56:31 GMT
Server: MT3 3799 851f7e8 master zrh-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=05a060e4-6f1a-4b00-9bec-82bf4b8f2c24
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 06 Jul 2021 14:56:30 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0E70
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIi4tTtgNrAx4RAWreZRzSk&google_cver=1

0
239 B

137ms
28ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIi4tTtgNrAx4RAWreZRzSk&google_cver=1
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIi4tTtgNrAx4RAWreZRzSk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 free.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 6 KB
6 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/free.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:27 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1815"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6165
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:27 GMT

GET
H2 200 free.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 6 KB
6 KB 232ms
232ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/free.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-1815"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6165
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:28 GMT

GET
H2 200 customer.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 10 KB
10 KB 230ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/customer.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-26c0"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9920
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:28 GMT

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ Frame F43A 89 B
559 B 111ms
108ms Script
application/javascript 3.220.135.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1625583388013&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwMCwicmVzcG9uc2VfYWQiOjIyLCJzbWphZCI6MCwiYWYiOiIiLCJhcGlfaG9zdCI6InRoLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImthcG9vay5jb20iLCJ1cmwiOiJodHRwczovL2hpbGlnaHQua2Fwb29rLmNvbS92aWV3LzEyMjExMiIsImxvZ2lkIjoiZjFiMzg5ZDMtYWZjMC00NTY5LTg0YjQtZjg0NTU4MTQwNGQ1IiwidWlkIjoiMDkxZTlmNDU1NjljZWI0NTFhOTE2MjU1NzYxODYzNDciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkZDdlZTI5My1hZGVlLTRkYTItYjhmNi1mZWZkOWU1YTViZDUiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi4Lij4Liw4LiX4Li24LiBIOC4oeC4reC5gOC4leC4reC4o%2BC5jOC5hOC4i%2BC4hOC5jOC5gOC4quC4ouC4l%2BC5ieC4suC4ouC5gOC4geC5i%2BC4hyDguKPguYjguLLguIfguJ7guLjguYjguIfguJfguLDguKXguLjguIHguKPguLDguIjguIHguKvguKXguLHguIct4Lit4Liy4LiB4Liy4Lij4Liq4Liy4Lir4Lix4LiqICjguKHguLXguITguKXguLTguJspIiwidGRfdXJsIjoiaHR0cHM6Ly9oaWxpZ2h0LmthcG9vay5jb20vdmlldy8xMjIxMTIiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoiaGlsaWdodC5rYXBvb2suY29tIiwidGRfcGF0aCI6Ii92aWV3LzEyMjExMiIsInRkX3JlZmVycmVyIjoiaHR0cDovL3VjcWVtZ2dkLnNoZW1yb2NraWRkaWVzLmNvbS8iLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiJkZDdlZTI5My1hZGVlLTRkYTItYjhmNi1mZWZkOWU1YTViZDUiLCJjb21tb25fY2F0ZWdvcnkiOiJ0cmlwIiwiY2F0ZWdvcnkiOiLguILguYjguLLguKfguK3guLjguJrguLHguJXguLTguYDguKvguJXguLgiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback1

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.135.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK 91b74666867fed3670fa359e368758b0.jpeg
imagehwc.popin.cc/discovery/ Frame F43A 24 KB
25 KB 513ms
150ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagehwc.popin.cc/discovery/91b74666867fed3670fa359e368758b0.jpeg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e0e1b5cfe8bc2eccda9ebaa128585a892a37c3987b4c659414819fd3e921a3b

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Age: 1
Cross-Origin-Embedder-Policy: require-corp
X-Cache-Status: HIT from 10.252.43.27
X-Via: 1.1 PS-KHH-010aH122:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:0 (Cdn Cache Server V2.0)
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 24588
Last-Modified: Tue, 06 Jul 2021 11:38:15 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
ETag: "421af353c498013ecfbea9c8d625257d"
X-Ws-Request-Id: 60e46f1c_PSdgflkfFRA1eq9_12617-35753
x-amz-version-id: jbN8vAzCxhs0PHGBkjdRiNG7tiNOgDvW
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: image/jpeg
Expires: Wed, 06 Jul 2022 13:48:41 GMT

GET
H2 200 214482-new-931443.jpg
hilight.kapook.com/image_fb/43/ Frame F43A 324 KB
325 KB 755ms
754ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/image_fb/43/214482-new-931443.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 77817d282bcbc2fca4913baa503677fe2ddc535198b262160f5ee63b4769716f

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Wed, 30 Jun 2021 10:02:17 GMT
etag: "1771863-511e6-5c5f8d143dc40"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 332262
kp-cache-status: EXPIRED

GET
H/1.1 200
OK 15d81f76fe353dfb2552e420a771193b.jpeg
imagehwc.popin.cc/discovery/ Frame F43A 8 KB
9 KB 384ms
25ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagehwc.popin.cc/discovery/15d81f76fe353dfb2552e420a771193b.jpeg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8cb6badef6f37526039371081da97ac1ee803d2c310b47dfb38ed53256d25099

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Age: 1
Cross-Origin-Embedder-Policy: require-corp
X-Cache-Status: HIT from 10.252.44.28
X-Via: 1.1 PS-KHH-015lO119:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:3 (Cdn Cache Server V2.0)
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 8307
Last-Modified: Mon, 05 Jul 2021 18:23:41 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
ETag: "3872cca9557dc6d11350de06a7282945"
X-Ws-Request-Id: 60e46f1c_PSdgflkfFRA1dm9_2402-5694
x-amz-version-id: TNjW7zu443Kqh3VKT6fev4h0KB9MTBty
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: image/jpeg
Expires: Wed, 06 Jul 2022 10:15:00 GMT

GET
H2 200 214623-new-142529.jpg
hilight.kapook.com/image_fb/43/ Frame F43A 252 KB
252 KB 230ms
230ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/image_fb/43/214623-new-142529.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 960d0efe28a870c7345667cb4d7daee0d9aea65ae439445a8e20febb1cd4b6c1

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Tue, 06 Jul 2021 11:45:00 GMT
etag: "1711d66-3ef6f-5c672f3a80700"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 257903
kp-cache-status: HIT

GET
H/1.1 200
OK 86f8344624a1cd9e38a9360f8011ef95.jpeg
imagehwc.popin.cc/discovery/ Frame F43A 19 KB
20 KB 410ms
28ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagehwc.popin.cc/discovery/86f8344624a1cd9e38a9360f8011ef95.jpeg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: e82f708323b9e54731ed876cae455d832d30dff114df2bfc637fe149c1e95ec9

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Age: 1
Cross-Origin-Embedder-Policy: require-corp
X-Cache-Status: HIT from 10.252.43.28
X-Via: 1.1 PS-KHH-010aH122:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:13 (Cdn Cache Server V2.0)
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 19648
Last-Modified: Tue, 06 Jul 2021 07:03:00 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
ETag: "da1b2efea14a5bd9efee4cc98746c97d"
X-Ws-Request-Id: 60e46f1c_PSdgflkfFRA1dm9_2402-5700
x-amz-version-id: GzCAPYGdeJ3L0iVYSiFZPN4i.Xe9y6Nb
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: image/jpeg
Expires: Wed, 06 Jul 2022 09:53:42 GMT

GET
H2 200 36046-og-1120.jpg
football.kapook.com/cms/upload/og/82/ Frame F43A 540 KB
541 KB 533ms
527ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://football.kapook.com/cms/upload/og/82/36046-og-1120.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: b219f9b8008f1488930e2eab3e7bbf6c4410858124792316ec696a35138d1591

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Mon, 05 Jul 2021 03:26:55 GMT
etag: "2ad290-87105-5c657e08e0fcb"
content-type: image/jpeg
cache-control: max-age=86400, private, must-revalidate
accept-ranges: bytes
content-length: 553221
kp-cache-status: HIT
expires: Wed, 07 Jul 2021 14:56:28 GMT

GET
H/1.1 200
OK 3dba123593a9afe14bc03e45254ea14f.jpeg
imagehwc.popin.cc/discovery/ Frame F43A 14 KB
15 KB 434ms
27ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagehwc.popin.cc/discovery/3dba123593a9afe14bc03e45254ea14f.jpeg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 0eebe3c1ad9f854f7eeb6777dea27bd3723068a5becb796607602196c433cfc7

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Age: 1
Cross-Origin-Embedder-Policy: require-corp
X-Cache-Status: HIT from 10.252.43.27
X-Via: 1.1 PS-KHH-010aH122:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:13 (Cdn Cache Server V2.0)
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 14148
Last-Modified: Thu, 01 Jul 2021 10:20:19 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
ETag: "b31cebfac92e1ed7f60c144d205bdd7e"
X-Ws-Request-Id: 60e46f1c_PSdgflkfFRA1dm9_2402-5702
x-amz-version-id: D43Tz_HH.W7ORmrMLu7T_IECPrZ7H66t
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: image/jpeg
Expires: Tue, 05 Jul 2022 11:15:31 GMT

GET
H2 200 214566-new-873328.jpg
hilight.kapook.com/image_fb/43/ Frame F43A 342 KB
342 KB 744ms
743ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/image_fb/43/214566-new-873328.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 54aef7069606cc097635e87c6a93faf64bd5abeb9be44e7f0ea66815bb4bcf7e

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Mon, 05 Jul 2021 07:15:40 GMT
etag: "1711ce5-5576b-5c65b129a9f00"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 350059
kp-cache-status: EXPIRED

GET
H/1.1 200
OK 5f060adc674cf270e4aa225cc0715a56.jpeg
imagehwc.popin.cc/discovery/ Frame F43A 33 KB
34 KB 463ms
30ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagehwc.popin.cc/discovery/5f060adc674cf270e4aa225cc0715a56.jpeg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 31d5de9f89761c8826e128c58217504766cfb67e2c44b4a7e996ff40e8605ff7

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Age: 1
Cross-Origin-Embedder-Policy: require-corp
X-Cache-Status: HIT from 10.252.43.27
X-Via: 1.1 PS-KHH-017Op120:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:13 (Cdn Cache Server V2.0)
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 34079
Last-Modified: Fri, 02 Jul 2021 14:51:44 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
ETag: "a37d18f3317e83af5c47ce26cbda97f2"
X-Ws-Request-Id: 60e46f1c_PSdgflkfFRA1dm9_2402-5707
x-amz-version-id: 3Alhkn3A2D.ZdDJ0.N7beyvmfUZm5gVS
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: image/jpeg
Expires: Sun, 03 Jul 2022 05:25:52 GMT

GET
H2 200 214553-new-997243.jpg
hilight.kapook.com/image_fb/43/ Frame F43A 282 KB
283 KB 741ms
741ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/image_fb/43/214553-new-997243.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 7b78a69e24f364d4ea2d27531fc5861fd8d96f42db15f5f3a44bb73216a299af

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Sun, 04 Jul 2021 09:16:45 GMT
etag: "1711cc1-468b9-5c648a5ca5940"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 288953
kp-cache-status: HIT

GET
H/1.1 200
OK b58c32b2d297f3f3491f77990f7c59eb.jpeg
imagehwc.popin.cc/discovery/ Frame F43A 9 KB
9 KB 433ms
25ms Image
image/jpeg 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagehwc.popin.cc/discovery/b58c32b2d297f3f3491f77990f7c59eb.jpeg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ae05bba748b3507430a6cf2fbf128320033c2dd8ce17bed8f85bcedf6a6abd6

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Age: 1
Cross-Origin-Embedder-Policy: require-corp
X-Cache-Status: HIT from 10.252.43.27
X-Via: 1.1 PS-KHH-015lO119:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:7 (Cdn Cache Server V2.0)
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 8892
Last-Modified: Fri, 18 Jun 2021 11:05:58 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
ETag: "5b5c68e5c577945b9ffce731c6d1d3dd"
X-Ws-Request-Id: 60e46f1c_PSdgflkfFRA1dm9_2402-5712
x-amz-version-id: rD5tdFUPY_6boOqwDmr_77DuVbU6uJVD
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: image/jpeg
Expires: Mon, 04 Jul 2022 05:31:32 GMT

GET
H2 200 214567-new-979582.jpg
hilight.kapook.com/image_fb/43/ Frame F43A 419 KB
420 KB 713ms
713ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/image_fb/43/214567-new-979582.jpg
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: b675b83751a023cb79fde79c76075abd5ab443bbbbc7bdbec2e6e823f1ca5824

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Mon, 05 Jul 2021 07:44:53 GMT
etag: "1711ceb-68daf-5c65b7b174740"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, must-revalidate
accept-ranges: bytes
content-length: 429487
kp-cache-status: EXPIRED

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ Frame F43A 2 KB
3 KB 262ms
262ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.25
x-amz-version-id: null
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2316
Expires: Tue, 06 Jul 2021 15:56:28 GMT

GET
H/1.1 200
OK error_log Show response
in.treasuredata.com/js/v3/event/popin_feed/ Frame F43A 89 B
316 B 113ms
112ms Script
application/javascript 3.220.135.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_feed/error_log?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1625583388075&data=eyJmZUxvZ0lkIjoiMTYyNTU4MzM4ODA1MiIsIm1zZyI6IkNhbm5vdCByZWFkIHByb3BlcnR5ICdnZXQnIG9mIHVuZGVmaW5lZCIsInN0YWNrIjoiVHlwZUVycm9yOiBDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnZ2V0JyBvZiB1bmRlZmluZWRcbiAgICBhdCBPYmplY3QuZ2V0VmlkZW8gKGh0dHBzOi8vYXBpLnBvcGluLmNjL3NlYXJjaGJveC9rYXBvb2tfdGguanM6MjoyNjE4NjQpXG4gICAgYXQgbmV3IGkgKGh0dHBzOi8vYXBpLnBvcGluLmNjL3NlYXJjaGJveC9rYXBvb2tfdGguanM6MjoyNzM5KVxuICAgIGF0IE9iamVjdC48YW5vbnltb3VzPiAoaHR0cHM6Ly9hcGkucG9waW4uY2Mvc2VhcmNoYm94L2thcG9va190aC5qczoyOjMxMTIpXG4gICAgYXQgaHR0cHM6Ly9hcGkucG9waW4uY2Mvc2VhcmNoYm94L2thcG9va190aC5qczoyOjE4NDQyMlxuICAgIGF0IEFycmF5LmZvckVhY2ggKDxhbm9ueW1vdXM%2BKVxuICAgIGF0IE9iamVjdC5hSi5maXJlRXZlbnQgKGh0dHBzOi8vYXBpLnBvcGluLmNjL3NlYXJjaGJveC9rYXBvb2tfdGguanM6MjoxODQzOTQpXG4gICAgYXQgYUouPGNvbXB1dGVkPi5yZW5kZXJCb3ggKGh0dHBzOi8vYXBpLnBvcGluLmNjL3NlYXJjaGJveC9rYXBvb2tfdGguanM6MjoyMDc3MzQpXG4gICAgYXQgYUouPGNvbXB1dGVkPi5pbml0IChodHRwczovL2FwaS5wb3Bpbi5jYy9zZWFyY2hib3gva2Fwb29rX3RoLmpzOjI6MjA0ODE2KVxuICAgIGF0IG5ldyBhSi48Y29tcHV0ZWQ%2BIChodHRwczovL2FwaS5wb3Bpbi5jYy9zZWFyY2hib3gva2Fwb29rX3RoLmpzOjI6MTg2MzI0KVxuICAgIGF0IGh0dHBzOi8vYXBpLnBvcGluLmNjL3NlYXJjaGJveC9rYXBvb2tfdGguanM6MjoyMzE5NjYiLCJuYW1lIjoiVHlwZUVycm9yIiwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJhcGlfaG9zdCI6InRoLnBvcGluLmNjIiwibWVkaWEiOiJrYXBvb2suY29tIiwidXJsIjoiaHR0cHM6Ly9oaWxpZ2h0LmthcG9vay5jb20vdmlldy8xMjIxMTIiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI0NTM0MmEzNC0yYjdmLTQ0N2UtYWFiYS03OTc2NzFjNDBiZDYiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi4Lij4Liw4LiX4Li24LiBIOC4oeC4reC5gOC4leC4reC4o%2BC5jOC5hOC4i%2BC4hOC5jOC4iuC4meC4l%2BC5ieC4suC4ouC5gOC4geC5i%2BC4hyDguKPguYjguLLguIfguJ7guLjguYjguIfguJfguLDguKXguLjguIHguKPguLDguIjguIHguKvguKXguLHguIct4Lit4Liy4LiB4Liy4Lij4Liq4Liy4Lir4Lix4LiqICjguKHguLXguITguKXguLTguJspIiwidGRfdXJsIjoiaHR0cHM6Ly9oaWxpZ2h0LmthcG9vay5jb20vdmlldy8xMjIxMTIiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoiaGlsaWdodC5rYXBvb2suY29tIiwidGRfcGF0aCI6Ii92aWV3LzEyMjExMiIsInRkX3JlZmVycmVyIjoiaHR0cDovL3VjcWVtZ2dkLnNoZW1yb2NraWRkaWVzLmNvbS8iLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24ifQ%3D%3D&callback=TreasureJSONPCallback2

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.135.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ Frame F43A 66 B
347 B 275ms
268ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwMCwicmVzcG9uc2VfYWQiOjIyLCJzbWphZCI6MCwiYWYiOiIiLCJhcGlfaG9zdCI6InRoLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImthcG9vay5jb20iLCJ1cmwiOiJodHRwczovL2hpbGlnaHQua2Fwb29rLmNvbS92aWV3LzEyMjExMiIsImxvZ2lkIjoiZjFiMzg5ZDMtYWZjMC00NTY5LTg0YjQtZjg0NTU4MTQwNGQ1IiwidWlkIjoiMDkxZTlmNDU1NjljZWI0NTFhOTE2MjU1NzYxODYzNDciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkZDdlZTI5My1hZGVlLTRkYTItYjhmNi1mZWZkOWU1YTViZDUiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi4Lij4Liw4LiX4Li24LiBIOC4oeC4reC5gOC4leC4reC4o+C5jOC5hOC4i+C4hOC5jOC5gOC4quC4ouC4l+C5ieC4suC4ouC5gOC4geC5i+C4hyDguKPguYjguLLguIfguJ7guLjguYjguIfguJfguLDguKXguLjguIHguKPguLDguIjguIHguKvguKXguLHguIct4Lit4Liy4LiB4Liy4Lij4Liq4Liy4Lir4Lix4LiqICjguKHguLXguITguKXguLTguJspIiwidGRfdXJsIjoiaHR0cHM6Ly9oaWxpZ2h0LmthcG9vay5jb20vdmlldy8xMjIxMTIiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoiaGlsaWdodC5rYXBvb2suY29tIiwidGRfcGF0aCI6Ii92aWV3LzEyMjExMiIsInRkX3JlZmVycmVyIjoiaHR0cDovL3VjcWVtZ2dkLnNoZW1yb2NraWRkaWVzLmNvbS8iLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImRkN2VlMjkzLWFkZWUtNGRhMi1iOGY2LWZlZmQ5ZTVhNWJkNSIsImNvbW1vbl9jYXRlZ29yeSI6InRyaXAiLCJjYXRlZ29yeSI6IuC4guC5iOC4suC4p+C4reC4uOC4muC4seC4leC4tOC5gOC4q+C4leC4uCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1625583388015
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK s.gif
r.popin.cc/ Frame F43A 35 B
308 B 1061ms
262ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&uid=091e9f45569ceb451a91625576186347&type=pc_pv&nid=pc&media=kapook.com&r5=ca_%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AD%E0%B8%B8%E0%B8%9A%E0%B8%B1%E0%B8%95%E0%B8%B4%E0%B9%80%E0%B8%AB%E0%B8%95%E0%B8%B8&t=1625583388015&tz=th
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:29 GMT
Last-Modified: Tue, 10 Sep 2019 08:21:36 GMT
Server: nginx
ETag: "5d775d10-23"
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ Frame F43A 66 B
347 B 1014ms
874ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidGgucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoia2Fwb29rLmNvbSIsInVybCI6Imh0dHBzOi8vaGlsaWdodC5rYXBvb2suY29tL3ZpZXcvMTIyMTEyIiwibG9naWQiOiJmMWIzODlkMy1hZmMwLTQ1NjktODRiNC1mODQ1NTgxNDA0ZDUiLCJ1aWQiOiIwOTFlOWY0NTU2OWNlYjQ1MWE5MTYyNTU3NjE4NjM0NyIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImRkN2VlMjkzLWFkZWUtNGRhMi1iOGY2LWZlZmQ5ZTVhNWJkNSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLguKPguLDguJfguLbguIEg4Lih4Lit4LmA4LiV4Lit4Lij4LmM4LmE4LiL4LiE4LmM4LmA4Liq4Lii4LiX4LmJ4Liy4Lii4LmA4LiB4LmL4LiHIOC4o+C5iOC4suC4h+C4nuC4uOC5iOC4h+C4l+C4sOC4peC4uOC4geC4o+C4sOC4iOC4geC4q+C4peC4seC4hy3guK3guLLguIHguLLguKPguKrguLLguKvguLHguKogKOC4oeC4teC4hOC4peC4tOC4mykiLCJ0ZF91cmwiOiJodHRwczovL2hpbGlnaHQua2Fwb29rLmNvbS92aWV3LzEyMjExMiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoaWxpZ2h0LmthcG9vay5jb20iLCJ0ZF9wYXRoIjoiL3ZpZXcvMTIyMTEyIiwidGRfcmVmZXJyZXIiOiJodHRwOi8vdWNxZW1nZ2Quc2hlbXJvY2tpZGRpZXMuY29tLyIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZGQ3ZWUyOTMtYWRlZS00ZGEyLWI4ZjYtZmVmZDllNWE1YmQ1IiwiY29tbW9uX2NhdGVnb3J5IjoidHJpcCIsImNhdGVnb3J5Ijoi4LiC4LmI4Liy4Lin4Lit4Li44Lia4Lix4LiV4Li04LmA4Lir4LiV4Li4IiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1625583388016
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:28 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ Frame F43A 0
145 B 798ms
260ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkZDdlZTI5My1hZGVlLTRkYTItYjhmNi1mZWZkOWU1YTViZDUiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi4Lij4Liw4LiX4Li24LiBIOC4oeC4reC5gOC4leC4reC4o+C5jOC5hOC4i+C4hOC5jOC5gOC4quC4ouC4l+C5ieC4suC4ouC5gOC4geC5i+C4hyDguKPguYjguLLguIfguJ7guLjguYjguIfguJfguLDguKXguLjguIHguKPguLDguIjguIHguKvguKXguLHguIct4Lit4Liy4LiB4Liy4Lij4Liq4Liy4Lir4Lix4LiqICjguKHguLXguITguKXguLTguJspIiwidGRfdXJsIjoiaHR0cHM6Ly9oaWxpZ2h0LmthcG9vay5jb20vdmlldy8xMjIxMTIiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoiaGlsaWdodC5rYXBvb2suY29tIiwidGRfcGF0aCI6Ii92aWV3LzEyMjExMiIsInRkX3JlZmVycmVyIjoiaHR0cDovL3VjcWVtZ2dkLnNoZW1yb2NraWRkaWVzLmNvbS8iLCJ0ZF9pcCI6IjE5NC4xODcuMjUxLjYyIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJkaXNoX2NvbW1vbl9jYXRlZ29yeSI6InRyaXAiLCJrZXkiOiJrZXkxNjI1NTgzMzg2MzQ4Iiwibm93IjoxNjI1NTgzMzg4MDE2LCJjbGllbnRfaWQiOiJkZDdlZTI5My1hZGVlLTRkYTItYjhmNi1mZWZkOWU1YTViZDUiLCJ1cmwiOiJodHRwczovL2hpbGlnaHQua2Fwb29rLmNvbS92aWV3LzEyMjExMiIsInVpZCI6IjA5MWU5ZjQ1NTY5Y2ViNDUxYTkxNjI1NTc2MTg2MzQ3Iiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJrYXBvb2suY29tIiwiZGlzaF9jYXRlZ29yeSI6IuC4guC5iOC4suC4p+C4reC4uOC4muC4seC4leC4tOC5gOC4q+C4leC4uCIsImRpc2hfZG9tYWluIjoiaGlsaWdodC5rYXBvb2suY29tIiwidl9kaXNoX2xhYmVscyI6IuC4oeC4tOC4luC4uOC4meC4suC4ouC4mSzguJrguKPguLTguKnguLHguJcs4LmA4Lih4Li34LmI4LitLOC5gOC4oeC4t+C4reC4hyzguIrguLXguKfguLTguJUs4Lij4Lix4LiB4Lip4LiyLOC4ouC4meC4leC5jCzguIjguLHguIHguKMs4Lij4LiWLOC5gOC4guC5ieC4siIsInZfZGlzaF90bGFiZWxzIjoi4LiX4LmJ4Liy4LiiLOC4o+C5iOC4suC4hyzguKvguKXguLHguIcs4Lil4Li44LiBLOC4geC4suC4oyzguKHguLUiLCJsb2dpZCI6ImYxYjM4OWQzLWFmYzAtNDU2OS04NGI0LWY4NDU1ODE0MDRkNSIsImFwaV9ob3N0IjoidGgucG9waW4uY2MiLCJkb21haW4iOiJoaWxpZ2h0LmthcG9vay5jb20iLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:29 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK s.gif
r.popin.cc/ Frame F43A 35 B
308 B 1086ms
252ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&uid=&type=pc_channel_pv&nid=pc&media=kapook.com&r5=ca_%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%AD%E0%B8%B8%E0%B8%9A%E0%B8%B1%E0%B8%95%E0%B8%B4%E0%B9%80%E0%B8%AB%E0%B8%95%E0%B8%B8|ch_with_sz_53_feed_with_sz_pc&t=1625583388077&tz=th
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:29 GMT
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Server: nginx
ETag: "5d67294a-23"
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ Frame F43A 66 B
347 B 817ms
259ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6dHJ1ZSwiY2hhbm5lbF9pZCI6IndpdGhfc3pfNTNfZmVlZF93aXRoX3N6X3BjIiwiZXhwZWN0ZWRfYWQiOjYsInJlbmRlcmVkX2FkIjo2LCJhcGlfaG9zdCI6InRoLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImthcG9vay5jb20iLCJ1cmwiOiJodHRwczovL2hpbGlnaHQua2Fwb29rLmNvbS92aWV3LzEyMjExMiIsImxvZ2lkIjoiZjFiMzg5ZDMtYWZjMC00NTY5LTg0YjQtZjg0NTU4MTQwNGQ1IiwidWlkIjoiMDkxZTlmNDU1NjljZWI0NTFhOTE2MjU1NzYxODYzNDciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkZDdlZTI5My1hZGVlLTRkYTItYjhmNi1mZWZkOWU1YTViZDUiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi4Lij4Liw4LiX4Li24LiBIOC4oeC4reC5gOC4leC4reC4o+C5jOC5hOC4i+C4hOC5jOC5gOC4quC4ouC4l+C5ieC4suC4ouC5gOC4geC5i+C4hyDguKPguYjguLLguIfguJ7guLjguYjguIfguJfguLDguKXguLjguIHguKPguLDguIjguIHguKvguKXguLHguIct4Lit4Liy4LiB4Liy4Lij4Liq4Liy4Lir4Lix4LiqICjguKHguLXguITguKXguLTguJspIiwidGRfdXJsIjoiaHR0cHM6Ly9oaWxpZ2h0LmthcG9vay5jb20vdmlldy8xMjIxMTIiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoiaGlsaWdodC5rYXBvb2suY29tIiwidGRfcGF0aCI6Ii92aWV3LzEyMjExMiIsInRkX3JlZmVycmVyIjoiaHR0cDovL3VjcWVtZ2dkLnNoZW1yb2NraWRkaWVzLmNvbS8iLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImRkN2VlMjkzLWFkZWUtNGRhMi1iOGY2LWZlZmQ5ZTVhNWJkNSIsImNvbW1vbl9jYXRlZ29yeSI6InRyaXAiLCJjYXRlZ29yeSI6IuC4guC5iOC4suC4p+C4reC4uOC4muC4seC4leC4tOC5gOC4q+C4leC4uCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1625583388077
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:29 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK log.gif
r.popin.cc/ Frame F43A 35 B
308 B 1066ms
262ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-th&uid=091e9f45569ceb451a91625576186347&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F122112&t=1625583388077
Requested by: Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 14:56:29 GMT
Last-Modified: Tue, 10 Sep 2019 08:21:36 GMT
Server: nginx
ETag: "5d775d10-23"
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2855 42 B
518 B 64ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumbPZGRplUxPflEqA3B8AWxhwzWHeIOljVBihgR4UZXMW4ayj2RTf7-7tCcSq7R3C6Ius9LaA4lDV9eCozSmydxXflGrAsaXNv5mjUM9V9YgeTReRz&sig=Cg0ArKJSzJIaPSlul-9aEAE&id=lidar2&mcvt=1066&p=624,1069,874,1369&mtos=1066,1066,1066,1066,1066&tos=1066,0,0,0,0&v=20210702&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=3445020646&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1625583386567&rpt=453&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 18 KB
18 KB 628ms
628ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m1.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-4630"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 17968
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:28 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 68B8 0
0 59ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNNnqafKQ252zpFAcCzEzS2eGfACSS_1Ewrd3UpDI4_TVHwUfe8N0NdLRlpIj5kffGEvWbZLDbPTasCWfHF6q7OW_K8LfkSDtNKwxZvMHWNh2mjNR0n8i_9_AWyLnictofYDMGn-saFL4p3yhwOJWUoqMU8wX_w-beMEymaP_7cm-1L4CQdsUJu--nfvM8fgTGhkALA9ADpLPAeyP9BeGpBRoZv-aRcns9QOEBE3Tk-3TEjidfifQmP0JWH7GiclR9rAXo5Bi4Nh8PdHh3VpihhNk20WUSubkG16Y84xPd4IQ9bhMNwff5Eg_fuLVOF2s&sig=Cg0ArKJSzIRjP1CcL1ikEAE&urlfix=1&adurl=

Requested by

Host: ucqemggd.shemrockiddies.com
URL: http://ucqemggd.shemrockiddies.com/gk0607/0-1yczsewon.aspx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 68B8 236 KB
63 KB 21ms
20ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 06 Jul 2021 15:11:28 GMT

GET
H2 200 300x250.js Show response
i.kapook.com/gorralit/kapookmarket1/300x250/ Frame 68B8 25 KB
6 KB 652ms
651ms Script
application/javascript 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/300x250.js?1593430650619

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 12:17:35 GMT
etag: W/"5ef9dbdf-65d2"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68B8 123 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af5a35708a776c4c51024ec463b3d21d04b1007cfc8286309c13ded97a4119e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625225346277716"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37896
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:28 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA4E 72 KB
27 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4a89afd48453d83067f4f59988766d5bded647ac8e316bbb5fe7572bbce06c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625225358082386"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27725
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:28 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EA4E 10 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d91a78247817702d44fab0e2df9d71e393a70bfa2287cff02cc945f73fb4bfb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7948
x-xss-protection: 0

GET
H2 200 m1.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 18 KB
18 KB 615ms
615ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m1.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-4630"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 17968
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:28 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EA4E 17 KB
6 KB 31ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js?31061751

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:28 GMT

GET
H2 200 free.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 6 KB
6 KB 584ms
583ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/free.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-1815"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6165
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:28 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ Frame F43A 17 B
184 B 73ms
19ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156743
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:28 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://hilight.kapook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9E78 12 KB
5 KB 14ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hilight.kapook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hilight.kapook.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 06 Jul 2021 14:30:24 GMT
expires: Wed, 06 Jul 2022 14:30:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EF09 783 B
779 B 20ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

023ff83a84fc0d32ed0131a2b9e76605a513d9b70abc173196874b661c11a7a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Di1BrCOgs6nYqwfQtRycJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hilight.kapook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hilight.kapook.com/

Response headers

expires: Tue, 06 Jul 2021 14:56:28 GMT
date: Tue, 06 Jul 2021 14:56:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Di1BrCOgs6nYqwfQtRycJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 KtQVHgFmyc6avfEYQl6jwuIqHN0jrKlFlNnINk9N7x8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E78 35 KB
13 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KtQVHgFmyc6avfEYQl6jwuIqHN0jrKlFlNnINk9N7x8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ad4151e0166c9ce9abdf118425ea3c2e22a1cdd23aca94594d9c8364f4def1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13206
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 01:34:03 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 0559 0
128 B 22ms
20ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156743&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A00 42 B
64 B 54ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiDxZ6N53LFsFktEJNsur62JianSTVT5_nWntMvxuafig4Za1Pfy6C_Sd33fze7fzLdWGvIyMNn5sau84-to1WAKDcIIdc0SBpdgeMO2gi7YV34iXJ&sig=Cg0ArKJSzHw-zDFUutH1EAE&id=lidar2&mcvt=1009&p=342,315,592,1285&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20210702&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=4208516631&rs=4&met=ie&la=1&cr=0&osd=1&vs=4&eosm=0&rst=1625583386604&dlt=222&rpt=842&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA4E 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021070101&jk=3023381392948440&bg=!ubqluv7NAAbV4AdB1eA7ACkAdvg8Wq-11hgimSUebJ7yLRot1VLBQNXIr-IrrD_NmcfRjpQ6s5Z3_wIAAAEHUgAAAAxoAQeZAre0HG5Kj7sBCaruRIUJCAa75Spnr4jw3OCeXFm2ogQuuwPEDIk0CDJbhxDAVEkfaPcDMEZiRM5nzE4dnZlD7oew4V2CNe2FCL-HgUho9Q9zImntBbW3LyDz2G85TX5bNY73k7qvfd-ISO7uV3uKDRXtq4uLi9EMzyc4SWxKh4Um54BkKtUrKWgE7hqFT-AL5wvM6qNPAHZ8ls9PN1ku17NRZXhanZG6TAfLHeJUW3H7TU3ZytwYRf3PgjN7QG9fP5n31Z4H3J-1vPa3uF46kMmvP-wpJugmBaAd3UkhDpxJligpoWNSfAmt7vddLVmwIoFaHBE-smDySBR0IdJ_seH1FhdfNIeg3ApCeSmARYOMnOMFhGI3bfyWYxeEwH7Qmz7VZbQyru59neH5Z-PghvYPi9yMFH9_azk1CUZ6jnDIDZkLCwkYe_rfBG_UfshNLenpMbCCV5nWWC_8CFFJcrX5JuPkvkOsjBKU_KCbFg5oVgF2eRw6Ln8kRGAf3NeCtuqMLG3sbJ7OpSR_OvzGwV7S1sQaVOsq_RpsngrIQq32cdryVf_9dHbyEcXbTrGUxJtP7oPPgLA6fH_sPB4U72IEpj3jv9IJLspr5YtLKxGvUJQqcjov2VfNSjEf6FgdbJOOtypPAHi38SU76Ceg_HVmD2VIqXWCbAfK5GnD-1ZUF9uTAOGDKJ42a9GaJpjVA0U485syQd4QstB4sxdDqRC6krgUJu6ENCJpV9isrpmYRmVFA7PUk8rKirLDd_AZ4nk8k0qtXxLSsqy_w8u1jPJS80c8xCwQqFO1YYGgC0pobD4JYcgCRugjlUB_ocj3AG2Cq-Nrc5Jtv1g_vBRbX6_hWm4ewxDeXiHxYU_klIdq2vM1a-lN26OA52ifczsz1ZLA8EBVaqlPaDcMzwp96t3qC4sC4s1a9Q

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA4E 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv68q5otk0333FTDUw04h39Ah-7YqrpQnbwUgrIEEoG9YtrALpE-9E-E7n0jm5tTnw8ATwzgN0bjfbiMDvhurFv_NGwLfUrCVd9PMJj4sA2hcjuuwLQ&sig=Cg0ArKJSzExIRTENTwkrEAE&id=lidar2&mcvt=1000&p=952,1069,1202,1369&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210702&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=19&adk=719977154&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1625583386569&rpt=786&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 68B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2011f49f16b91594b91e50a89e09f570f8b2ca488eacf7047644df3766d448b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 16 KB
17 KB 465ms
465ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/Bitmap1.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:28 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-40fd"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 16637
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:28 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 68B8 0
0 59ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZc8k0jlwqR5OuAeIIGYNgGa8ektW-8D6bTKpVZHGUMSaPhZ0jC4y2_DfrzAHX2BBhHUvweuZAmL8VIIzPy9QOlDsU288RCODq1lH-9NqYpgBihnldVhgk8CMMBRxgT3ziC-NAnaQ93WaIFPE5YLflKZEz57s-2Xhrb0wLmbbU-2r6aYHln8pdbyKzTNaLfcoNGrc2hNXO8K-4pVx-S7DK5iJO3ObVRDpxAyT1AlH2PZXxI-rLHb_I5Q9BrdIugbb9SW1S8QhhqkgHJrHH90ch7ZbJqfnagH5rK1AJWnU6S1qx_bZryuSuKEiwdF3_rg9aPQ&sig=Cg0ArKJSzNLUt6WQ88piEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 06 Jul 2021 14:56:28 GMT

GET
H2 200 m1.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 18 KB
18 KB 429ms
428ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m1.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-4630"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 17968
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 m2.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 1 KB
2 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m2.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-576"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1398
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 m2.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 1 KB
2 KB 382ms
381ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m2.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-576"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1398
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 button.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 8 KB
8 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/button.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1f17"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7959
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 m2.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 1 KB
2 KB 230ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m2.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-576"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1398
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 m3.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 7 KB
7 KB 230ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m3.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1be7"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7143
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 m3.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 7 KB
7 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m3.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-1be7"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7143
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 customer.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 10 KB
10 KB 231ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/customer.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-26c0"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9920
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 m3.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 7 KB
7 KB 231ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m3.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-1be7"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7143
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 m4.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 7 KB
7 KB 230ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m4.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1b32"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6962
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 m4.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 7 KB
7 KB 235ms
234ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m4.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-1b32"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6962
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 free.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 6 KB
6 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/free.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1815"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6165
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 m4.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 7 KB
7 KB 230ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m4.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-1b32"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6962
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H2 200 money.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 7 KB
7 KB 230ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/money.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:29 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1af0"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6896
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:29 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 68B8 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzTqBigGGW5OTMuZXtUn0T1EZbOCLcQ5rFCsJWHAdpAEgnT2t7QTOQK3RtzPS_qOZZe-0oRovjc64_1ckcgMyQJlLtegnF7nPl4liCkIMNMK-4CQ5S&sig=Cg0ArKJSzCS4IJxZwBQkEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210702&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=19&adk=999895451&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1625583388136&rpt=746&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 money.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 7 KB
7 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/money.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-1af0"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6896
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 m1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 18 KB
18 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m1.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-4630"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 17968
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 money.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 7 KB
7 KB 230ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/money.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-1af0"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6896
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 t1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 5 KB
5 KB 230ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t1.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-142a"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 5162
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 t1.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 5 KB
5 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/t1.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-142a"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 5162
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 m2.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 1 KB
2 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m2.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-576"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1398
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 t1.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 5 KB
5 KB 229ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/t1.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-142a"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 5162
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 t2.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 6 KB
7 KB 233ms
233ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t2.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-19b1"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6577
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 t2.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 6 KB
7 KB 229ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/t2.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-19b1"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6577
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 m3.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 7 KB
7 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m3.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1be7"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7143
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 t2.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 6 KB
7 KB 230ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/t2.png?1593422211679

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-19b1"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6577
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 t3.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 2855 4 KB
5 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t3.png?1593430650587

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1107"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4359
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 t3.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame FD6D 4 KB
5 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/728x90/images/t3.png?1593426663506

Requested by

Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/122112

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:41:25 GMT
etag: "5ef9d365-1107"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4359
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 fontface.css
my.kapook.com/fonts/kittithada_roman/ Frame F43A 387 B
762 B 231ms
230ms Stylesheet
text/css 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.kapook.com/fonts/kittithada_roman/fontface.css

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Thu, 24 Jan 2019 03:24:26 GMT
etag: "5c492fea-183"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Accept,Content-Type, Origin
content-length: 387
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H3-29 200 icon
fonts.googleapis.com/ Frame F43A 568 B
365 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: my.kapook.com
URL: https://my.kapook.com/jquery/tag.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

415afc12cef02264dab61ba05de6b9eabb4146c0b4fedfbd160a1fb379f895d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 14:56:30 GMT
server: ESF
date: Tue, 06 Jul 2021 14:56:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Jul 2021 14:56:30 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F43A 10 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c67c84d38fe1d8b502cc594065c9949fcf873f52ddc8ee3fbb431edd9828098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 06 Jul 2021 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0

GET
H2 200 m4.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 7 KB
7 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/m4.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1b32"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6962
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

GET
H2 200 t3.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 1A00 4 KB
5 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/970x250/images/t3.png?1593422211679

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
last-modified: Mon, 29 Jun 2020 11:40:16 GMT
etag: "5ef9d320-1107"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4359
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:30 GMT

POST
H2 200 popular-query Show response
connect.thelead.tech/personalize/ Frame F43A 2 KB
886 B 224ms
224ms XHR
application/json 202.183.165.228
CSLOXINFO-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.thelead.tech/personalize/popular-query

Requested by

Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.228 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),

Reverse DNS

p354-nasbkkST3.C.csloxinfo.net

Software

nginx/1.19.2 /

Resource Hash

eff758662bb912f0614d95b63abdbeecdb9c9c7132633cf138ce763946ccbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Jul 2021 14:56:30 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
server: nginx/1.19.2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F43A 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061744

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 06 Jul 2021 14:56:30 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B153 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hilight.kapook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hilight.kapook.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 06 Jul 2021 14:30:24 GMT
expires: Wed, 06 Jul 2022 14:30:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 81CD 783 B
531 B 17ms
17ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ebafbbd95dbc22a4351d2f9c3e801cee885af7a1fb8e91fd38635203ce9c80f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MytKk70E44eMpenKiB8elQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hilight.kapook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hilight.kapook.com/

Response headers

expires: Tue, 06 Jul 2021 14:56:30 GMT
date: Tue, 06 Jul 2021 14:56:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MytKk70E44eMpenKiB8elQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 KtQVHgFmyc6avfEYQl6jwuIqHN0jrKlFlNnINk9N7x8.js Show response
pagead2.googlesyndication.com/bg/ Frame B153 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KtQVHgFmyc6avfEYQl6jwuIqHN0jrKlFlNnINk9N7x8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ad4151e0166c9ce9abdf118425ea3c2e22a1cdd23aca94594d9c8364f4def1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13206
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 01:34:03 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F43A 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021063001&jk=1994118335866282&bg=!iYqlis7NAAbV4AdB1eA7ACkAdvg8WhwFtLvZw1hG1hi_zPPKYQ8hXyYfQF7_5y2tqZVbclZjstVp5AIAAABwUgAAAAxoAQcKAJqFtlRBGe04wgQU_eMyVtY3gvGX6uaVaIw4QO6FrCDxFN408Qjgk5uJcExJ78e7vKNdcpS5ASJfJm27WvTj8FEEncKRkS23snbVRlCXK0hZdutIMuj23R6TVmADFkkQwHXb6D9qenu_V5_oZcwqAeQeExZYUUSPuTYom9CEKfn1_NMPuKD9rYbbmYYJGyulI3w8tJ_Twwl82wYxmQKotuyXKetLPY2qtrg6bfN4HW05PysECecTbOCQPaJczOGwkT3_8J3N2yfTwr9FTlxgZOcyQ6RTICFxg_9FpcHQgspn_8TKnbxUoBZefREFI9ChkzX6dkGssTyBLsNH6NXSvDGEIIebeLFgTHuLmlXco2D7ZO0DF8fAwifZ_aDqL6NxrVZ3x8HeU-F_QVtxHDLgKEotxHr0vOIkcswvtq0XSVKZDcZ7Z2BIqvgzJQVqWqNF-2ZIoCc4l19lZS-8ba0FvybH2CMmwxihhC2ynlOgEOzesR0P_gVIcgk4tnJhVtUQWxMEh_xl8o2iWwiwLJNDhQxDLoVPsnzoLdi2oc4pPfJZ1C--oAE62XORb3fVYvJ21Z6v5KMSfeUHCRG2L5NrKkibfsau8GhO3oQFTcDJsc5AUP4LJhQLK8TYiIF8njA_2keOJiA2Tuj1GwkydAn1rh7NCGX3IuY2j2QaVBzGytsiojSqgHnqgiWLSvAwsi29aS-NO-nYITTgqAz-Ydwy_GII42BG9hNsIBwgHUHksxNfO5txP7kXqfxmiXiGxgiW-8GyxS7flUaUZjFIYVTZ3oyhASEkybRUmc7plHIWAqzv8O_eAy-6vGCvBBHOOkNZHBxcFzQj-QKiya2ShsMh4hhmo3iDuUKXt51EZvvRFJ4kc5dKGHs0m0bztGxbOohkHjx4zM36sTBRPl9i1-w4lQWWtwOOkDQ4GsQZYSrNEgzPAjUFd8rBczmkWAaZ85V2CDqoDkvMXermJ9f9QpE1s34Lr7PQA3HfI5cP-qUvc8vdd7JTIyEw0KyTsyTf0UWkUCVaVjPeWekV9IGYtH_Ow01nTjHNHbB8xcAReGkzZetW0POOoFoljhaHLFBKrM6MnIGrAm8tSikNFGsRb6ZP-fA5vmfEP18

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Jul 2021 14:56:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 214614-new-472528.jpg
hilight.kapook.com/r/380/auto/image_fb/43/ Frame F43A 61 KB
61 KB 233ms
231ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/r/380/auto/image_fb/43/214614-new-472528.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: f52acd5b89ddad4ce6c964928d9f10fbab01c406940c80e2043081a5bceaf377

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:31 GMT
last-modified: Tue, 06 Jul 2021 08:53:59 GMT
accept-ranges: bytes
etag: "60e41a27-f3ad"
content-length: 62381
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 10671a02-bc5f-4ccb-9ddf-79be93ad37c6.jpg
s359.kapook.com/r/380/auto/pagebuilder/ Frame F43A 21 KB
22 KB 911ms
444ms Image
image/jpeg 202.183.165.85
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s359.kapook.com/r/380/auto/pagebuilder/10671a02-bc5f-4ccb-9ddf-79be93ad37c6.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 202.183.165.85 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS: p211-nasbkkST3.C.csloxinfo.net
Software: /
Resource Hash: 7b0b420c40f63c628c07d780b17a5dd656afe6a018fbdb6779f94d986ec94b39

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:31 GMT
last-modified: Tue, 06 Jul 2021 11:42:55 GMT
etag: "60e441bf-55eb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, private, must-revalidate
accept-ranges: bytes
content-length: 21995
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:31 GMT

GET
H2 200 214618-new-559204.jpg
hilight.kapook.com/r/380/auto/image_fb/43/ Frame F43A 51 KB
51 KB 231ms
230ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/r/380/auto/image_fb/43/214618-new-559204.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 2e74df8d5b03e718f793c78a7611354ad19c76f373fa3442be8522ba10a27a19

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:31 GMT
last-modified: Tue, 06 Jul 2021 09:44:42 GMT
accept-ranges: bytes
etag: "60e4260a-cc8b"
content-length: 52363
kp-cache-status: HIT
content-type: image/jpeg

GET
H2 200 214597-new-919509.jpg
hilight.kapook.com/r/380/auto/image_fb/43/ Frame F43A 73 KB
73 KB 233ms
233ms Image
image/jpeg 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hilight.kapook.com/r/380/auto/image_fb/43/214597-new-919509.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software: /
Resource Hash: 7bfd2f3b0417ca12e4a81216650d1234d714fdb3050e3692335ae3235535179f

Request headers

Referer: https://hilight.kapook.com/view/122112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:31 GMT
last-modified: Tue, 06 Jul 2021 03:51:11 GMT
accept-ranges: bytes
etag: "60e3d32f-124e6"
content-length: 74982
kp-cache-status: EXPIRED
content-type: image/jpeg

GET
H2 200 money.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 7 KB
7 KB 275ms
275ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/money.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:31 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1af0"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6896
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:31 GMT

GET
H2 200 t1.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 5 KB
5 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t1.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:31 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-142a"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 5162
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:31 GMT

GET
H2 200 t2.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 6 KB
7 KB 231ms
230ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t2.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:31 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-19b1"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6577
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:31 GMT

GET
H2 200 t3.png
i.kapook.com/gorralit/kapookmarket1/300x250/images/ Frame 68B8 4 KB
5 KB 230ms
229ms Image
image/png 27.254.43.247
CSLOX-IDC-AS-AP C...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.kapook.com/gorralit/kapookmarket1/300x250/images/t3.png?1593430650587

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

27.254.43.247 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),

Reverse DNS

Software

Resource Hash

8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 14:56:31 GMT
last-modified: Mon, 29 Jun 2020 11:42:07 GMT
etag: "5ef9d38f-1107"
access-control-allow-methods: GET,POST,DELETE,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4359
kp-cache-status: HIT
expires: Tue, 13 Jul 2021 14:56:31 GMT

POST
H2 200 post Show response
connect.thelead.tech/event/ Frame F43A 46 B
207 B 225ms
225ms XHR
application/json 202.183.165.228
CSLOXINFO-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.thelead.tech/event/post

Requested by

Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.228 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),

Reverse DNS

p354-nasbkkST3.C.csloxinfo.net

Software

nginx/1.19.2 /

Resource Hash

016aafadc5f895818fcc594ae897f12c67efeb2ac8581f1f53fd760fb51317ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Jul 2021 14:56:31 GMT
vary: Origin
server: nginx/1.19.2
content-length: 46
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

POST
H2 200 post Show response
connect.thelead.tech/event/ Frame F43A 46 B
207 B 230ms
230ms XHR
application/json 202.183.165.228
CSLOXINFO-AS-AP C...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.thelead.tech/event/post

Requested by

Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.183.165.228 , Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),

Reverse DNS

p354-nasbkkST3.C.csloxinfo.net

Software

nginx/1.19.2 /

Resource Hash

b7ec199d7b115effe85195b71f8df49689c170abebaff8a306ed9cd0d48aabdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hilight.kapook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Jul 2021 14:56:31 GMT
vary: Origin
server: nginx/1.19.2
content-length: 46
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eus.rubiconproject.com/	1970-01-19 21:42:39	Name: pux Value: 1512%3D100911%262249%3D100911%262307%3D100911%262974%3D100911%263778%3D100911%262249-DV360-Hosted%3D100911%26idl%3D100911%26brx%3D100911%26
.rubiconproject.com/	1970-01-19 19:33:57	Name: vis15 Value: 330930^1
.rubiconproject.com/	1970-01-19 19:33:57	Name: ses15 Value: 330930^1
.bidr.io/	1970-01-20 05:01:36	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-19 21:42:39	Name: KADUSERCOOKIE Value: F75F9305-09C1-416C-A605-43646CEDDC16
.adform.net/	1970-01-19 20:17:41	Name: C Value: 1
.pubmatic.com/	1970-01-19 20:16:15	Name: KRTBCOOKIE_279 Value: 22890-56f0e752-de6a-11eb-98c1-f311d18549d8&KRTB&23011-56f0e752-de6a-11eb-98c1-f311d18549d8
.shemrockiddies.com/	1970-01-19 19:34:29	Name: _gid Value: GA1.2.639414799.1625583383
.pubmatic.com/	1970-01-19 20:16:15	Name: KRTBCOOKIE_218 Value: 22978-YORvGgACkXaeOgA4&KRTB&23194-YORvGgACkXaeOgA4&KRTB&23209-YORvGgACkXaeOgA4&KRTB&23244-YORvGgACkXaeOgA4
.pubmatic.com/	1970-01-19 20:16:15	Name: PugT Value: 1625583390
.pubmatic.com/	1970-01-19 20:16:15	Name: KRTBCOOKIE_377 Value: 6810-111a7cf2-c531-49de-bae7-c516c96b3819&KRTB&22918-111a7cf2-c531-49de-bae7-c516c96b3819&KRTB&23031-111a7cf2-c531-49de-bae7-c516c96b3819
.pubmatic.com/	1970-01-19 20:16:15	Name: KRTBCOOKIE_27 Value: 16735-uid:05a060e4-6f1a-4b00-9bec-82bf4b8f2c24&KRTB&16736-uid:05a060e4-6f1a-4b00-9bec-82bf4b8f2c24&KRTB&23019-uid:05a060e4-6f1a-4b00-9bec-82bf4b8f2c24&KRTB&23114-uid:05a060e4-6f1a-4b00-9bec-82bf4b8f2c24
.adform.net/	1970-01-19 20:59:27	Name: uid Value: 8841190337075136926
.pubmatic.com/	1970-01-19 21:42:39	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 21:42:39	Name: KRTBCOOKIE_466 Value: 16530-62649fb2-6671-4eb1-9e60-f7076ea3c504
.pubmatic.com/	1970-01-19 20:16:15	Name: KRTBCOOKIE_57 Value: 22776-2851905031281157622
.pubmatic.com/	1970-01-19 21:42:39	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 21:42:39	Name: SyncRTB3 Value: 1626739200%3A54_166_178_220_104_7_55_13_22_3_165_48_231_21_71%7C1626134400%3A223_15_2%7C1626825600%3A35%7C1626393600%3A63
.shemrockiddies.com/	1970-01-19 19:33:03	Name: _gat_gtag_UA_116306602_1 Value: 1
.pubmatic.com/	1970-01-19 21:42:39	Name: DPSync3 Value: 1626134400%3A164%7C1625616000%3A174%7C1626739200%3A197_201
.pubmatic.com/	1970-01-19 20:16:15	Name: SPugT Value: 1625583388
.pubmatic.com/	1970-01-19 20:16:15	Name: KRTBCOOKIE_22 Value: 14911-7433541427833917502
.pubmatic.com/	1970-01-19 20:16:15	Name: KRTBCOOKIE_52 Value: 22772-R1B341_DFCC9C69_AE034A1F&KRTB&23092-R1B341_DFCC9C69_AE034A1F
.rubiconproject.com/	1970-01-20 04:18:39	Name: audit Value: 1\|hLZGFuTafB347KLee3vsLG2GJI/YgkPnRp//jvY/jKWZD3odGsRZlP8MgMWYBfwz+QsoEQ6kzz7gcRgjl6EitSf0fhbrAYas3OlDu/ORdD8=
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY+NyLgp5lhZ/St03M8TvrwOw51wYv5J2jhQaqUZdWKiY+fGXPxtjmvETb3SijGM3W9Ggv+olMKg21epF9zPvGLCx8hzG7GXPQDU6uTSg==
hilight.kapook.com/	1970-01-20 04:18:39	Name: uuid Value: 35FEBB5A-9855-4F55-82E1-7B34E8FC1276
.pubmatic.com/	1970-01-19 20:16:15	Name: KRTBCOOKIE_80 Value: 22987-CAESEKJNJPlEG3Qi4UhN1sjoyu4&KRTB&16514-CAESEKJNJPlEG3Qi4UhN1sjoyu4&KRTB&23025-CAESEKJNJPlEG3Qi4UhN1sjoyu4
.pubmatic.com/	1970-01-19 20:16:15	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.rubiconproject.com/	1970-01-20 04:18:39	Name: khaos Value: KQS6DL50-28-LWUH
.bidr.io/	1970-01-20 05:01:36	Name: bito Value: AABv107ByN4AADXHHSShXw
.shemrockiddies.com/	1970-01-20 13:04:15	Name: _ga Value: GA1.2.881526209.1625583383

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://hilight.kapook.com/view/122112(Line 791) Message: daily-cpe off 5
console-api	log	URL: https://hilight.kapook.com/view/122112(Line 792) Message: false
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://my.kapook.com/jquery/jquery.fbbutton.js(Line 110) Message: count share 13451
console-api	log	URL: https://my.kapook.com/signin_2020/js/signin-drt.js(Line 86) Message: mycookie login
console-api	log	URL: https://hilight.kapook.com/view/122112(Line 153) Message: slot fix div-gpt-ad-1538553140196-0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4e401fa095cf543f1b9d7ebaaf55bdd1.safeframe.googlesyndication.com
ad.turn.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.be
adservice.google.com
adservice.google.de
api-center.kapook.com
api.dmcdn.net
api.popin.cc
api.pxl.dailymotion.com
api.rlcdn.com
as.innity.com
avd.innity.com
avd.innity.net
beacon-fra2.rubiconproject.com
c1.adform.net
cacheportal.kapook.com
cdn.bluebillywig.com
cdn.jsdelivr.net
cdn.thelead.tech
cm.adgrx.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
connect.thelead.tech
dis.criteo.com
eus.rubiconproject.com
event.clientgear.com
fd9c939032aef75f368e139087e3aace.safeframe.googlesyndication.com
fonts.googleapis.com
football.kapook.com
graph.facebook.com
gum.criteo.com
hbopenbid.pubmatic.com
hilight.kapook.com
i.kapook.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imagehwc.popin.cc
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
lvs.truehits.in.th
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
my.kapook.com
pagead2.googlesyndication.com
pebed.dm-event.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
pmp.mxptint.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
pubmatic.mainroll.com
r.popin.cc
rtb.adentifi.com
s0.2mdn.net
s359.kapook.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smarttag.rubiconproject.com
ssl-avd.innity.net
static.xx.fbcdn.net
stats.mainroll.com
sync-tm.everesttech.net
sync.ipredictive.com
sync.mathtag.com
t.pubmatic.com
th.popin.cc
token.rubiconproject.com
tpc.googlesyndication.com
ucqemggd.shemrockiddies.com
um.simpli.fi
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.kapook.com
x.bidswitch.net
104.109.78.125
104.111.224.62
119.63.193.220
119.63.197.150
119.63.198.143
119.63.198.172
119.63.198.188
119.81.216.16
13.224.193.108
13.224.193.12
13.248.242.197
142.250.181.226
149.129.240.178
149.28.140.151
151.101.114.49
152.228.227.62
163.171.128.148
169.197.150.8
169.50.137.190
172.217.23.98
178.250.0.163
178.250.2.146
178.79.227.76
18.156.0.31
185.29.133.199
185.33.220.145
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.226
185.64.190.80
188.65.124.59
188.65.124.90
2.18.233.180
2.19.35.65
2001:678:cb4:bbbb::11
202.183.165.226
202.183.165.228
202.183.165.85
203.151.144.214
204.2.255.233
2600:9000:2156:7a00:1d:47ad:2280:93a1
2602:803:c004:200::152
27.254.43.243
27.254.43.247
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a02:2638::1c
2a02:26f0:6c00::210:ba1a
2a02:fa8:8806:13::1400
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81e5:face:b00c:0:4420
2a04:4e42:3::485
3.220.135.169
34.120.133.55
34.246.39.97
35.244.174.68
37.157.6.242
47.252.78.131
52.205.83.58
52.207.62.93
52.48.137.92
52.58.55.232
63.251.232.170
66.155.71.25
69.173.144.138
69.173.144.139
69.173.144.141
016aafadc5f895818fcc594ae897f12c67efeb2ac8581f1f53fd760fb51317ef
023ff83a84fc0d32ed0131a2b9e76605a513d9b70abc173196874b661c11a7a7
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
078485c2ef3f95d9c63732cb9445ba6814ee1b9f2cb6a2f9eaebc85a59227b3f
07d5f877fd8af54f4fb1e1a562af64fdeba316d4b6e69a6d1aa6412c085f61da
0829ac43b09c9a9cfe273be88bf9afaf03db7837cff62366b371938f3dbd93b6
08a0d5ca25d877c9468ac0c090ade201aa7216d1cc8d780b34a77530507de330
0a12e287eb1b5d6a9739c18b362816759fe9f91d607fa467a4730ceee39557c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
0eebe3c1ad9f854f7eeb6777dea27bd3723068a5becb796607602196c433cfc7
0f77f1d0086aef2cf6ffc35c9a4d61f6a71d3768673948099af17fe93fa3bc45
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e4e209a85c75e0d723c863f998aba93b2ded69eef16cf026b8be6d0d7bab00
149ffde0cc4b2f720a361d1198d61319766bc657e7a6ee9dbc36bce8d131a6f4
1550949b2a901cd629815ff2381cb66aff9c68215acc77ddfab44dab4ba9e373
1869a799ad8fcb8ed4f7ca265940db5656e2d369376e6a7c8ba2d0b041fedd79
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1a64c6a2497c7c6e1eeb1d1e58ddd9d460d99ef5c45bace3f3fe672402d6ee65
1c37b9f272a717c741e9294666fec7c6f3bdfb63ca3544803f4770668047c788
1cf1f7132ec2b6e9966d683b1fe193d130ae40191ec77e5449f3c3de6cb4456c
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
2011f49f16b91594b91e50a89e09f570f8b2ca488eacf7047644df3766d448b5
20d0be66a529cbed9e874705a9e0c952779435ce77f2487051a1c58cab452f9d
2257a1847773bc2f2273720e446fb019b71e6c4b2410ab2ff8c2961b7c538a0b
22960b6325e3fc25c9ab5514e6d41773c5099adf5b9badb8f98ab8a4fa50b0e3
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481
26b5858140b60b994049fd6a6a6d800a2e8fbfec1de9605aa8e2232356b5f117
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
288f6e8c235a885732fe11fbb164377baa2a8571f7bb7d589cd575e1e1873031
2ad4151e0166c9ce9abdf118425ea3c2e22a1cdd23aca94594d9c8364f4def1f
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2cd0bc9326bfb92a5f14dbb463d4a4bb4e2181aeda009d885ef5321f6065e3a6
2de3d37538d5f8e3d9fa1678dc15bd6a61063b444484b7ffd7cd6a9eca461c43
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e74df8d5b03e718f793c78a7611354ad19c76f373fa3442be8522ba10a27a19
2f0bc02d973e6e4e3ef63d0271525fd2899205370d17414a937e370c8a8baf39
2f54e8a76f78dc7236969087cfef1e06b5ef42fc4f96ab8c5dd29180e36267ec
303b701d48a7993b4176e72cf7e6f990959046b802acf41d0682d7344a40f4a6
31d5de9f89761c8826e128c58217504766cfb67e2c44b4a7e996ff40e8605ff7
33ceac8852b43e0afb94ba6646ebda4654e9aba3c178e3d4819e4de6be134c8c
36c54d119c4dac44eaa992a8992a11268140fca91322ac51b4413c39fa5f4189
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b
3dcc234e328ebc4a0f55f89a38b103af33f0dc227d1257b2e5ec0d173886d0e9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
415afc12cef02264dab61ba05de6b9eabb4146c0b4fedfbd160a1fb379f895d0
41ee125b6143123e6dc10a89cc47d18926112931504697148b58a183067cbd39
41f5f41fae57894923b9c02c9b5d619b8492bb1e4ab823a00cfd7dea2e70232c
44b1dfba3096651cfa5bf09eabf8e6ae420490fce25bfb4dcf8a46101549f9d7
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
475c3c0cdfaf37d4e790a56f01f674b1fb518e8af12069a1a7370871dd17a78b
477eec233ceefe3c2b65025b45bea43a5d932066192d2e247e15a25c7801d2e4
47fd2d89da6d57a193dcdfde77680f8b0511740db8df42efe176f7683e835e8b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
4c67c84d38fe1d8b502cc594065c9949fcf873f52ddc8ee3fbb431edd9828098
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4ffabbd96e2fc8c41e2357ed464532d3f8430a7bd6ef19be5a8683989b992a89
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32
54aef7069606cc097635e87c6a93faf64bd5abeb9be44e7f0ea66815bb4bcf7e
554bd0321fddc3a9f62fb0dea40cc6603f7b315a9bec1ee578fb614a47c217cb
55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
58c108b0b7425f99e28785064ce0115cbf054aeca694841ab23498bceaa6304c
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
5c3cce8b8b874c74b9689d26608f7ca173bbf1982a809be6ee9670ebb9c38824
5c53c5edc42ac6fa5434fe633999ddceafdd508bfebbe5715a8c0a604e676dfc
5d83682d408b8a5341dccb1e99215ef987833d80b13f28c2e19b91e1c4ea3df3
5e7b018ebac6543fb47d79b97dde5dc7cf5ab5638d53a1c6bcefdf5bcb5b7797
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639
6294eb822b5c5671148e911684409051ae7016f16fa5825797dbaa17f69d6d02
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
632f5cd08bf1e4b618918edafe034f3ce838afe3b8a010b8fd26b08e79e50599
638b569a555e5237e935eaa674fca4ef1317347d53c41171b811759c47534d0e
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf66dfe6d3fe08050c95a346b87c6336b3e9804508bd2c45b208f425f719d19
6d43cc5b6c13952e25e7aa74ebe31175c9bc1f74219e962e2ba16c2f6c631c8a
6e0e1b5cfe8bc2eccda9ebaa128585a892a37c3987b4c659414819fd3e921a3b
6ff7ba0f826e15f429fd80aeeb81b3d38d0327b974444f036669caa6163a8cc2
719b1af2893ff975889a82445ec4cfed41ad7e9180b7ab72cc465e7561f651bd
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e49d94d67ea6c5c05ce7dad75aa33c8345cd32ca13a328a95035682e12018b
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
771912bed15be8133c5c30a277e41fc160de85b19c6ace465ed6f9fe4dbdd052
773b5f1cf4060a8320e999f9fc507ffd1fc39e60cc477208ceb81a231e9341ee
77817d282bcbc2fca4913baa503677fe2ddc535198b262160f5ee63b4769716f
786c04f75c9e13cec3f0aceccba3e6a87d9e1dff0a905fbf89c32ec104793c88
7b0b420c40f63c628c07d780b17a5dd656afe6a018fbdb6779f94d986ec94b39
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6
7b78a69e24f364d4ea2d27531fc5861fd8d96f42db15f5f3a44bb73216a299af
7bfd2f3b0417ca12e4a81216650d1234d714fdb3050e3692335ae3235535179f
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d
7fc05c656ae179292fd84fad3fc774a2ad0ddec146c58dfd6ec7825bf3279c89
7ff4ad5f791e76df0cdc0b00c109ef3e2cc952982be33a56cf2a1bb73fa8a229
80eb8a913c7b9d4ed917690e28a2b708d5101032787fdb7c1b003b03b2ca6e8b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
87967d55d6cfe0b0cdd78fc9295fc9f6255bb2f8eafc994abc3fcfab327457e1
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
8b73f79f43166ba34b6ce483b0fc63141fb9b53a5a1232631b3343953567734d
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
8cb6badef6f37526039371081da97ac1ee803d2c310b47dfb38ed53256d25099
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
92929f05dc49f9f17e9e9e3853393180471a286f71c45524cdf3178e898e92d1
960d0efe28a870c7345667cb4d7daee0d9aea65ae439445a8e20febb1cd4b6c1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990361213a788f276de016ed7f9f42e96c2a4d91bb97bb59acf026ea9cbf4d56
99e3d0a0f7b92b109c9c21035daef51486ff1ed73b5a3bdbe5b487e5619d8240
9ae05bba748b3507430a6cf2fbf128320033c2dd8ce17bed8f85bcedf6a6abd6
9ae8b72c791fcc43fe1bc024947755c4616dfc2e1e4b8f8fcdd1797211e8a19e
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b
9ddda23179d75bf5090b03b5ca00786004a82b54dd9346599aa9eece613c9ed5
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
a0663e47416841962f8767d6a268d034ea2dbfa2af743340254c95aaeb9794c3
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a969a9b32705092663a8c9019ac9835cf93fff0d525457961e309bf04dba1424
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b
ab0335a147eedff460c9dcd5fd249b78606c81898e57db7397d1a4bacb962d5e
ab9eedd8e256a293a36a04146cc316aa5ab098734ae2c72bdd04201479faa4f7
ad1c5a5d967afa5be6fc81e20c24fbcbfce88bea3e8dc948d6cdfa6622c840bd
ad50eece40f0621eb5cafa828ded1536c5dee2ec8776470de3b62a49aa2eea4b
af5a35708a776c4c51024ec463b3d21d04b1007cfc8286309c13ded97a4119e1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1879e8ade5a1c169209e1c9d36e54db19ee13adacb36a489dc6204699da308a
b219f9b8008f1488930e2eab3e7bbf6c4410858124792316ec696a35138d1591
b383e84b0e8607042d7d5ad553927915eada5e27451a3028817e65007eec308e
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2
b675b83751a023cb79fde79c76075abd5ab443bbbbc7bdbec2e6e823f1ca5824
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
b7ec199d7b115effe85195b71f8df49689c170abebaff8a306ed9cd0d48aabdb
bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b
bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f
bcb3acf087e6b852649f3a4f2129a21f83c4aca41177681a3709596900a10f9e
bd14d25fb8b5f98af810efea7049fad966e15e3c4bae892398398cacf2950e19
beb1eb290dc95e73d9346fa7bc87a4b272f875740f39753849543e7d65b260b4
bf42d056ce8cf3ccacfcfcd4319b5f5d96a9bd63b60a2d0899f30cc209bf60b6
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
c4a89afd48453d83067f4f59988766d5bded647ac8e316bbb5fe7572bbce06c2
c64ee951da40891dbccc7776f9abe5c58738c4a0c57bc5a01dd7161dbd430a68
c8cedddc55b1783916b5d2baa40491a8726ed68a6a04651a6b283c38e01a89b7
cb7c93f29ddebf3dd503acd39fef1ef3a086868a346e1236dee05fbc5fc57df0
cbfb81dcdf1039f1a14a693ec04741446f587cb8bd6193da1ecf01aa0f28e12f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510
d3b3a603c3c709ff564c8f2e3ea5703116008e997674664f3f341ead54bd6958
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d91a78247817702d44fab0e2df9d71e393a70bfa2287cff02cc945f73fb4bfb4
dbe0dcee665cb5c72fac087ef2893dd7ae05cd88115e62874c7f5ce8f4879f38
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
e0fe3cf3f4b694a7bc4bb1b11462e00a89eebf156fdb9436f7f01c38fea73e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e722ae42174ea606dabbf73ba46d5858302a53dc4409688d01eccdbeacbba543
e80a7779750a3ac7ed483f5432e59cbae4a9cd4bdd9bbc4d61de080ff3fe7268
e82f708323b9e54731ed876cae455d832d30dff114df2bfc637fe149c1e95ec9
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
e9eb8b1cfad7247c194a52f15bc062ca5da020a3f8027a953cbe63e620670832
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6
ebafbbd95dbc22a4351d2f9c3e801cee885af7a1fb8e91fd38635203ce9c80f1
ebd473d7f288cf6fc7cd00a65cece7f14fa649b25b4f47effd1acc7ad5f4c1eb
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff758662bb912f0614d95b63abdbeecdb9c9c7132633cf138ce763946ccbf7b
f2a2056b7a1c989899886a9b194e93912b7d11767239e956de73d5c2ea237b32
f52acd5b89ddad4ce6c964928d9f10fbab01c406940c80e2043081a5bceaf377
f651e0344ed67b104b79c3b8cfb88260a7f5bc6bc9ed9a70737ac09b7bdc7289
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
fc856d4345031aa1129a23530aa157b64f231ae829b8e1954a2c80ae14ac9d71

ucqemggd.shemrockiddies.com Open in urlscan Pro 149.28.140.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

306 Requests

100 %HTTPS

32 %IPv6

53 Domains

93 Subdomains

77 IPs

11 Countries

6021 kBTransfer

13071 kBSize

31 Cookies

0 Outgoing links

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ucqemggd.shemrockiddies.com Open in urlscan Pro
149.28.140.151 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

100 %
HTTPS

32 %
IPv6

53
Domains

93
Subdomains

77
IPs

11
Countries

6021 kB
Transfer

13071 kB
Size

31
Cookies

306 HTTP transactions
5 data transactions