www.tourismcambodia.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tourismcambodia.com/
Submission: On May 13 via manual (May 13th 2023, 10:25:07 am UTC) from US — Scanned from NL

Summary HTTP 113 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 18 domains to perform 113 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tourismcambodia.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2023. Valid for: a year.

This is the only time www.tourismcambodia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 11	172.255.224.36 172.255.224.36	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.121.118 13.32.121.118	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	188.42.198.44 188.42.198.44	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:677	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
8	13.224.189.27 13.224.189.27	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 16	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4002:c02::5e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:ff0:1234... 2a00:ff0:1234:3::d	41494 (ASOCIATIA...) (ASOCIATIA-INTERLAN InterLAN Services)
113	28

17 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tourismcambodia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pcontrol.tourismcambodia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.tourismcambodia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.255.224.36 (Netherlands) 1 redirects

ASN7979 (SERVERS-COM, US)

tp.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
suggest.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-118.fra60.r.cloudfront.net

widget.camboticket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.42.198.44 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:677 (United States)

ASN13335 (CLOUDFLARENET, US)

st.avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.189.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-27.fra2.r.cloudfront.net

api.camboticket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4002:c02::5e (Atlanta, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ff0:1234:3::d (Romania)

ASN41494 (ASOCIATIA-INTERLAN InterLAN Services, RO)

r2---sn-pouxga5o-vu2s.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	508 KB
17	tourismcambodia.com www.tourismcambodia.com pcontrol.tourismcambodia.com m.tourismcambodia.com	836 KB
14	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com csi.gstatic.com	260 KB
9	camboticket.com widget.camboticket.com api.camboticket.com	407 KB
9	google.com cse.google.com — Cisco Umbrella Rank: 3046 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83 clients1.google.com — Cisco Umbrella Rank: 459	380 KB
9	travelpayouts.com 1 redirects www.travelpayouts.com — Cisco Umbrella Rank: 159421 travelpayouts.com — Cisco Umbrella Rank: 119179 suggest.travelpayouts.com — Cisco Umbrella Rank: 389388	102 KB
7	avsplow.com 1 redirects avsplow.com — Cisco Umbrella Rank: 195400 st.avsplow.com — Cisco Umbrella Rank: 278666	17 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	76 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 108	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 ssl.google-analytics.com — Cisco Umbrella Rank: 439	38 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 4103 r2---sn-pouxga5o-vu2s.gvt1.com	2 MB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	105 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	89 KB
2	tp.media tp.media — Cisco Umbrella Rank: 256749	111 KB
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 14080	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	611 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	19 KB
113	18

	Domain	Requested by
16	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	www.tourismcambodia.com pagead2.googlesyndication.com googleads.g.doubleclick.net cdnjs.cloudflare.com www.googletagservices.com tpc.googlesyndication.com
10	www.tourismcambodia.com	www.tourismcambodia.com
8	api.camboticket.com	cdnjs.cloudflare.com
7	www.travelpayouts.com	www.tourismcambodia.com www.travelpayouts.com
6	m.tourismcambodia.com	www.tourismcambodia.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	avsplow.com	1 redirects www.tourismcambodia.com st.avsplow.com
5	www.google.com	cse.google.com www.tourismcambodia.com tpc.googlesyndication.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	www.facebook.com	1 redirects www.tourismcambodia.com connect.facebook.net
3	fonts.googleapis.com	client googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	connect.facebook.net	www.tourismcambodia.com connect.facebook.net
2	www.google-analytics.com	www.tourismcambodia.com cdnjs.cloudflare.com
2	cse.google.com	www.tourismcambodia.com www.google.com
2	tp.media	www.tourismcambodia.com tp.media
1	r2---sn-pouxga5o-vu2s.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	clients1.google.com	www.tourismcambodia.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	suggest.travelpayouts.com	cdnjs.cloudflare.com
1	travelpayouts.com	1 redirects
1	st.avsplow.com	tp.media
1	ssl.google-analytics.com	www.tourismcambodia.com
1	cdnjs.cloudflare.com	tp.media
1	widget.camboticket.com	www.tourismcambodia.com
1	pcontrol.tourismcambodia.com	www.tourismcambodia.com
113	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.travelpayouts.com
www.voyagethailande.fr
www.voyageindonesie.com
www.voyagecambodge.com
www.voyagesrilanka.fr
www.voyagebhoutan.com
www.voyagejapon.com
www.vivutravel.com
www.cambodia-visa.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-14` - `2024-03-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tp.media R3	`2023-03-17` - `2023-06-15`	3 months	crt.sh
travelpayouts.com R3	`2023-04-27` - `2023-07-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
widget.camboticket.com Amazon RSA 2048 M02	`2023-04-26` - `2024-05-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-19` - `2023-05-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.camboticket.com Amazon RSA 2048 M02	`2023-04-26` - `2024-05-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
avsplow.com R3	`2023-03-17` - `2023-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.tourismcambodia.com/
Frame ID: 34DC7FEF2559429A13D5DB54782A2C62
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: FFC7B686AAA9AA1E3278673FE2E2B9BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5129221542064326&output=html&adk=1812271804&adf=3025194257&lmt=1683973499&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498960&bpp=3&bdt=333&idt=360&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3440518284349&frm=20&pv=2&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=405
Frame ID: 49AEE596ADFB0E4564F3657B662614BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7664349929917900&output=html&h=280&slotname=2915802884&adk=1624935043&adf=873042520&pi=t.ma~as.2915802884&w=875&fwrn=4&fwrnh=100&lmt=1683973499&rafmt=1&format=875x280&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498963&bpp=2&bdt=336&idt=409&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3440518284349&frm=20&pv=2&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=878&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j1mw1IY89v&p=https%3A//www.tourismcambodia.com&dtd=417
Frame ID: 2AF0E978BD2E15B94D08C58FE6FA631A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7664349929917900&output=html&h=600&slotname=9030630887&adk=1907338042&adf=2404123270&pi=t.ma~as.9030630887&w=300&lmt=1683973499&format=300x600&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498965&bpp=1&bdt=337&idt=438&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C875x280&nras=1&correlator=3440518284349&frm=20&pv=1&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VzzLaXQAi8&p=https%3A//www.tourismcambodia.com&dtd=441
Frame ID: 1602BB2C80F9D51F0329685C1EB7E055
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: DFCBDD64031460039260656A7CA655A5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D197239102370%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5bc5d5fbb22e4%2526domain%253Dwww.tourismcambodia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.tourismcambodia.com%25252Ff2fd8bc609d58a8%2526relation%253Dparent.parent%26container_width%3D263%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTourism2Cambodia%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
Frame ID: 2FB2EAD070FCDDA7F106E46961A392EE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 74D063AEED77CCC03FD3D0E8853809DC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 04426AC9B50355F2574B5B34353FBA3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C43F0DBB6A732FE9FAB4A28F4945F73
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Official Site for Tourism of Cambodiasearch

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

113
Requests

96 %
HTTPS

86 %
IPv6

18
Domains

35
Subdomains

28
IPs

5
Countries

4575 kB
Transfer

10492 kB
Size

10
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Tourism2Cambodia/

Search URL Search Domain Scan URL

URL: https://twitter.com/tourismcam/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcFXM05QFSJGsQVAZZG0mLA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/travel2cambodia/

Search URL Search Domain Scan URL

URL: https://www.travelpayouts.com/?marker=149110.poweredby&utm_source=powered_by&utm_medium=network&utm_campaign=84&utm_keyword=promo_2693

Search URL Search Domain Scan URL

URL: https://www.travelpayouts.com/?marker=149110.poweredby&utm_source=powered_by&utm_medium=widget&utm_campaign=mewtwo

Search URL Search Domain Scan URL

URL: http://www.voyagethailande.fr/
Title: Voyage en Thaïlande

Search URL Search Domain Scan URL

URL: http://www.voyageindonesie.com/
Title: Voyage en Indonésie

Search URL Search Domain Scan URL

URL: https://www.voyagecambodge.com/
Title: Voyage au Cambodge

Search URL Search Domain Scan URL

URL: http://www.voyagesrilanka.fr/
Title: Voyage au Sri Lanka

Search URL Search Domain Scan URL

URL: https://www.voyagebhoutan.com/
Title: Voyage au Bhoutan

Search URL Search Domain Scan URL

URL: https://www.voyagejapon.com/
Title: Voyage au Japon

Search URL Search Domain Scan URL

URL: https://www.vivutravel.com/vietnam-tours
Title: Private and Tailor Made Vietnam Tours

Search URL Search Domain Scan URL

URL: https://www.vivutravel.com/vietnam-tours/vietnam-family-tours
Title: Vietnam Family Tours

Search URL Search Domain Scan URL

URL: https://www.vivutravel.com/vietnam-tours/vietnam-classic-tours
Title: Vietnam Classic Tours

Search URL Search Domain Scan URL

URL: https://www.vivutravel.com/vietnam-tours/vietnam-and-cambodia-tours
Title: The Best Tours of Vietnam and Cambodia

Search URL Search Domain Scan URL

URL: https://www.cambodia-visa.com/
Title: Cambodia-visa.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Tourism2Cambodia

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22ea367a88f7bd0ff5bcf3be27daa2decc%22%2C%22trace_id%22%3A%22Zz842a8d42948646f4af1345e-149110%22%2C%22promo_id%22%3A%224237%22%7D%7D%5D%7D HTTP 302
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22ea367a88f7bd0ff5bcf3be27daa2decc%22,%22trace_id%22:%22Zz842a8d42948646f4af1345e-149110%22,%22promo_id%22:%224237%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

Request Chain 24

https://travelpayouts.com/powered_by/powered_by.js HTTP 301
https://www.travelpayouts.com/powered_by/powered_by.js

Request Chain 91

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqu42gEQkAEYkAEyCCjCB-EB92Hx HTTP 301
https://tpc.googlesyndication.com/simgad/6750730227827852970

Request Chain 95

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqvyNRDYBBi6AjII8O31nyhzxYQ HTTP 301
https://tpc.googlesyndication.com/simgad/8065140342024867723

Request Chain 97

https://redirector.gvt1.com/videoplayback?id=8bcb185af86d5d20&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1683980700&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=3B3A7DA8D4555123A71F41CD7FC0E7A2B38A468A.3C3301DC6AFA16A3824E1DB4983AD43A72BD2C6E&key=ck2 HTTP 302
https://r2---sn-pouxga5o-vu2s.gvt1.com/videoplayback?id=8bcb185af86d5d20&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1683980700&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=0DD20B5FCCA79E885DAF9440FC6016B7AAEE32F8.27FDB8B54B482ACA096E124BE405F536294DA23E&key=cms1&cms_redirect=yes&mh=Bf&mip=2a00:1630:2:608::10&mm=28&mn=sn-pouxga5o-vu2s&ms=nvh&mt=1683972825&mv=u&mvi=2&pl=32

Request Chain 102

https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=197239102370&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5bc5d5fbb22e4%26domain%3Dwww.tourismcambodia.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tourismcambodia.com%252Ff2fd8bc609d58a8%26relation%3Dparent.parent&container_width=263&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FTourism2Cambodia%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D197239102370%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5bc5d5fbb22e4%2526domain%253Dwww.tourismcambodia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.tourismcambodia.com%25252Ff2fd8bc609d58a8%2526relation%253Dparent.parent%26container_width%3D263%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTourism2Cambodia%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue

113 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.tourismcambodia.com/ 250 KB
70 KB 796ms
719ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 271d8095bb5dc646ef702e39b24ff2c1bedaeeeeb437e36c939e7c365a1b0c3f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c6a31da0e0d1af8-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 13 May 2023 10:24:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uT4R4uBv70wT8ozg7UgQrSCKrfoROPX81yDP4tjdaQnWM3z5yCuOEv9hEQ6YWwa%2Fr6rDtmIeoLwEcdVNRK1j%2F7jNH%2BcumFYnB7qakqtEBfcqEb5f5BzX8ES%2BQLilb84ZRDHa0wYWN3edKbZG99hM6wGHKSLnqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 182ms
110ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

900d0fe4c45bb781a90b343af250ebbb042bb67a3849bdf336c23578ee00c2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47671
x-xss-protection: 0
server: cafe
etag: 9981562354861293637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 10:24:58 GMT

GET
H2 200 logo1-default.gif
www.tourismcambodia.com/assets/img/ 3 KB
3 KB 37ms
36ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tourismcambodia.com/assets/img/logo1-default.gif
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78235a656b6598ebbcb710d298f58ce1a8404e66fb8c4c4a890e3a1c44d14d5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 01:43:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 413717
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeDwTHNr23kOJf342qcSmBasTovaHZvMle%2FhdZR8JroGPUSJxe5%2BYzBtNZEbdoa8uHlkOyxvAFdIlzh0rRCWUdWUrWJaS6uukXg8Ytytn0p2i%2FFgnYzzME1K6z1WzV2mMSloTx2A6X8EYgMgJ%2ButappB0GzFyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c6a31de9a731af8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2654
expires: Wed, 07 Jun 2023 15:29:41 GMT

GET
H2 200 angkor1920x450-2022.jpg
pcontrol.tourismcambodia.com/cdn/tourismcambodia.com/img/banner/ 224 KB
225 KB 46ms
34ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pcontrol.tourismcambodia.com/cdn/tourismcambodia.com/img/banner/angkor1920x450-2022.jpg
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae463e87d0f8cfac45d05fbf8139f015ec3d8f68502defa5f29ea235922e1f53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 03:05:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 42
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cd48roHVzFtDbhbWtEpMzluLnKyguXI%2BK3S55VBDsNyIPW4DHbWIwN37y5RgxStQ65PiYM5i3Nv21TEcujspdJfto7wbRIcb4Inwt%2BKYy9HCTbP6RY%2F%2BSIJv6Nfpr7d0yxSBmmOLOA0M3LQ%2Facb%2Bk23S5Mk%2F7k%2FP9Oow"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c6a31deaa841af8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 229798
expires: Mon, 12 Jun 2023 10:24:16 GMT

GET
H2 200 content Show response
tp.media/ 77 KB
17 KB 135ms
61ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://tp.media/content?promo_id=2693&shmarker=149110&campaign_id=84&trs=27372&locale=en&hotel_type=&border_radius=5&plain=true&powered_by=false&default_direction=Phnom%20Penh%20Hotel
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: eaf32d8a0c354aa0e1591575ce6158bf2767bcbee0e028aeeddb5a7fd4ce4ac9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: private, max-age=0
timing-allow-origin: *
x-promo-id: 2693
x-robots-tag: noindex
x-request-id: 07fed8266984a56fccb026027122b3f3

GET
H2 200 ea367a88f7bd0ff5bcf3be27daa2decc.js Show response
www.travelpayouts.com/widgets/ 7 KB
2 KB 148ms
60ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets/ea367a88f7bd0ff5bcf3be27daa2decc.js?v=1483
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: b3f553bab667cd9c443e16944e253b1fa87626000fdd4a5a5249901d1a1ce117

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=0
x-robots-tag: noindex
timing-allow-origin: *
link: </mewtwo/styles.css?v=1483>; rel=preload; as=style, </widgets_static/ea367a88f7bd0ff5bcf3be27daa2decc.js?v=1483>; rel=preload; as=script
x-promo-id: 4237
x-request-id: 2ea5c4443b70387376509ebb7fcb7e8e

GET
H2 200 ads_visit_angkor_244.jpg
www.tourismcambodia.com/img/ads/ 18 KB
19 KB 488ms
487ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tourismcambodia.com/img/ads/ads_visit_angkor_244.jpg
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19dfebf0380de62e0055dd36883ae51711b4a8d37c6b83a9b011bb4e1c136a3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Mar 2021 06:07:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwEJc8ClkxKM%2B9GJBNz4GZv89XYp3%2B5jCPsF3meNSVj9Z6oxzqHuFl%2BNJZFX7EOP%2FxA%2Fa4sJTAhfQ7a2Nd50inuR%2Fruxa%2Fchn2ZIm42Y6Lj2SCT73ncv%2FpC%2F1EhN%2Bo7S2qpavHFCroLpu%2Bat8YU4wa3oBMftXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31de9a741af8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18718
expires: Sun, 12 May 2024 10:24:58 GMT

GET
H2 200 ads_cambodia_day_tour.jpeg
www.tourismcambodia.com/img/ads/ 15 KB
16 KB 480ms
480ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tourismcambodia.com/img/ads/ads_cambodia_day_tour.jpeg
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 213d62a55f2c027b54452be9fa8c74db7d83491739207f627b68e7a11a994d0b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Mar 2021 06:07:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Hily0zkh7JNrx%2BzPRpimlkRYyfXFNLn2ns966obuMy83Qfa6JKVN8hmL3o%2F3fp32rFfogENhbSeclJaXnS7d5qZePwTav9zYasDtMNY7xiXg3ShIDz8HMT4NXbomWCMbKIgZqZb32NB7crKifr%2F6fvUQR94QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31de9a751af8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15480
expires: Sun, 12 May 2024 10:24:58 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 239ms
91ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-7664349929917900:9575358531

Requested by

Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

7096bc4b0175537a80f7edf9f573898f610729d295028833119595babe1a2394

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-EuYxmmHzHAg_v_k5eYRpUA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-EuYxmmHzHAg_v_k5eYRpUA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Sat, 13 May 2023 10:24:58 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3005
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Sat, 13 May 2023 10:24:58 GMT

GET
H2 200 widget.js Show response
widget.camboticket.com/ 1 MB
256 KB 151ms
38ms Script
application/javascript 13.32.121.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.camboticket.com/widget.js
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-118.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efd95a582dbbf8c3a07bd56f1fc49b0d3733ff96a07856fc4ae1a6817f158786

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 07:44:21 GMT
content-encoding: gzip
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
last-modified: Wed, 02 Jan 2019 04:18:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 9637
etag: W/"0c839d4c1653aeffbd52a4db904b56c1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Gab6o1XlA8pbgTaMx_8BLsSAhMvlHDzr8sib_nZ_8XKRTdER_uBJWA==

GET
H3 200 lazyloader.gif
www.tourismcambodia.com/img/system/ 14 KB
15 KB 32ms
32ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tourismcambodia.com/img/system/lazyloader.gif
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd03cc850f6f038006794970052c7e68a248f01746dbf097781deb46683f6412

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 06:16:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 587020
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P65NZ4tfpG%2F33BNMQ73tqekT0rFy%2BaCuU4tAbIQSULtJdXPHgOL%2BT8F5XdzEKY06I%2FoNjX4RUHVyFCVflkpwmyrLjHI39ewDDT60gI8xxfgWJZqeF%2BOgcghJG0s%2BRA3nk6OTVNClthlVWMofa4%2FIMx0aAc64iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31decf5606d4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14693
expires: Sun, 05 May 2024 15:21:18 GMT

GET
H3 200 54df2d9e680994832f083ccd6e6ba1d5.js Show response
www.tourismcambodia.com/assets/ 217 KB
60 KB 39ms
38ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourismcambodia.com/assets/54df2d9e680994832f083ccd6e6ba1d5.js
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8b788b89e44c3dfbef77b5fe8087b5a2e3a303e81968d9049406e8ba89b4c94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45513
cf-polished: origSize=222158
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 03 Mar 2021 01:42:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Zp6zJksUvPs52Wqwm3PGNET2WiV1b56udtDVQzMIQKHUGwARKF0wwnvky77xNrKMExtJ6Ap8ONo3j3dkc6YlRc3XPKRPvT329F0gQAafSJKc9AIVrDxYygOByxXxehNLOXNkyePWkE4mnKofsVhjF1f38Kyeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7c6a31df3fdc06d4-AMS
expires: Sat, 11 May 2024 21:46:25 GMT

GET
H2 200 common.140b7eeffe6ebde0c3aa.js Show response
tp.media/cascoon/ 432 KB
94 KB 52ms
52ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://tp.media/cascoon/common.140b7eeffe6ebde0c3aa.js
Requested by: Host: tp.media
URL: https://tp.media/content?promo_id=2693&shmarker=149110&campaign_id=84&trs=27372&locale=en&hotel_type=&border_radius=5&plain=true&powered_by=false&default_direction=Phnom%20Penh%20Hotel
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 34d4ac3932b81b5dd2533e78feb3adc37d5e51f943387b36741cf56b6ddf4b13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
content-encoding: br
last-modified: Wed, 03 May 2023 07:51:56 GMT
server: nginx
etag: W/"6452129c-6c1f7"
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 89ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: tp.media
URL: https://tp.media/content?promo_id=2693&shmarker=149110&campaign_id=84&trs=27372&locale=en&hotel_type=&border_radius=5&plain=true&powered_by=false&default_direction=Phnom%20Penh%20Hotel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tourismcambodia.com/
Origin: https://www.tourismcambodia.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 749627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18862
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY6PK8h4QJNDah%2FXvNS0TqFX1Hz5iAVawKGSsRU73GqhlO3bn4fGutVb1wdiHGbhfSJuitBxcH%2BPn7QDpbtWcsH21Z1uRur2ulYsC%2Ffu3aq6Dqp4Nsn1T6AyZRpdp4kIHQN0XsXMFTciqjj0%2BdKin%2BRy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c6a31dfda7b0a55-AMS
expires: Thu, 02 May 2024 10:24:58 GMT

GET
H2 200 styles.css
www.travelpayouts.com/mewtwo/ 167 KB
12 KB 51ms
50ms Stylesheet
text/css 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/styles.css?v=1483
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 5627529e11b9dc9abd9754a8011415cb5244d37c15cecfafc2c05ba533c1340e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
content-encoding: br
last-modified: Mon, 05 Dec 2022 13:46:53 GMT
server: nginx
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=600
content-length: 11680

GET
H2 200 ea367a88f7bd0ff5bcf3be27daa2decc.js Show response
www.travelpayouts.com/widgets_static/ 317 KB
57 KB 113ms
113ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets_static/ea367a88f7bd0ff5bcf3be27daa2decc.js?v=1483
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: a5873ee5e910cbb96514f1411c8754837ad6597ab7dad44e6a2614e3846e6a14

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=0
timing-allow-origin: *
x-promo-id: 0
x-robots-tag: noindex
x-request-id: d914f798e506aad43cf6e2393c34040b

GET
H3 200 ad52a02ca48bddb2da086dfd550253d9.css
www.tourismcambodia.com/assets/css/combined/ 230 KB
38 KB 36ms
36ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourismcambodia.com/assets/css/combined/ad52a02ca48bddb2da086dfd550253d9.css
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ebc81f081b511c6bcf50a70d7ea6eb45007a2d5415109bae5d133485f6a1d16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45513
cf-polished: origSize=236708
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 03 Mar 2021 01:44:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9k4Y%2FBrtulkNmdDchrKYu30%2FVucmTU%2F4KSpKlnugewcfYhwwcAnHPOMHfPRWRFk7AfovCuh5PQKgfdcVW7DV7TqK2WZSMk0dISCYb%2F6b87d9wFGuI9SlsZAPanQYqEAe%2FzsqzLch7PRzr4Q5tZwyc%2Ft6ChZfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7c6a31dfb86506d4-AMS
expires: Sun, 11 Jun 2023 21:46:25 GMT

GET
H2

200

j.gif
avsplow.com/a/
Redirect Chain

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22ea367a88f7bd0ff5bcf3be27daa2decc%22,%22trace_...

43 B
388 B

36ms
36ms

Image
image/gif

188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22ea367a88f7bd0ff5bcf3be27daa2decc%22,%22trace_id%22:%22Zz842a8d42948646f4af1345e-149110%22,%22promo_id%22:%224237%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

Redirect headers

date: Sat, 13 May 2023 10:24:58 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
location: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22ea367a88f7bd0ff5bcf3be27daa2decc%22,%22trace_id%22:%22Zz842a8d42948646f4af1345e-149110%22,%22promo_id%22:%224237%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 134ms
59ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 08:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6559
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 13 May 2023 10:35:39 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 207ms
60ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 10:10:26 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 873
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 13 May 2023 12:10:26 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 100ms
33ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed9606008d3b30e48f1dcbde8fcfdcb1f86d9a313f241969cf48239d4ddff0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 10:24:58 GMT
content-md5: fwnKJQCfP2hmZGnoMzQWew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: M12p+owOLfp1LsRgnsX+v2xIDNLIRmqjkuwe7nCAqW4o04gri+cnPIxiVvwL9qghhQCZi3jueW+zkKMSsbZS/g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 0f70852d1bd234ed399eaff104f77a2f
cross-origin-opener-policy: same-origin-allow-popups
etag: "2f9a092349d342b9547ddbb3fc4a13fa"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), bluetooth=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 13 May 2023 10:36:32 GMT

GET
H3 200 map-img.png
www.tourismcambodia.com/assets/img/ 16 KB
17 KB 32ms
31ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tourismcambodia.com/assets/img/map-img.png
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/assets/css/combined/ad52a02ca48bddb2da086dfd550253d9.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da5c06806fa44353eab0aa8ce686966e0cdab3a81092a50019226dbfb34812c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/assets/css/combined/ad52a02ca48bddb2da086dfd550253d9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 01:43:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 522610
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOOwPgGlHdrbzYcXz8SJ7Pf708V%2FpT2nf3XqlqBTrLIXZce%2BnQygk6I5tbbuv8QOcM1PK9H7ePL7p%2Bi5uFkEih23UmqV86OgSYkfc3R4Wswhj7e8FkvaBDQSQNFeYeB33DZKK9V9GS0ukiAYSUmaQnhwZxtiiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c6a31e018cc06d4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16509
expires: Tue, 06 Jun 2023 09:14:48 GMT

GET
H3 200 fontawesome-webfont.woff2
www.tourismcambodia.com/assets/css/fonts/ 65 KB
66 KB 33ms
32ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tourismcambodia.com/assets/css/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/assets/css/combined/ad52a02ca48bddb2da086dfd550253d9.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://www.tourismcambodia.com/assets/css/combined/ad52a02ca48bddb2da086dfd550253d9.css
Origin: https://www.tourismcambodia.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 01:44:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 587020
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbA%2FzwHMQ%2BLtAFqSDQmOJnz%2Fc0sbP%2BF26q8IVR4yafOmm6PkqDyAK65%2FU0plomWYiPjhu5%2FZ6zzpbsOV2tQrLdNAFyfYC%2BelHwF%2Frqi27iF2co68DtcgemN0LOTDyUK%2BUTkyI4p2j9LRjHDTwaNevvwa0iE%2FEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7c6a31e018ce06d4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66624
expires: Mon, 05 Jun 2023 15:21:18 GMT

GET
H3 200 300_visainfo.jpg
www.tourismcambodia.com/img/ads/ 16 KB
16 KB 33ms
32ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tourismcambodia.com/img/ads/300_visainfo.jpg
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f758e6b674531cc073db8e5327ac4350e9487e6b5194554eb6c7098be663bc1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:58 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 06:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3164
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaiSukXNygpRsLLE57SqD2kuPXjAsUl6Cr%2FlhcZ6Mqd0hPALP5EVM9G4CYHkC9otwLIWDh0IPIIr4KeR2rZKoM8PK7GY4GUphAiYHE1YPi2%2BPdkQyrPBxp5g%2Be0ekLeaDGxxWg78CLFcUYbUrJ%2Fvb%2F8u0wsvcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31e0593106d4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16099
expires: Sun, 12 May 2024 09:32:14 GMT

GET
H2 200 sp.js Show response
st.avsplow.com/19.18.12/ 41 KB
14 KB 117ms
39ms Script
application/x-javascript 2606:4700:20::681a:677
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.avsplow.com/19.18.12/sp.js
Requested by: Host: tp.media
URL: https://tp.media/cascoon/common.140b7eeffe6ebde0c3aa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:677 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c266b32e3008dfd1061e143c92be4bb7e6e293a80005e23c7289f932001b2bff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4506812
cf-polished: origSize=42670
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 20 Mar 2023 11:06:37 GMT
server: cloudflare
etag: W/"19ae50cc8f44735f712dc77bd3c22064"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnJXQik6CJsHjLVnVFRDQPyGYtIW5TDC%2FZvInjUAdy3X5IUW2Fzw0rcpz1nW%2Fy47Uo6jjmrO6esQT2rTHTFyXbKm%2Fg2e8iLzbfxIwEiMHESfeRAR99ynZZb581ADbp0TNxe6GpR0%2BY6nplJK"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 7c6a31e0ffff0c35-AMS

GET
H2

200

powered_by.js Show response
www.travelpayouts.com/powered_by/
Redirect Chain

https://travelpayouts.com/powered_by/powered_by.js
https://www.travelpayouts.com/powered_by/powered_by.js

41 KB
15 KB

38ms
38ms

Script
application/javascript

172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/powered_by/powered_by.js
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: dbbd02956897dd3950c78c8af1836d1bfae3697501d58081ce98e21a1d911818

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2023 09:16:08 GMT
server: nginx
etag: W/"644f8358-a4d1"
content-type: application/javascript; charset=utf-8

Redirect headers

location: https://www.travelpayouts.com/powered_by/powered_by.js
date: Sat, 13 May 2023 10:24:59 GMT
server: nginx
content-length: 178
content-type: text/html

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/ 357 KB
120 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5129221542064326&plah=www.tourismcambodia.com&bust=31074512

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

321ef3775409fa7efe822521067848af08a4e90c813dba82c78c162cbc8b42a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122864
x-xss-protection: 0
server: cafe
etag: 17610187328299417673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 10:24:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame FFC7 10 KB
5 KB 135ms
60ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tourismcambodia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 21256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 04:30:43 GMT
etag: 15057649708203361565
expires: Sat, 27 May 2023 04:30:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/8e77c7877b8339e2/ 308 KB
308 KB 141ms
68ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8e77c7877b8339e2/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-7664349929917900:9575358531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45457d866bd718cde7e184dc909841b02a946eaa210ec6554469f5624c08b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:43:12 GMT
x-content-type-options: nosniff
age: 60107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314934
x-xss-protection: 0
last-modified: Mon, 01 May 2023 18:40:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 11 May 2024 17:43:12 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/8e77c7877b8339e2/ 41 KB
9 KB 133ms
61ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8e77c7877b8339e2/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-7664349929917900:9575358531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 17:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 01 May 2023 18:40:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 11 May 2024 17:43:12 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
5 KB 139ms
67ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-7664349929917900:9575358531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:23:12 GMT
x-content-type-options: nosniff
age: 107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4495
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 13 May 2023 11:13:12 GMT

OPTIONS
H2 204 operators
api.camboticket.com/ Frame 0
0 879ms
738ms Preflight 13.224.189.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.camboticket.com/operators?country_code_exclude=in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-27.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: camboticket-env,x-api-key,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.tourismcambodia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: camboticket-env,x-api-key,x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
date: Sat, 13 May 2023 10:24:59 GMT
vary: Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amz-apigw-id: E2zLZEZ4SQ0FqMQ=
x-amz-cf-id: TN8TNgXaNDWWyE3HcCTg71ilwoMP_2gxVmWKkFXKQE0SGWcoJkL5oA==
x-amz-cf-pop: FRA2-C1
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-date: Sat, 13 May 2023 10:24:59 GMT
x-amzn-remapped-server: nginx
x-amzn-requestid: 0aedd667-97f6-4c94-85cd-7b95d5aff72a
x-cache: Miss from cloudfront

OPTIONS
H2 204 pairs
api.camboticket.com/locations/ Frame 0
0 853ms
712ms Preflight 13.224.189.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.camboticket.com/locations/pairs?hide_offline_operators=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-27.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: camboticket-env,x-api-key,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.tourismcambodia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: camboticket-env,x-api-key,x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
date: Sat, 13 May 2023 10:24:59 GMT
vary: Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amz-apigw-id: E2zLZFnASQ0FStg=
x-amz-cf-id: 9M7RIuVc1LbhP2N-oQObniDZbfs4NsLJj0zkkV983MYyayhe7E2s8g==
x-amz-cf-pop: FRA2-C1
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-date: Sat, 13 May 2023 10:24:59 GMT
x-amzn-remapped-server: nginx
x-amzn-requestid: 7f06a063-1aef-416f-af5f-4d0a69b5fd1d
x-cache: Miss from cloudfront

OPTIONS
H2 204 operators
api.camboticket.com/ Frame 0
0 880ms
739ms Preflight 13.224.189.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.camboticket.com/operators?country_code_exclude=in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-27.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: camboticket-env,x-api-key,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.tourismcambodia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: camboticket-env,x-api-key,x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
date: Sat, 13 May 2023 10:24:59 GMT
vary: Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amz-apigw-id: E2zLZFkVSQ0FW4A=
x-amz-cf-id: CrTFFYltVqcMI_CAFineGAIjWUF4-Hu_DOt5E1WO6QP5qtccxXmrtg==
x-amz-cf-pop: FRA2-C1
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-date: Sat, 13 May 2023 10:24:59 GMT
x-amzn-remapped-server: nginx
x-amzn-requestid: b73da0a3-dc4a-4ffb-9902-9da6ccc188d7
x-cache: Miss from cloudfront

OPTIONS
H2 204 pairs
api.camboticket.com/locations/ Frame 0
0 955ms
813ms Preflight 13.224.189.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.camboticket.com/locations/pairs?hide_offline_operators=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-27.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: camboticket-env,x-api-key,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.tourismcambodia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: camboticket-env,x-api-key,x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
date: Sat, 13 May 2023 10:24:59 GMT
vary: Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amz-apigw-id: E2zLZHlTyQ0FdJw=
x-amz-cf-id: TqHg7Ou1VcKFqVMUZtFKmr32sQW3PygY9t2BoS7QPw5uM5o8sWdghA==
x-amz-cf-pop: FRA2-C1
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-date: Sat, 13 May 2023 10:24:59 GMT
x-amzn-remapped-server: nginx
x-amzn-requestid: 6879a712-18e0-482b-8903-127ef10574a8
x-cache: Miss from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 143ms
69ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,600|Tillitum+Web|Roboto|Material+Icons

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27011a6696ebdc77b7ebebb8d56c0a9db78e9fb52f55264cd37f38868e3a5466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 10:24:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 10:24:59 GMT

GET
H2 200 operators Show response
api.camboticket.com/ 480 KB
34 KB 829ms
829ms XHR
application/json 13.224.189.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.camboticket.com/operators?country_code_exclude=in
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-27.fra2.r.cloudfront.net
Software: /
Resource Hash: 6cb7968c64c47bd53d617dc2de0be3a6dee258030b849634219da50315fe7445

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tourismcambodia.com/
X-Requested-With: camboticket
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
x-api-key: vXUI2dQyP7TfD2ZW225B8uYuDsezpHT93le3kgaa
camboticket-env: production

Response headers

date: Sat, 13 May 2023 10:25:00 GMT
content-encoding: gzip
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amzn-remapped-server: nginx
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 56f8808f-e388-4f28-9f23-80ba9c110338
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: E2zLgELESQ0Frrg=
content-length: 33918
x-ratelimit-remaining: 102
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 120
x-amzn-remapped-date: Sat, 13 May 2023 10:25:00 GMT
x-amz-cf-id: tK1BxeYBT08ciEv7dXDvwf3FGHA3ampYZRwmlpeo-vz0tFTnKBVI7w==

GET
H2 200 pairs Show response
api.camboticket.com/locations/ 612 KB
42 KB 826ms
826ms XHR
application/json 13.224.189.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.camboticket.com/locations/pairs?hide_offline_operators=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-27.fra2.r.cloudfront.net
Software: /
Resource Hash: 5fcbe75fb7c90b2533caebd4b761453a36fd4546bd56fffe65999e897945f5d5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tourismcambodia.com/
X-Requested-With: camboticket
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
x-api-key: vXUI2dQyP7TfD2ZW225B8uYuDsezpHT93le3kgaa
camboticket-env: production

Response headers

date: Sat, 13 May 2023 10:25:00 GMT
content-encoding: gzip
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amzn-remapped-server: nginx
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 19aa6b6b-e885-4fd0-96c2-9e7af5b59903
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: E2zLgHetSQ0Fcig=
content-length: 42169
x-ratelimit-remaining: 107
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 120
x-amzn-remapped-date: Sat, 13 May 2023 10:25:00 GMT
x-amz-cf-id: _EqB2S09PIb8VfIWgGkfS22I_TI7AY77wxH42CatsUNFI0-CCHjfdg==

GET
H2 200 operators Show response
api.camboticket.com/ 480 KB
34 KB 805ms
804ms XHR
application/json 13.224.189.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.camboticket.com/operators?country_code_exclude=in
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-27.fra2.r.cloudfront.net
Software: /
Resource Hash: 6cb7968c64c47bd53d617dc2de0be3a6dee258030b849634219da50315fe7445

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tourismcambodia.com/
X-Requested-With: camboticket
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
x-api-key: vXUI2dQyP7TfD2ZW225B8uYuDsezpHT93le3kgaa
camboticket-env: production

Response headers

date: Sat, 13 May 2023 10:25:00 GMT
content-encoding: gzip
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amzn-remapped-server: nginx
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: b950e01e-9142-4391-a551-2090bf4e7131
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: E2zLgG1CSQ0FpWg=
content-length: 33918
x-ratelimit-remaining: 107
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 120
x-amzn-remapped-date: Sat, 13 May 2023 10:25:00 GMT
x-amz-cf-id: HFN6NTbeXKJ8c3p4DWcReQ34sqUvtdzTWNetf5TDfi8Gum157IBwHw==

GET
H2 200 pairs Show response
api.camboticket.com/locations/ 612 KB
42 KB 816ms
815ms XHR
application/json 13.224.189.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.camboticket.com/locations/pairs?hide_offline_operators=0
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-27.fra2.r.cloudfront.net
Software: /
Resource Hash: 5fcbe75fb7c90b2533caebd4b761453a36fd4546bd56fffe65999e897945f5d5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.tourismcambodia.com/
X-Requested-With: camboticket
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
x-api-key: vXUI2dQyP7TfD2ZW225B8uYuDsezpHT93le3kgaa
camboticket-env: production

Response headers

date: Sat, 13 May 2023 10:25:00 GMT
content-encoding: gzip
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amzn-remapped-server: nginx
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 28ff48f2-063c-4e80-b687-1c0daf387d6a
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: E2zLhEBaSQ0FnFQ=
content-length: 42169
x-ratelimit-remaining: 102
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 120
x-amzn-remapped-date: Sat, 13 May 2023 10:25:00 GMT
x-amz-cf-id: SZQQgsGO6uPnGjDaYGry6rKAWUP4btroaBzmleXeer3pa3P7fPWhqA==

GET
H2 200 styles.css
www.travelpayouts.com/mewtwo/ 167 KB
12 KB 72ms
72ms Stylesheet
text/css 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/ea367a88f7bd0ff5bcf3be27daa2decc.js?v=1483
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 5627529e11b9dc9abd9754a8011415cb5244d37c15cecfafc2c05ba533c1340e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: br
last-modified: Mon, 05 Dec 2022 13:46:51 GMT
server: nginx
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=600
content-length: 11680

GET
H2 200 whereami Show response
www.travelpayouts.com/ 133 B
264 B 29ms
29ms Script
application/x-javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/whereami?locale=en_us&callback=mewtwoForms.geoIPSetter.lang_en_us
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/ea367a88f7bd0ff5bcf3be27daa2decc.js?v=1483
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 583f5bc51bd645a3bf75b24bd9d8a98be7fcfaec965b1a7693e09ae0c937c2d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: br
server: nginx
x-request-id: 321920ecbf0da240702bb1c53ceb5ebd
content-type: application/x-javascript; charset=utf-8

GET
H2 200 tp.png
www.travelpayouts.com/powered_by/img/ 4 KB
4 KB 51ms
50ms Image
image/png 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelpayouts.com/powered_by/img/tp.png
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
last-modified: Mon, 01 May 2023 09:16:04 GMT
server: nginx
accept-ranges: bytes
etag: "644f8354-e00"
content-length: 3584
content-type: image/png

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 71ms
37ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=30aa7ff2c1563389c410caf09b77b534

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ce1daf49af2dfb4ad890901aa7ca0ac5a453fa15775327467f2be02f64f31df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.tourismcambodia.com/
Origin: https://www.tourismcambodia.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 10:24:59 GMT
content-md5: 7EX4VfruiLS4YDXb7odvlQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88621
x-fb-rlafr: 0
x-fb-debug: Puete/r3LrOlvYLVPOA5LDnM9R1NRbMWgqI2CNXcWLuL7U8ySCkdDUZw9wLrJ46DdlAhQm1qrVLjdQzcqMh37Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d3f4f11fa949e8898c877f588215b011
cross-origin-opener-policy: same-origin-allow-popups
etag: "d35c58242935f1b1d78bcef1749b8ca1"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 12 May 2024 06:57:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 67ms
66ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1264480997&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tourismcambodia.com%2F&ul=en-us&de=UTF-8&dt=The%20Official%20Site%20for%20Tourism%20of%20Cambodia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1021667001&gjid=412757470&cid=278920910.1683973499&tid=UA-20133652-1&_gid=694434653.1683973499&_r=1&_slc=1&z=39198183

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tourismcambodia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 10:24:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tourismcambodia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 search_terms_forward Show response
suggest.travelpayouts.com/uaca/v1/ 844 B
522 B 116ms
53ms Fetch
application/json 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://suggest.travelpayouts.com/uaca/v1/search_terms_forward?term=Phnom%20Penh%20Hotel&locale=en&service=bookingcom
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 43a70ae3c56559e35c1d3869bede11f1eb865e7b4c04e053e976bf7076b10803

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-ttl: 0
date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: gzip
server: nginx
x-krakend: Version undefined
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
x-krakend-completed: false
x-robots-tag: noindex
content-length: 256
x-cached: 1
x-request-id: fbf0ea53a48ff778e3c9ba0e3964dd75

GET
H2 200 360-230_royal_palace.jpg
m.tourismcambodia.com/img/thumbnails/ 49 KB
49 KB 754ms
736ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.tourismcambodia.com/img/thumbnails/360-230_royal_palace.jpg
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d8e96f85f2e0c212044d70f12698d9f131af600a72bc0acd9cd4e192ca409fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:00 GMT
cf-cache-status: MISS
last-modified: Thu, 05 May 2022 07:57:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abR0ECvdw8EbC2FPH%2BgcPAEUzusnfBae1J3sNELk6lw7nG6%2BA2V7eMyn78AbrpH%2F6MWfOAj%2BcC3Az7akSRMNAiRndIldB2HSXrdreP3tOKsN9jguTnGuMU8%2FiRSy1exifx5MlwxgSpa1Ryxn5iJDEvSmwxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31e2bdf91af8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49984
expires: Sun, 12 May 2024 10:24:59 GMT

GET
H2 200 360-230_yeaklom.jpg
m.tourismcambodia.com/img/thumbnails/ 55 KB
55 KB 749ms
731ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.tourismcambodia.com/img/thumbnails/360-230_yeaklom.jpg
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d34d4bf6e5a63ae3631197d90e93d6dc39056d93047db12b64918b83ffd9f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:00 GMT
cf-cache-status: MISS
last-modified: Thu, 05 May 2022 08:15:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGrDBt%2F%2FXD8kwRCiduiR1yPZSjjs7EPz%2Be0baEOu9EtszV0aloQFYtSjGmYteqxBV2Fn7LNmJo4ba1PcMSPQseb74zxe1LwUp4ka3WpppqlA1ysVG5rTJUbvPVRQQLl01%2Bl8hISFVcFO6WbvhHqtB5c7N4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31e2bdf81af8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56190
expires: Sun, 12 May 2024 10:24:59 GMT

GET
H2 200 360-230_battambang.jpg
m.tourismcambodia.com/img/thumbnails/ 38 KB
39 KB 742ms
724ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.tourismcambodia.com/img/thumbnails/360-230_battambang.jpg
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61897273475291f0abda176fe95ee40aec14f20b36401cdc30995d21b7e37459

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:00 GMT
cf-cache-status: MISS
last-modified: Thu, 05 May 2022 08:34:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpxbAmzvujif%2BH77BZeID%2FDqlG%2F3Q%2ByIfS0Szp3ZBY%2F8XWwRHXW4lhkhXlOXzKdF5%2FHGLI8DCkE9dZqrRJhFwEFrbUCg6gpMw4MX5qrJc%2Fn0Zrbxj2%2F1TlR9Mt69BgLi%2F%2Frxr34NckgdUI%2F8B%2BYgqMoJXug%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31e2bdf71af8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39251
expires: Sun, 12 May 2024 10:24:59 GMT

POST
H2 200 j
avsplow.com/a/ 2 B
342 B 68ms
67ms Ping
text/plain 188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.12/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.tourismcambodia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tourismcambodia.com
date: Sat, 13 May 2023 10:24:59 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

POST
H2 200 j
avsplow.com/a/ 2 B
342 B 69ms
69ms Ping
text/plain 188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.12/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.tourismcambodia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tourismcambodia.com
date: Sat, 13 May 2023 10:24:59 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
611 B 208ms
67ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.tourismcambodia.com&callback=_gfp_s_&client=ca-pub-5129221542064326

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5129221542064326&plah=www.tourismcambodia.com&bust=31074512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

897a19816a1ac616fd039bdfa135b3a1023a566f0ba31df4970a3a84edfb93dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 140ms
69ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.tourismcambodia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 146ms
71ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tourismcambodia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 95ms
94ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=topcontrol&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 10:24:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 10:24:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49AE 0
188 B 311ms
310ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5129221542064326&output=html&adk=1812271804&adf=3025194257&lmt=1683973499&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498960&bpp=3&bdt=333&idt=360&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3440518284349&frm=20&pv=2&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=405

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tourismcambodia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 10:24:59 GMT
expires: Sat, 13 May 2023 10:24:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AF0 102 KB
35 KB 901ms
900ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7664349929917900&output=html&h=280&slotname=2915802884&adk=1624935043&adf=873042520&pi=t.ma~as.2915802884&w=875&fwrn=4&fwrnh=100&lmt=1683973499&rafmt=1&format=875x280&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498963&bpp=2&bdt=336&idt=409&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3440518284349&frm=20&pv=2&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=878&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j1mw1IY89v&p=https%3A//www.tourismcambodia.com&dtd=417

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63142a5ef8d7dea4b337b4dd18727fa094f66e84afe28d0f36e0a44741b349c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tourismcambodia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35201
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 10:25:00 GMT
expires: Sat, 13 May 2023 10:25:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 j
avsplow.com/a/ 2 B
342 B 71ms
70ms Ping
text/plain 188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.12/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.tourismcambodia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tourismcambodia.com
date: Sat, 13 May 2023 10:24:59 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1602 128 KB
37 KB 1124ms
1123ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7664349929917900&output=html&h=600&slotname=9030630887&adk=1907338042&adf=2404123270&pi=t.ma~as.9030630887&w=300&lmt=1683973499&format=300x600&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498965&bpp=1&bdt=337&idt=438&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C875x280&nras=1&correlator=3440518284349&frm=20&pv=1&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VzzLaXQAi8&p=https%3A//www.tourismcambodia.com&dtd=441

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3606a801fc04694654a22277878ad15c8dc2f1a1a867d66945ddb19c53d1ce34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tourismcambodia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37491
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 10:25:00 GMT
expires: Sat, 13 May 2023 10:25:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 230ms
230ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8e77c7877b8339e2/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1658873477ef275f79fec84be7fbd506e6c313741a72c837466dda0881a3a876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "7206891201335125315"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Sat, 13 May 2023 10:24:59 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 60ms
59ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 22:56:11 GMT
x-content-type-options: nosniff
age: 559728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 05 May 2024 22:56:11 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 222ms
59ms Image
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:24:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 103ms
32ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=197239102370&ev=fb_page_view&dl=https%3A%2F%2Fwww.tourismcambodia.com%2F&rl=&if=false&ts=1683973499442&sw=1600&sh=1200&at=

Requested by

Host: www.tourismcambodia.com
URL: https://www.tourismcambodia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 May 2023 10:24:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 j
avsplow.com/a/ 2 B
342 B 68ms
68ms Ping
text/plain 188.42.198.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.12/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.tourismcambodia.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.tourismcambodia.com
date: Sat, 13 May 2023 10:24:59 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H2 200 css
fonts.googleapis.com/ Frame 2AF0 9 KB
1 KB 70ms
69ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7664349929917900&output=html&h=280&slotname=2915802884&adk=1624935043&adf=873042520&pi=t.ma~as.2915802884&w=875&fwrn=4&fwrnh=100&lmt=1683973499&rafmt=1&format=875x280&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498963&bpp=2&bdt=336&idt=409&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3440518284349&frm=20&pv=2&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=878&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j1mw1IY89v&p=https%3A//www.tourismcambodia.com&dtd=417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 10:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 08:37:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 10:25:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2AF0 2 KB
846 B 142ms
70ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 20:51:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2AF0 0
0 106ms
105ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6TjAe2VfZPX6GZfG1fAP0r6SyAvT7Y3FcOWzv967EZqBhJmPDhABIP2--QxgkYSghYwYoAG_y-aFAsgBCagDAcgDywSqBIcCT9CRYGWzccikzHVqkShEtxsa8MZJ_rW5d4EIKsmtif7Xd2-bvr30-SqwF6sMEUc27ySZ5RJ8Cmfqi7LuxRmAYVpSfQ7nktYdRaLzkdCgWEI0j-f35SAoanrUoRYiWuBQ6_kU7V2QrVFL_zue0LovjMgGYW8YvQZZHqo3QEuKBvBASRL7qPZ-yUHnhuI9amTEWD2wZi3DhRE0fZNRWwD8TOfiB2aRa0_3eAtFKyjT7WTiKU3XTkDsCNOgzXMAJTD_539iFoPxOe7t2ZgFWBNIzzUaGlX4eCAjN_M4HXo6kqh7HxdQKl7w2hK4AwH4q_BpCqXYpQfST6H1A9jYPabdiN-MDqYnbYnABKeDr5u2BJIFBAgEGAGSBQQIBRgEoAYugAesvNeDAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENaEAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzY2NDM0OTkyOTkxNzkwMBgA&sigh=YU0YoQ1x9c4&uach_m=[UACH]&cid=CAQSGwBygQiDcxiOw4qXNBfyrL5D0CskMV87Kf2QBBgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7664349929917900&output=html&h=280&slotname=2915802884&adk=1624935043&adf=873042520&pi=t.ma~as.2915802884&w=875&fwrn=4&fwrnh=100&lmt=1683973499&rafmt=1&format=875x280&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498963&bpp=2&bdt=336&idt=409&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3440518284349&frm=20&pv=2&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=878&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=j1mw1IY89v&p=https%3A//www.tourismcambodia.com&dtd=417
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 10:25:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 13 May 2023 10:25:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7812344236549286317/ Frame 2AF0 47 KB
47 KB 156ms
89ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7812344236549286317/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af94bc8c9ac7a167acd6164ea33d47f376ddda0328a39fb83a0a82bdc0b5afb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 19:03:01 GMT
x-content-type-options: nosniff
age: 573719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47855
x-xss-protection: 0
last-modified: Fri, 23 Dec 2022 07:53:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 19:03:01 GMT

GET
DATA 200
OK truncated
/ Frame 2AF0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2AF0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 2AF0 22 KB
9 KB 101ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2AF0 3 KB
1 KB 109ms
68ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 09:21:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2AF0 19 KB
8 KB 103ms
63ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AF0 169 KB
53 KB 205ms
76ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 10:25:00 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 2AF0 32 KB
14 KB 133ms
61ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 20:47:03 GMT

GET
DATA 200
OK truncated
/ Frame 2AF0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d382b1bc51e7978eadfe7ae08ad5156c3eb7a720c956487d2e4913611a0c45d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 25c1ebd307027cb6cde802b753523349.js Show response
www.gstatic.com/mysidia/ Frame 1602 8 KB
4 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/25c1ebd307027cb6cde802b753523349.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7664349929917900&output=html&h=600&slotname=9030630887&adk=1907338042&adf=2404123270&pi=t.ma~as.9030630887&w=300&lmt=1683973499&format=300x600&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498965&bpp=1&bdt=337&idt=438&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C875x280&nras=1&correlator=3440518284349&frm=20&pv=1&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VzzLaXQAi8&p=https%3A//www.tourismcambodia.com&dtd=441

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08c6df6675aa9335318105edf2dae0e633d9b9b5e023d2f7d312dee6850b1013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3684
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 20:47:42 GMT

GET
H2 200 98bc4c9a638189871f190dea2feda919.js Show response
www.gstatic.com/mysidia/ Frame 1602 148 KB
55 KB 68ms
65ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/98bc4c9a638189871f190dea2feda919.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

076a05d5a001442fc2dd88ae7a248bdd932d84fe6ab08ca41e4261104ebbde16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 21:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55747
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 21:55:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1602 5 KB
853 B 73ms
71ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c14c5e17dfe628e18a965eebff2c03cc7cd0fdb06529f6415a800dedf57884c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 10:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 10:09:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 10:25:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 1602 2 KB
799 B 65ms
63ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 20:51:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 1602 22 KB
9 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 1602 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 May 2023 09:21:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 1602 19 KB
8 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 May 2023 18:05:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1602 169 KB
52 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 May 2023 10:25:00 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 1602 32 KB
13 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 20:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 20:47:03 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1602 30 KB
30 KB 98ms
60ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTelJMN545dXLSRE2gVT66V9r36E304Z-Gw0a1_Dsv1IY1y4DjTJ8zBMRKZCA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94880f3d414008c06bce44eb53973e7fbb77bf9becc1a814df58a51189d0a880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 10:42:23 GMT
x-content-type-options: nosniff
age: 171757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30768
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 07:16:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 10 May 2024 10:42:23 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1602 22 KB
23 KB 149ms
60ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTT1tl_bA5mjzj5uT78VkjROs6LOKXegcR-ZkA_S584fFRLbJ5_NvJftet4Qz8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac634de651a00d35ca7df1c8d269e8d7d2dd31342483c0c6caa6f44e7c56cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 23:42:18 GMT
x-content-type-options: nosniff
age: 556962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22949
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 03:16:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 May 2024 23:42:18 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 1602 10 KB
10 KB 205ms
60ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTmE9AOb8NUvxACEX-hI4ks3xF_oifdCOBjWjofvICN_5r3QeahOBDsmjRlOGY&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2691145380a6cc155640179b03e7294f88d38d9b6b89a1d4ba92cd940d643a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 19:31:14 GMT
x-content-type-options: nosniff
age: 312826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9773
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 14:28:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 08 May 2024 19:31:14 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1602 25 KB
25 KB 161ms
124ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRDw8ZD0ILo5WbeH3uDCDqys-Ge_RPS5o3nqDJkEOqCbe75D7xBUMJhDyUWvps&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

455fcb0db43f893962b7db5c59c718670eb82247c1ddaf95b8a94485448b68fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 14:23:11 GMT
x-content-type-options: nosniff
age: 72109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25240
x-xss-protection: 0
last-modified: Wed, 26 Aug 2020 20:38:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 11 May 2024 14:23:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1602 17 KB
18 KB 205ms
117ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRm_FVpjk4CZagHqG5hbJ0y1ptVOc_aOCKydZ6nJKFnlE58C7Zd5SbYydKxsQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e26174b3a4a64a517d9206c427bb0ecf51a07d67391a4c58ad8d41fb20bc572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 19:21:30 GMT
x-content-type-options: nosniff
age: 572610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17857
x-xss-protection: 0
last-modified: Wed, 26 Aug 2020 22:30:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 May 2024 19:21:30 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1602 20 KB
21 KB 215ms
127ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSx-3_hujPtnR1Q7dm4Om0wj2vbyrZGRt0UeVttct7DSlWBeGG6Dpg3AWTyP-M&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa24589733de4318d93d5ed9ad73a1317920fd49fba49afee2869f94f71d46c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 20:37:19 GMT
x-content-type-options: nosniff
age: 568061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20888
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 17:48:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 05 May 2024 20:37:19 GMT

GET
H3

200

6750730227827852970
tpc.googlesyndication.com/simgad/ Frame 1602
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqu42gEQkAEYkAEyCCjCB-EB92Hx
https://tpc.googlesyndication.com/simgad/6750730227827852970

17 KB
17 KB

67ms
66ms

Image
image/jpeg

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6750730227827852970

Requested by

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b5753580de992cd3b18a968d9c6686c11240546a87d59db39991032bfbeda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 16:59:19 GMT
x-content-type-options: nosniff
age: 581141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16954
x-xss-protection: 0
last-modified: Thu, 21 May 2020 07:50:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 16:59:19 GMT

Redirect headers

date: Sat, 13 May 2023 07:06:59 GMT
x-content-type-options: nosniff
server: cafe
age: 11881
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6750730227827852970
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 07:06:59 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 2AF0 29 KB
30 KB 134ms
60ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 561510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 22:26:30 GMT

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame DFCB 37 KB
14 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 09:31:07 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1602 0
234 B 374ms
119ms Ping
image/gif 2607:f8b0:4002:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lhlucd21&c=5523705257040&slotId=2761852628520&qqid=CPrp-5GK8v4CFdhlFQgdd7UJcA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/98bc4c9a638189871f190dea2feda919.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 10:25:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

8065140342024867723
tpc.googlesyndication.com/simgad/ Frame 1602
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqvyNRDYBBi6AjII8O31nyhzxYQ
https://tpc.googlesyndication.com/simgad/8065140342024867723

174 KB
174 KB

60ms
60ms

Image
image/jpeg

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8065140342024867723

Requested by

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8adcd0ddbba74027254ffd67bb552777410daf20131bae845cdcc617aa9a29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 10:05:54 GMT
x-content-type-options: nosniff
age: 519546
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177987
x-xss-protection: 0
last-modified: Thu, 21 May 2020 07:50:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 May 2024 10:05:54 GMT

Redirect headers

date: Fri, 12 May 2023 12:09:55 GMT
x-content-type-options: nosniff
server: cafe
age: 80105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8065140342024867723
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Jun 2023 12:09:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1602 0
20 B 94ms
93ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?zx=sofm26kpl7iv&st=lima

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 10:25:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

206

videoplayback
r2---sn-pouxga5o-vu2s.gvt1.com/ Frame 1602
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=8bcb185af86d5d20&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1683980700&sparams=ip,ipbits,expire,id,...
https://r2---sn-pouxga5o-vu2s.gvt1.com/videoplayback?id=8bcb185af86d5d20&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1683980700&sparams=expire,id,ip,ipbits,itag,mh,mip,mm...

2 MB
2 MB

424ms
58ms

Media
video/mp4

2a00:ff0:1234:3::d
ASOCIATIA-INTERLA...

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-pouxga5o-vu2s.gvt1.com/videoplayback?id=8bcb185af86d5d20&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1683980700&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=0DD20B5FCCA79E885DAF9440FC6016B7AAEE32F8.27FDB8B54B482ACA096E124BE405F536294DA23E&key=cms1&cms_redirect=yes&mh=Bf&mip=2a00:1630:2:608::10&mm=28&mn=sn-pouxga5o-vu2s&ms=nvh&mt=1683972825&mv=u&mvi=2&pl=32

Requested by

Protocol

Server

2a00:ff0:1234:3::d , Romania, ASN41494 (ASOCIATIA-INTERLAN InterLAN Services, RO),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c08670c91452ab6c46063a0bcee6ad7858939b0c4336fa7203f4ee377ded7498

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 13 May 2023 10:25:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 30 Apr 2023 00:05:47 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1662803/1662804
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1662804
expires: Sat, 13 May 2023 10:25:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 May 2023 10:25:00 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-pouxga5o-vu2s.gvt1.com/videoplayback?id=8bcb185af86d5d20&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1683980700&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=0DD20B5FCCA79E885DAF9440FC6016B7AAEE32F8.27FDB8B54B482ACA096E124BE405F536294DA23E&key=cms1&cms_redirect=yes&mh=Bf&mip=2a00:1630:2:608::10&mm=28&mn=sn-pouxga5o-vu2s&ms=nvh&mt=1683972825&mv=u&mvi=2&pl=32
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 716
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1602 0
0 104ms
103ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgPo3e2VfZLrAG9jL1fAP9-qmgAexws_xb7CN99TCEeLGub7DOBABIP2--QxgkYSghYwYoAG635v5A8gBCagDAcgDywSqBPoBT9DYNCt09azCzKl2cAmnYR44-qn40qf72AYnv7bRj4FOWJPTgROPd82IsJHnF57mQjAhTr5k4W2dNT70Uf5tvU5ccqQMgLJBhpRJoLHkKXtN1tUCiO1-zSQODLOsPPmtho4YYC4xkhODatfet-sZVYACS8DYe8lHyIN-7tp1bwHF_dd1GDpVWp7V5U3QUqZLi0ERHP8Q8YmTcKfYadsttpMiwOPZD5d4DbwL6WBpaRjrJ6eRqAmNPYxkYb4lwKnyfz_w7Np1dbuAT4wwnkA_vSJxuwgTjrWrHenWWVJ7puzybjJJ6OWUi8F-yXkBF79dYIMRrZ8GTlBzXsAEgYuf36sEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB82D-NIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEISKAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzY2NDM0OTkyOTkxNzkwMBgA&sigh=8boiH9ky_V0&uach_m=[UACH]&cid=CAQSGwBygQiDjBn6rtFVwsnzxspjaX8ViUjhnHTnTBgB&template_id=499

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7664349929917900&output=html&h=600&slotname=9030630887&adk=1907338042&adf=2404123270&pi=t.ma~as.9030630887&w=300&lmt=1683973499&format=300x600&url=https%3A%2F%2Fwww.tourismcambodia.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683973498965&bpp=1&bdt=337&idt=438&shv=r20230510&mjsv=m202305100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C875x280&nras=1&correlator=3440518284349&frm=20&pv=1&ga_vid=278920910.1683973499&ga_sid=1683973499&ga_hid=1264480997&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44773809%2C42532089%2C42532185%2C44759876%2C31071755%2C31074512%2C44785293%2C44788442%2C44789923&oid=2&pvsid=1241435849621186&tmod=471680396&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=VzzLaXQAi8&p=https%3A//www.tourismcambodia.com&dtd=441
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 May 2023 10:25:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1602 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb960ec99961eede62ee15cc7abbb9004e7f6316ada4d289b6161e92f7599ebd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 1602 18 KB
18 KB 113ms
113ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1977d37efc117e675cf21c6d114cf72a98fc3b9f884227aba814f5ad407a03f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:40:47 GMT
x-content-type-options: nosniff
age: 114253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18560
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 02:40:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 231ms
111ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53450ac66eb5987513c12f66c2c339763000c9dead6febbafd734e58a7aa88e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11165
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 2FB2
Redirect Chain

https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=197239102370&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5bc5d5...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D197239102370%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com...

0
0

104ms
104ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D197239102370%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5bc5d5fbb22e4%2526domain%253Dwww.tourismcambodia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.tourismcambodia.com%25252Ff2fd8bc609d58a8%2526relation%253Dparent.parent%26container_width%3D263%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTourism2Cambodia%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=30aa7ff2c1563389c410caf09b77b534

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tourismcambodia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 13 May 2023 10:25:01 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: c4aYYC5vbt7+xQTPNNIb7cYX6TiUnt9BSbxO/Razgeu6U3LQSxkWunj+NOqtWC2KW77FfsaLWYyKfMIBHHj/Xg==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 10:25:01 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D197239102370%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5bc5d5fbb22e4%2526domain%253Dwww.tourismcambodia.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.tourismcambodia.com%25252Ff2fd8bc609d58a8%2526relation%253Dparent.parent%26container_width%3D263%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FTourism2Cambodia%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
origin-agent-cluster: ?0
permissions-policy: accelerometer=()
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: zI6qpVFd8npoicnfPET/og4VSZOhqrLIgA84JVUMD+ksNjixvp0iGP15vAbCeKX1qqcW97vPh/2uqKc4e4eqyQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 74D0 37 KB
14 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 09:31:07 GMT

GET
H3 200 360-230_sihanoukville.jpg
m.tourismcambodia.com/img/thumbnails/ 32 KB
33 KB 41ms
40ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.tourismcambodia.com/img/thumbnails/360-230_sihanoukville.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f6ef684ad35cfb8ae7f36707949e37e746d7073e120c8b8d857ed87fbca3fba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:01 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 08:27:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3252
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IN4B812TxbHOKIXf0poCDUDOwHc%2BEiZXP0dEMi95NQv%2Bn0qkToyOW1eBjLpQv1xiCQnKJbHCjOhG1%2BETGD24QKrhULoXNTtohRq%2F4uTh0joaqGLUXgtf4TyBdk%2BtJ4IYRDaALdAzQXIdx9%2FSsXnw%2BEG9k%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31efcb2e06d4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32853
expires: Sun, 12 May 2024 09:30:48 GMT

GET
H3 200 360-230_kampongthom.jpg
m.tourismcambodia.com/img/thumbnails/ 78 KB
78 KB 44ms
44ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.tourismcambodia.com/img/thumbnails/360-230_kampongthom.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93899b85a41ffb62c5c89ae6e3e9c0ab2cb3bd8f79b525bbe4b5655cf9ff112

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:01 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 08:34:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2945
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FU7xcVCR5t5eVzosW1GpeWqRh9aJ1W2OpgXIht9z2Cto%2BNkmqFFZSf6lQe1CSEKJBBv2mMKfBBEIfVKRSC%2BHE%2Bt5eBF4e6ON9QdOza%2FtqXrB9T8Cr2eouVH6eSjFa%2B6hyP0%2FNql6%2BNKig9%2FtEhIxBukmWnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31efcb3006d4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79367
expires: Sun, 12 May 2024 09:35:56 GMT

GET
H3 200 360-230_kampot.jpg
m.tourismcambodia.com/img/thumbnails/ 38 KB
39 KB 70ms
69ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.tourismcambodia.com/img/thumbnails/360-230_kampot.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b51829fa70648b89cc21a99023d92a190a750fed087caa3e321e9220e5791b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:01 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 08:15:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2945
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gY9AY4CG7YK4KjQw3L7TfCLdO3F8ZaHvWB2gP4tELQRUCRmWCjMEylI30DC%2BnrFDgfT0yV61WRliDDoMxDwNKX9RCV2d9I60k9SivBjB77GcPNYrCf%2BUdmJdjI682UXweYfZ2%2FuCXYI4mT9UoDQlBor9ctU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c6a31efcb3106d4-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39364
expires: Sun, 12 May 2024 09:35:56 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 May 2023 10:25:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2AF0 42 B
64 B 97ms
97ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0gKkEswqou03uKreMkLqzWFQyS8KEPsAmEXx9yysji3dRipgdjB3nPmqkecnpsCqm1M4m0o9ZXzBilY-xpfvJeKYxDYytiAHrIVFYxIrygXUPHOTrFITUEntYtMWaiKopqhDuQA&sai=AMfl-YSf4WStHCawIMKvO3zZxTF1ONxAEYI5NZavjzO_KO5hlU-v5bKIQqHWDTp-2hzpIP74xu1I0KDVZj7q&sig=Cg0ArKJSzL19f-mH2UavEAE&cid=CAQSGwBygQiDcxiOw4qXNBfyrL5D0CskMV87Kf2QBBgB&id=lidar2&mcvt=1002&p=0,0,280,875&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1624935043&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683973499381&rpt=1300&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 10:25:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0442 13 KB
5 KB 61ms
59ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tourismcambodia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 09:31:06 GMT
expires: Sun, 12 May 2024 09:31:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C43 783 B
535 B 69ms
68ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77557a1c8e237cb5da6688a29d6afc851762fea913fede8c232244d8521ca770

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W4aHVXomjSpbYYbmNXFQ2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tourismcambodia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-W4aHVXomjSpbYYbmNXFQ2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 10:25:01 GMT
expires: Sat, 13 May 2023 10:25:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0442 37 KB
14 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 09:31:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C43 0
0 94ms
94ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=1241435849621186&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0442 0
10 B 60ms
59ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-Svl3A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 10:25:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
98ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=1241435849621186&bg=!dXaldiLNAAYldGN0BXQ7ADkAdvg8WtspkSQ8KjhiuWWWZJqmZH_1H7BapSBT-mMrSEFeN-lr_lQ5ETSmPMOljQUcDGy1oytGhwQCAAAAVFIAAAADaAEHmQKsXwZGXx_py5n7SO69LHpaSFO78IFdUKZQad5oDV3ZZfSxOQ-9ZtlEg64lQMb0gDtil2z20S4Xdd5bQ4f416vIi_PbsdNmVRPB84OF9okxWQvVpae6me_ithX1DvZsyNbNFVt4LvuzPmM7egenedR-bQzEStu4f9mKyNMwwVo-LTQDGqzCTnhHxKn2VuRky8qsD_wpC_4Syf_C3mBoqwZ558TLH8jXNVS5Xi0gFRAsyGXtYNSsbXGLB4k6rOP7JZN3G0WOw5ZcHXKA4CxGBGmDx3Es5deO72rOs1d3Uzt-NQIs2H1YiqmawXN6fE2Vz1UP0KSwTDDKtYVQ8tQNYqtl_A9D4N1xUaTxUpWU3iRYbNuvYsA4La1pnQZwmJ2pFmK3VOFCykbUnawYP0Xzu0wcyhgFDXV9In3jJ0i3AvPVlEMLmfHsWjfpYadar4e2aNPceKyqNrNkKSBJPsfR3OWmuBHA_O6Fp2ot6OubymPOl1WHVs2mYMZ2Qkg0GFUORKnbfAIwSFHq6zfxbJgIGc_BUoVPjd1B7lfgbYdnrP_vRd3BdTPO2BHAr184_MrALteudKqxppUL4JPAMB62VeSpo0hiU2tc_R8un9R-qPHeKu4KdACsWCaib8-NkvqEnmnMLB53wpENyMupoJ-LzN94P-6iQ14w-NcBcjUHXs3aNB3oCtcs3FjDo8DA7BZHr8bCK7Ij7G2bnTPcMCbEI7i--HBNuhwSKFcIvuIE8IUlWdQx--0FaLmz6doqy6Od26ld0IeZvBLUo1dGFVkx7NqzySxJYOOStn9Hrrt9XjKTzUA4kew3XkOZTXsilhCbc7CdRnGY_otD1TCSokRi5Ou7qDbnfu90PshP8G7BJS73Xo1Mv_XXDkwXg0mMUi24sMezKiqD7dnq_nxugnxP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.tourismcambodia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 1602 0
54 B 121ms
120ms Ping
image/gif 2607:f8b0:4002:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lhlucd27&c=5523705257040&slotId=2761852628520&qqid=CPrp-5GK8v4CFdhlFQgdd7UJcA&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/98bc4c9a638189871f190dea2feda919.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 10:25:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.avsplow.com/	1970-01-20 20:31:49	Name: nuid Value: 4626c9be-3b16-40cf-ac88-36559598df08
.tourismcambodia.com/	1970-01-20 21:22:13	Name: _ga Value: GA1.2.278920910.1683973499
.tourismcambodia.com/	1970-01-20 11:47:39	Name: _gid Value: GA1.2.694434653.1683973499
.tourismcambodia.com/	1970-01-20 11:46:13	Name: _gat Value: 1
.tourismcambodia.com/	1970-01-20 11:46:15	Name: _sp_ses.1b84 Value: *
.tourismcambodia.com/	1970-01-20 21:22:13	Name: _sp_id.1b84 Value: bf632b0d-b25e-4130-b0c4-6828d7aabe49.1683973499.1.1683973500.1683973499.8cb80bf6-ed90-45dc-ab58-97333dc730c2
.tourismcambodia.com/	1970-01-20 21:07:49	Name: __gads Value: ID=8748e7b1ce97f1ae-224b485d9fdf00c3:T=1683973499:RT=1683973499:S=ALNI_MYMaziOoUS2nXrC_swqf5WmGMYxxA
.tourismcambodia.com/	1970-01-20 21:07:49	Name: __gpi Value: UID=00000bf9d200b623:T=1683973499:RT=1683973499:S=ALNI_MZtykv6RSN5vxj7UqmjJ7Pahhh-VQ
.doubleclick.net/	1970-01-20 21:07:49	Name: IDE Value: AHWqTUkhT61CPZbZec3BvSf0SwnqV1-hY_zoJTmPTDrX_QvB6OAM-Q6XXXrAIQlH_gI
.doubleclick.net/	1970-01-20 11:46:14	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://www.tourismcambodia.com/ Message: The resource https://www.travelpayouts.com/mewtwo/styles.css?v=1483 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
api.camboticket.com
avsplow.com
cdnjs.cloudflare.com
clients1.google.com
connect.facebook.net
cse.google.com
csi.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
m.tourismcambodia.com
pagead2.googlesyndication.com
partner.googleadservices.com
pcontrol.tourismcambodia.com
r2---sn-pouxga5o-vu2s.gvt1.com
redirector.gvt1.com
ssl.google-analytics.com
st.avsplow.com
suggest.travelpayouts.com
tp.media
tpc.googlesyndication.com
travelpayouts.com
widget.camboticket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.tourismcambodia.com
www.travelpayouts.com
13.224.189.27
13.32.121.118
172.255.224.36
188.42.198.44
2606:4700:20::681a:677
2606:4700::6811:190e
2607:f8b0:4002:c02::5e
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:ff0:1234:3::d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
076a05d5a001442fc2dd88ae7a248bdd932d84fe6ab08ca41e4261104ebbde16
08c6df6675aa9335318105edf2dae0e633d9b9b5e023d2f7d312dee6850b1013
0aa24589733de4318d93d5ed9ad73a1317920fd49fba49afee2869f94f71d46c
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0d8e96f85f2e0c212044d70f12698d9f131af600a72bc0acd9cd4e192ca409fc
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1658873477ef275f79fec84be7fbd506e6c313741a72c837466dda0881a3a876
1977d37efc117e675cf21c6d114cf72a98fc3b9f884227aba814f5ad407a03f0
19dfebf0380de62e0055dd36883ae51711b4a8d37c6b83a9b011bb4e1c136a3d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ebc81f081b511c6bcf50a70d7ea6eb45007a2d5415109bae5d133485f6a1d16
1f758e6b674531cc073db8e5327ac4350e9487e6b5194554eb6c7098be663bc1
213d62a55f2c027b54452be9fa8c74db7d83491739207f627b68e7a11a994d0b
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2691145380a6cc155640179b03e7294f88d38d9b6b89a1d4ba92cd940d643a18
27011a6696ebdc77b7ebebb8d56c0a9db78e9fb52f55264cd37f38868e3a5466
271d8095bb5dc646ef702e39b24ff2c1bedaeeeeb437e36c939e7c365a1b0c3f
2ce1daf49af2dfb4ad890901aa7ca0ac5a453fa15775327467f2be02f64f31df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321ef3775409fa7efe822521067848af08a4e90c813dba82c78c162cbc8b42a9
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
34d4ac3932b81b5dd2533e78feb3adc37d5e51f943387b36741cf56b6ddf4b13
3606a801fc04694654a22277878ad15c8dc2f1a1a867d66945ddb19c53d1ce34
3d382b1bc51e7978eadfe7ae08ad5156c3eb7a720c956487d2e4913611a0c45d
43a70ae3c56559e35c1d3869bede11f1eb865e7b4c04e053e976bf7076b10803
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
455fcb0db43f893962b7db5c59c718670eb82247c1ddaf95b8a94485448b68fa
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
53450ac66eb5987513c12f66c2c339763000c9dead6febbafd734e58a7aa88e9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5627529e11b9dc9abd9754a8011415cb5244d37c15cecfafc2c05ba533c1340e
583f5bc51bd645a3bf75b24bd9d8a98be7fcfaec965b1a7693e09ae0c937c2d2
5fcbe75fb7c90b2533caebd4b761453a36fd4546bd56fffe65999e897945f5d5
61897273475291f0abda176fe95ee40aec14f20b36401cdc30995d21b7e37459
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63142a5ef8d7dea4b337b4dd18727fa094f66e84afe28d0f36e0a44741b349c3
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6ac634de651a00d35ca7df1c8d269e8d7d2dd31342483c0c6caa6f44e7c56cfb
6cb7968c64c47bd53d617dc2de0be3a6dee258030b849634219da50315fe7445
7096bc4b0175537a80f7edf9f573898f610729d295028833119595babe1a2394
77557a1c8e237cb5da6688a29d6afc851762fea913fede8c232244d8521ca770
78235a656b6598ebbcb710d298f58ce1a8404e66fb8c4c4a890e3a1c44d14d5b
7e26174b3a4a64a517d9206c427bb0ecf51a07d67391a4c58ad8d41fb20bc572
897a19816a1ac616fd039bdfa135b3a1023a566f0ba31df4970a3a84edfb93dc
8f6ef684ad35cfb8ae7f36707949e37e746d7073e120c8b8d857ed87fbca3fba
900d0fe4c45bb781a90b343af250ebbb042bb67a3849bdf336c23578ee00c2c3
94880f3d414008c06bce44eb53973e7fbb77bf9becc1a814df58a51189d0a880
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5873ee5e910cbb96514f1411c8754837ad6597ab7dad44e6a2614e3846e6a14
a8adcd0ddbba74027254ffd67bb552777410daf20131bae845cdcc617aa9a29e
a8b788b89e44c3dfbef77b5fe8087b5a2e3a303e81968d9049406e8ba89b4c94
a93899b85a41ffb62c5c89ae6e3e9c0ab2cb3bd8f79b525bbe4b5655cf9ff112
ae463e87d0f8cfac45d05fbf8139f015ec3d8f68502defa5f29ea235922e1f53
af94bc8c9ac7a167acd6164ea33d47f376ddda0328a39fb83a0a82bdc0b5afb1
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b3f553bab667cd9c443e16944e253b1fa87626000fdd4a5a5249901d1a1ce117
c08670c91452ab6c46063a0bcee6ad7858939b0c4336fa7203f4ee377ded7498
c14c5e17dfe628e18a965eebff2c03cc7cd0fdb06529f6415a800dedf57884c8
c1b51829fa70648b89cc21a99023d92a190a750fed087caa3e321e9220e5791b
c266b32e3008dfd1061e143c92be4bb7e6e293a80005e23c7289f932001b2bff
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da5c06806fa44353eab0aa8ce686966e0cdab3a81092a50019226dbfb34812c8
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
dbbd02956897dd3950c78c8af1836d1bfae3697501d58081ce98e21a1d911818
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd03cc850f6f038006794970052c7e68a248f01746dbf097781deb46683f6412
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b5753580de992cd3b18a968d9c6686c11240546a87d59db39991032bfbeda3
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eaf32d8a0c354aa0e1591575ce6158bf2767bcbee0e028aeeddb5a7fd4ce4ac9
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ed9606008d3b30e48f1dcbde8fcfdcb1f86d9a313f241969cf48239d4ddff0f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd95a582dbbf8c3a07bd56f1fc49b0d3733ff96a07856fc4ae1a6817f158786
f45457d866bd718cde7e184dc909841b02a946eaa210ec6554469f5624c08b72
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5d34d4bf6e5a63ae3631197d90e93d6dc39056d93047db12b64918b83ffd9f8
fb960ec99961eede62ee15cc7abbb9004e7f6316ada4d289b6161e92f7599ebd
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.tourismcambodia.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

96 %HTTPS

86 %IPv6

18 Domains

35 Subdomains

28 IPs

5 Countries

4575 kBTransfer

10492 kBSize

10 Cookies

18 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tourismcambodia.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

96 %
HTTPS

86 %
IPv6

18
Domains

35
Subdomains

28
IPs

5
Countries

4575 kB
Transfer

10492 kB
Size

10
Cookies

113 HTTP transactions
4 data transactions