loykratong.billbuild-studio.com Open in urlscan Pro
2606:4700:3031::681b:8280 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://loykratong.billbuild-studio.com/
Submission: On October 29 via automatic, source certstream-suspicious (October 29th 2020, 7:30:10 pm UTC)

Summary HTTP 58 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 16 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3031::681b:8280, located in United States and belongs to CLOUDFLARENET, US. The main domain is loykratong.billbuild-studio.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2020. Valid for: a year.

This is the only time loykratong.billbuild-studio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:4700:303... 2606:4700:3031::681b:8280	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	185.199.111.153 185.199.111.153	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:10c... 2a02:26f0:10c:4a3::1349	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
58	17

30 2606:4700:3031::681b:8280 (United States)

ASN13335 (CLOUDFLARENET, US)

loykratong.billbuild-studio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.111.153 (United States)

ASN54113 (FASTLY, US)

gitcdn.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:4a3::1349 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	billbuild-studio.com loykratong.billbuild-studio.com	591 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	146 KB
3	doubleclick.net googleads.g.doubleclick.net
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	47 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	facebook.net connect.facebook.net	61 KB
2	github.io gitcdn.github.io	2 KB
1	facebook.com www.facebook.com
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	320 B
1	google.de adservice.google.de	168 B
1	googleadservices.com partner.googleadservices.com	410 B
1	createjs.com code.createjs.com	47 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	jquery.com code.jquery.com	122 KB
1	googleapis.com ajax.googleapis.com	33 KB
58	16

	Domain	Requested by
30	loykratong.billbuild-studio.com	loykratong.billbuild-studio.com ajax.googleapis.com code.createjs.com
4	pagead2.googlesyndication.com	loykratong.billbuild-studio.com pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	maxcdn.bootstrapcdn.com	loykratong.billbuild-studio.com maxcdn.bootstrapcdn.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	loykratong.billbuild-studio.com www.google-analytics.com
2	connect.facebook.net	loykratong.billbuild-studio.com connect.facebook.net
2	gitcdn.github.io	loykratong.billbuild-studio.com
1	www.facebook.com	connect.facebook.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.createjs.com	loykratong.billbuild-studio.com
1	cdnjs.cloudflare.com	loykratong.billbuild-studio.com
1	code.jquery.com	loykratong.billbuild-studio.com
1	ajax.googleapis.com	loykratong.billbuild-studio.com
58	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.billbuild-studio.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
ssl.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-03` - `2022-06-08`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://loykratong.billbuild-studio.com/
Frame ID: 49F641F0FF3F95C5D85103B933C4C331
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201026/r20190131/zrt_lookup.html
Frame ID: 5CDC14F52CC5509442E6A9ED34644F89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2564185992965455&output=html&h=60&slotname=9033888011&adk=1646585214&adf=2900977362&pi=t.ma~as.9033888011&w=234&lmt=1484846886&psa=0&guci=1.2.0.0.2.2.0.0&format=234x60&url=https%3A%2F%2Floykratong.billbuild-studio.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1603999793175&bpp=24&bdt=232&idt=149&shv=r20201026&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4073114284621&frm=20&pv=2&ga_vid=47472027.1603999793&ga_sid=1603999793&ga_hid=1942176537&ga_fc=0&iag=0&icsg=10740039743&dssz=20&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084&oid=3&pvsid=2208986249454509&pem=202&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=9216&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wJlzW6HVyR&p=https%3A//loykratong.billbuild-studio.com&dtd=168
Frame ID: 0AF24D0A84CD86B7F797A78661A6EC85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2564185992965455&output=html&adk=1812271804&adf=3025194257&lmt=1484846886&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Floykratong.billbuild-studio.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1603999793251&bpp=1&bdt=308&idt=112&shv=r20201026&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=234x60&nras=1&correlator=4073114284621&frm=20&pv=1&ga_vid=47472027.1603999793&ga_sid=1603999793&ga_hid=1942176537&ga_fc=0&iag=0&icsg=45099778111&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084&oid=3&pvsid=2208986249454509&pem=202&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=9216&bc=31&ifi=1&uci=a!1&fsb=1&dtd=118
Frame ID: 468CE5B395C323BEBAF2407CDF7E10F3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=334786236711202&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16f1bb75ec05cc%26domain%3Dloykratong.billbuild-studio.com%26origin%3Dhttps%253A%252F%252Floykratong.billbuild-studio.com%252Ff79e58d9dc4f3c%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Floykratong.billbuild-studio.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false
Frame ID: 1C934F7D72AC1BF16366429C36BBBC60
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 6D8955132FDA81F3213F3E4FDC88CCE5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

58
Requests

98 %
HTTPS

88 %
IPv6

16
Domains

17
Subdomains

17
IPs

5
Countries

1097 kB
Transfer

2358 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/billbuildstudio
Title: Facebook Page

Search URL Search Domain Scan URL

URL: https://www.billbuild-studio.com/
Title: BillBuild Studio

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
loykratong.billbuild-studio.com/ 11 KB
4 KB 266ms
220ms Document
text/html 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10dd8a26af7302821cf4185ef7d5f5b59a049b1e7a4d92420adc6945f37cab26

Request headers

:method: GET
:authority: loykratong.billbuild-studio.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 29 Oct 2020 19:29:52 GMT
content-type: text/html
set-cookie: __cfduid=dbd6f9e7c524bc4509ac4005fe8d9d4121603999792; expires=Sat, 28-Nov-20 19:29:52 GMT; path=/; domain=.billbuild-studio.com; HttpOnly; SameSite=Lax
last-modified: Thu, 19 Jan 2017 17:28:06 GMT
cf-cache-status: DYNAMIC
cf-request-id: 06176f965300001f25a99de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T0aHshZ0psreJ1dW7P%2BEoixj%2FgHJZ6qKUP1zFh7846aDa6zL%2BlsKuMwt3pkkJ2KZgAoHpOwfKUisQnW6zn3bkXJM%2BuHpeZaS8iywKLIIDjN0E%2BL%2F%2FAgx616OTQT2f7FBfQhHx8xao%2BUFaz8X"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5e9f4ed08ac71f25-FRA
content-encoding: br

GET
H2 200 style.css
loykratong.billbuild-studio.com/css/ 5 KB
2 KB 228ms
227ms Stylesheet
text/css 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/css/style.css
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f41de51bb8efeaf69b2ff69eca79ef0f3b4427c6ffc948ccffe34c9857b20e

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2016 14:29:20 GMT
server: cloudflare
etag: W/"5825d5c0-15e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t4BqAe8u3J3MkYdqVvgAzdkLwlyF5qr7MUTeFWrFwG2jSEqLam3KMOmMN4inaBMWtlQhj9AY4%2Fu2EVl9K1pq7TIsAqamoLMjupFaTVRQMAxEEyvQOTc7Fj7Ou2MzEuzT25Uc58z81TbzHNfy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e9f4ed1edac1f25-FRA
cf-request-id: 06176f974100001f25a99f4000000001

GET
H2 200 object.css
loykratong.billbuild-studio.com/css/ 1 KB
581 B 201ms
200ms Stylesheet
text/css 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/css/object.css
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e6a0e62b8db2f104ec22e6398b1d0a7e91666e97535ebc0d341665331e8917

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2016 12:39:55 GMT
server: cloudflare
etag: W/"5825bc1b-405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UibCBlwT15n%2BJZvvPT0KLirJV4SsHWigSR12k0gbYZH65hhQCeioptizgcGGOYwh3hmKoZccsyXeJ5y78lxQnKcmaax9Ds8v3lETOipE%2FXii4V60NTe8RzCxH2nVl0CBtFtqFGxHO23Jvb0x"}],"group":"cf-nel","max_age":604800}
content-type: text/css
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e9f4ed1edb11f25-FRA
cf-request-id: 06176f973600001f25dfba9000000001

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 120 KB
20 KB 26ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://loykratong.billbuild-studio.com
Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19879

GET
H2 200 bootstrap-toggle.min.css
gitcdn.github.io/bootstrap-toggle/2.2.0/css/ 2 KB
755 B 131ms
39ms Stylesheet
text/css 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gitcdn.github.io/bootstrap-toggle/2.2.0/css/bootstrap-toggle.min.css
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: ac3597e97ae646db56c9505e3e19aba479e767510f98ce96411425ea1d21ec9f

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: d8de4211754af85f5b9e954377fb88acbea47894
date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: gzip
age: 177
x-cache: HIT
status: 200
content-length: 548
x-served-by: cache-hhn4068-HHN
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2016 21:46:39 GMT
server: GitHub.com
x-github-request-id: 70BE:7AA7:12430FB:139A54A:5F94F390
x-timer: S1603999793.056665,VS0,VE1
etag: W/"56eb25bf-636"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Sun, 25 Oct 2020 03:50:00 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 logo.png
loykratong.billbuild-studio.com/img/ 24 KB
25 KB 193ms
192ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/logo.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 251cc1b3df71c6baa3525635aa5e1751be31269baa8242b9d8354a2b2eca212b

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 25057
cf-request-id: 06176f973a00001f25eca10000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-61e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FzNYnxOcI%2FIIZhsIVy8Fvi9VxplyRGl1IdqWRoGfU8YpiTnjqtyhuAeeszZOGlnH%2Bq9PTsxySSs23kQzcjzLGj%2FU5%2BhKYpuCt4JVa4tQQvCn3JnfiDXK3X0m7oppz4%2BrWDOlieGCmyeCUIzx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed1fdbe1f25-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
46 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d31b403d50de1e8963d1cec655091f98986a25cfb62f2a2dee9e884b216cf2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46100
x-xss-protection: 0
server: cafe
etag: 67665156092700810
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 29 Oct 2020 19:29:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 18:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3049
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 18:39:03 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 30ms
13ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:52 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
status: 200
etag: W/"57d97c08-7f20a"
vary: Accept-Encoding
x-hw: 1603999792.dop159.fr8.t,1603999792.cds209.fr8.hn,1603999792.cds269.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 jquery.ui.touch-punch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/ 1 KB
1 KB 34ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js

Requested by

Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 688498
x-via: cfworker/kv
status: 200
content-length: 493
cf-request-id: 06176f974b00001f4d7cb84000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
etag: "5eb03ec4-50b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pyWYHGlVWTb6FHIpCf%2F5kq7kaNEdVBv7uGPNIQgathqWEeFvk0q0JM1%2FE2owj9J8yK5OSulA8XHwJoBzeyKPxG846e0Q23TYMHxXtVWUAkZ%2BtTstaUFwUvWUdOI5kOgy8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e9f4ed20d191f4d-FRA
expires: Tue, 19 Oct 2021 19:29:52 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
10 KB 29ms
16ms Script
text/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://loykratong.billbuild-studio.com
Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9743

GET
H2 200 createjs-2015.05.21.min.js Show response
code.createjs.com/ 180 KB
47 KB 49ms
19ms Script
text/javascript 2a02:26f0:10c:4a3::1349
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.05.21.min.js
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10c:4a3::1349 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: e6c1059a70091b12ccb30238ae20ffe17d8ebf768dbb669c01974f9eb0309175

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:52 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
x-akamai-path-stats: [1:504:3496]
expires: Thu, 29 Oct 2020 19:44:52 GMT

GET
H2 200 bootstrap-toggle.min.js Show response
gitcdn.github.io/bootstrap-toggle/2.2.0/js/ 4 KB
2 KB 129ms
39ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://gitcdn.github.io/bootstrap-toggle/2.2.0/js/bootstrap-toggle.min.js
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 799360060bad2c8e3bacace97d48e2fdd0fdb7a2d1b36808dd8a9729da033a6a

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 1d0094fd5398f9df840509315d35486b83249ce6
date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: gzip
age: 368
x-cache: HIT
status: 200
content-length: 1331
x-served-by: cache-hhn4068-HHN
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2016 21:46:39 GMT
server: GitHub.com
x-github-request-id: BE9E:F159:FB287F:109E84A:5F8119CD
x-timer: S1603999793.056655,VS0,VE1
etag: W/"56eb25bf-1021"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sat, 10 Oct 2020 02:21:43 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 jqfloat.min.js Show response
loykratong.billbuild-studio.com/js/ 2 KB
1018 B 182ms
180ms Script
application/javascript 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/js/jqfloat.min.js
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3af78da1d928290657e104eb70027dd60dc212fdbfd4c3a90e2310a4f1819c6

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: W/"58259ec1-6f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s6IZZWqSzF%2Fy2f7pMWHc%2BtrtFfrwoArMz1YmcE%2FHHSgH4YS2ukO2K%2Fr0rrmrGB0vEwtXVeqnkScLRqFzWxt3OKwhSNBaIg8%2FrMJcVH2xP3aePWCKdk9n8M89UHpu0h3XNX9J73ZyTN9P%2FPvy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e9f4ed1fdb71f25-FRA
cf-request-id: 06176f973800001f25efb13000000001

GET
H2 200 objects.js Show response
loykratong.billbuild-studio.com/js/ 2 KB
1013 B 217ms
215ms Script
application/javascript 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/js/objects.js
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f414f73d6bcbb30023c23cbd04bd6606dd0f3d9d750d9c75a3d82cea7601f6

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2016 12:39:55 GMT
server: cloudflare
etag: W/"5825bc1b-9d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wiWX2ZDxmUQFcrhruch5f5rTMhyXcFY%2B341WY%2FEu72w0kIjRPya1CnQWhqht546BrRn3BnQz%2FKtGXVnTpCFrS01cufcDhUfLtrGiqWDcC0zB7aqWArElf24vpm%2BnNqwII1BsB%2F4%2BLxDE7NaA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e9f4ed1fdb81f25-FRA
cf-request-id: 06176f973800001f25e93ef000000001

GET
H2 200 script.js Show response
loykratong.billbuild-studio.com/js/ 26 KB
8 KB 275ms
273ms Script
application/javascript 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/js/script.js
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8bd6ec652f33b26a2353c63c21f575bf7052998a0ad9d1830ba2783d288ef8

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2016 13:15:14 GMT
server: cloudflare
etag: W/"5825c462-6617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nvvYSUoIO6AqgTUu3s7LjAldUlz1m4UdboRb6dYQlCenQXtOu887MNaN6eIG6dyUDpk2s44NajG%2BgddjClRPkFuybymlw4FXGP6AACZo%2Bn0YZA%2FNTMrzxff7ncniZ4awBHMb3trtW4qBlgmn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e9f4ed1fdb91f25-FRA
cf-request-id: 06176f973900001f25e38a5000000001

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/ 230 KB
86 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1650b4c9b0faf47c6277bfa8ca644a76a4324698552124b26f42fa45bd415c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88177
x-xss-protection: 0
server: cafe
etag: 6569080428894319167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Oct 2020 19:29:53 GMT

GET
H2 200 bg.jpg
loykratong.billbuild-studio.com/img/ 10 KB
10 KB 228ms
227ms Image
image/jpeg 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/bg.jpg
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b396d50f8df31cc6f082c85e0f924bbe5f419055464bbc1755b065884d82df0

Request headers

Referer: https://loykratong.billbuild-studio.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 10058
cf-request-id: 06176f982500001f259c939000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-274a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IuNqDjRJNUMvrVMugGGrH55MtGFZ7nyNDX2Qhwk1vArNjSp2Bwg6UmUzmzhyxBhhxR%2BoNxFtxFRqimBR6TB0zxzJId%2FX5fYXiqu7CDWJ0cQGxg5GO2E3n3UZIzbXdYQC9QOvtriTHSs%2FnwOk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed3689b1f25-FRA

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/fonts/ 18 KB
18 KB 10ms
10ms Font
font/woff2 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://loykratong.billbuild-studio.com
Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 18056

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201026/r20190131/ Frame 5CDC 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201026/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://loykratong.billbuild-studio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://loykratong.billbuild-studio.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 29 Oct 2020 02:14:20 GMT
expires: Thu, 12 Nov 2020 02:14:20 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 62133
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sprite.png
loykratong.billbuild-studio.com/img/ 86 KB
86 KB 293ms
292ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/sprite.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2327eafab7fc6346d8c208e52330b4e911375aa10f5e2320843cd5523843cd65

Request headers

Referer: https://loykratong.billbuild-studio.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 88026
cf-request-id: 06176f983900001f254425a000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-157da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VLE9WkvTnpG88fklHpzP9IN8NcY05zPRYv96GIHP0s3Je1jEzuMfnRmTdedLlGPPO0C%2BnC4hlCdsfJlAXclScDnCsAb9szhG9MU8jJCRiv%2FkPR0zIGS2Ubl%2BJhQIHsQEA4MUE6D2CRJQqlck"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed378d21f25-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1ab0c6e495275973b67b8294b5ecfd18e3dc2d493de1491f341522ce48e6efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +TiGHtTP4QAv0Lu+cEouoA==
status: 200
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1778
etag: "ac0f92b4c234c50deb522214e8225c91"
x-fb-debug: DyQkGQ/XSXksZv8YdjM/xS/kQEPN0oOYZKfQckiaBaSZd3MPOci9O3Vbbu+ySnsngANijMGtwO2gex9+SKlYOA==
x-fb-trip-id: 664085054
x-fb-content-md5: f6d6f675172a94b1572327ad9c84e3bd
date: Thu, 29 Oct 2020 19:29:53 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Oct 2020 19:46:48 GMT

GET
H2 200 rock.png
loykratong.billbuild-studio.com/ 14 KB
15 KB 212ms
211ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/rock.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce002324c9a3956909860804317974535d1696202fd4ff662434a72fad05904c

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 14695
cf-request-id: 06176f987600001f255e127000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-3967"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=khHsEmgkiq66qfF%2F%2FGNIpc8EnFQkJXQwlu7UX7I2noRCVKI8TtV%2F9QFrecmaRLbCSMkghrtO%2FSGCiDPnqFvQ5cZwJ8PQKfuJC30f9YKWJsKcosCynB618bcttLlGExmrHjLOFd9PJifRlJi3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed3d97e1f25-FRA

GET
H2 200 drop.png
loykratong.billbuild-studio.com/ 996 B
1 KB 212ms
211ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/drop.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c26a09b6c2bc5bb752a162f8cc8a2aa254b7500bc66060c3a2aabcac9657a650

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 996
cf-request-id: 06176f987700001f25e9006000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-3e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bmu31DLzXPRGq85OgSnTprwSKpeOWNuxiOsQQiGKKnBd%2Bd7fMSQN1uSJTSUXrQ45rxhW7McyLPV4a%2Fw%2BUG%2BsTvel0HfYA4YYoh1iLJg7aWZTt6vggKITGYchpb21703k3c9ZDMwLuyhGiRZ2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed3d97f1f25-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6028
date: Thu, 29 Oct 2020 17:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 29 Oct 2020 19:49:25 GMT

GET
H2 200 40 Show response
loykratong.billbuild-studio.com/api.php/getWish/0/ 14 KB
2 KB 218ms
218ms XHR
application/json 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/api.php/getWish/0/40
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca0392c939fb9e02e62b846a294fe2d978bd17bf2b96241ce88a2e3d1d1a7def

Request headers

Accept: */*
Referer: https://loykratong.billbuild-studio.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I6F6ZiVFh%2B9rGElmBoFxSC%2BMNdueFD4vUKdedNdgO3LqAuMUtMVWQeI311ag%2FZlD3lsw%2FeP4Hioq%2BWoFMqPowtfIuSl2J6XsGA7yYnc6NbFiY6cPX%2BFO3ikkzqNgAZ2zhK%2BZZr04pOdDrDiW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
status: 200
cf-ray: 5e9f4ed419fa1f25-FRA
cf-request-id: 06176f989100001f25e4ab5000000001

GET
H2 200 firework1.mp3 Show response
loykratong.billbuild-studio.com/sound/ 25 KB
26 KB 208ms
207ms XHR
audio/mpeg 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/sound/firework1.mp3
Requested by: Host: code.createjs.com
URL: https://code.createjs.com/createjs-2015.05.21.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acbfd66b174b006cd348e6ea063f81011ecd731e9134fecb6278ea70ed163a99

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-64a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s9irQdyvEh0nY3mKEssAUO0AaDC2wqDccJuiZDAdbXvrScSsRxjxrG0dWxEveFfqjW9iLWQhErPmLbFMoUywvN%2FWtc7u6XqkkbLD2S0fQULRNmFGRNOJ0lC9YQYX%2BqZezCKBXMCV3OzmbWZf"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
status: 200
accept-ranges: bytes
cf-ray: 5e9f4ed42a181f25-FRA
content-length: 25760
cf-request-id: 06176f989d00001f25f4192000000001

GET
H2 200 firework2.mp3 Show response
loykratong.billbuild-studio.com/sound/ 67 KB
68 KB 242ms
241ms XHR
audio/mpeg 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/sound/firework2.mp3
Requested by: Host: code.createjs.com
URL: https://code.createjs.com/createjs-2015.05.21.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47681310bac0643761cae8074cc0e265f7b98a0fa0f2dc2ac0c7267cf7b6b9a1

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-10c29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zj1W1U9UkHQK0hY3N6sSVyxHaJgj%2FUmqnCTXDApznsjgqhYRItthJDPWJ80STxb7edcO4cSNSzuozT9DNFP2GH5nGmYVv5o8XaseOJkcTcS3ytN1wSeYZ1KvHnC9jCcGkrbg8mi813FMVwHv"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
status: 200
accept-ranges: bytes
cf-ray: 5e9f4ed42a1b1f25-FRA
content-length: 68649
cf-request-id: 06176f989b00001f25a9a07000000001

GET
H2 200 firework3.mp3 Show response
loykratong.billbuild-studio.com/sound/ 45 KB
46 KB 293ms
293ms XHR
audio/mpeg 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/sound/firework3.mp3
Requested by: Host: code.createjs.com
URL: https://code.createjs.com/createjs-2015.05.21.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e374b102917f3f41cb2caff1cc31375e6f0d4e0d7ddfd4ab84bce1ce14b619e

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-b5d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0U%2BTz8u%2BvEPer0aGFYeNZGSROa3EyRGItzc1UfVmbvbTGY%2BpAFM7QH2wR6oZT51TBwP1psNq%2FQTKVlivmEMgbqv2jAfC2UWjuuwWnPGzhbYsuhgi0TnG4lVO2LHdj5%2FHaypw7rtfiG%2Bnu22C"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
status: 200
accept-ranges: bytes
cf-ray: 5e9f4ed42a1d1f25-FRA
content-length: 46545
cf-request-id: 06176f989d00001f25efb33000000001

GET
H2 200 kratong1.png
loykratong.billbuild-studio.com/img/ 24 KB
24 KB 275ms
272ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/kratong1.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 072c01f8da3f785130abf4693424eecd4875ad670bd05729faf3785e92e92f91

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 24578
cf-request-id: 06176f98ad00001f25f1ad6000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-6002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Q5tI9SCtohKhGwro%2BLD%2F7C8i08EmQviVwFuhYr7QFxXVJZZDfa4Q1I%2FM%2FP85XvNaBjoRbEV9HlTN1M9tywoLEuC95deS9GhA3tdPzLVDuGDqyPMEDLbsY0F6AM7l5gMrP1Bq77Rh3OurPIw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a201f25-FRA

GET
H2 200 kratong2.png
loykratong.billbuild-studio.com/img/ 24 KB
25 KB 195ms
193ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/kratong2.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2591df71c645c0d6b2a515cd8432033b0012c3e328df35fef015a925593298

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 24954
cf-request-id: 06176f989e00001f25559ce000000001
last-modified: Sun, 13 Nov 2016 06:06:37 GMT
server: cloudflare
etag: "582802ed-617a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=of2BaKrYBScUql8GbWCLcNLj7HylXR9ohoxK9R8DsPCPnI05Zgx7wkvpzMVSmbNeJM06zkAyPsU9YD%2BIkj4Wvfd2qYe9lGzF%2BDshGgs4RpF8oB92%2FMGxBGBFlJ8W5W%2BoKGmG6S3Ij4i6EtDB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a231f25-FRA

GET
H2 200 kratong3.png
loykratong.billbuild-studio.com/img/ 12 KB
12 KB 254ms
252ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/kratong3.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9443807dc6fd1a57dd8b2f8fd55b5ca91138918a7f8f6c73b5252f8e33370507

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 12393
cf-request-id: 06176f98bc00001f25e5259000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-3069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x3zVGQ1AEgkee6dD7VsbILc4ClSPyEnGAX1T9oe4zzdCPeH8mqkK%2BpJ2XaIq5PJFB5VJNb9nJgD67oNRwO0P4SmOFQ4F9K9JnQV74Gc4O%2FQBNx9Y8EHqxGbhkrnWtwltXyjmJnQ3aY73rlDg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a241f25-FRA

GET
H2 200 kratong4.png
loykratong.billbuild-studio.com/img/ 11 KB
11 KB 206ms
204ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/kratong4.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9b168111dfb6be642f2df4578e0e40c9a6c0067e5abda7dc625b30c8c3626d

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 11063
cf-request-id: 06176f98a400001f25ee8fc000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-2b37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DGyantVqFki%2BUF0tuFWh6811ijWzOnSilyHZBDfeiDGn3rzbi6G8gBgZfZJKULls4hWNtWoG04dP2WKH%2FeosPaoNQ4Yl77qSpEYZCsYw%2F6r%2BtTUBLX8N%2BwtxTwwJujuunPfx7514LLQsbnyx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a391f25-FRA

GET
H2 200 nott.png
loykratong.billbuild-studio.com/img/ 21 KB
21 KB 247ms
245ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/nott.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17cb1d1d632c217ab5b1ca1a1892b4aa47b6a29ae914c31e6339981f04bd7e45

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 21367
cf-request-id: 06176f98a500001f259410e000000001
last-modified: Fri, 11 Nov 2016 12:39:55 GMT
server: cloudflare
etag: "5825bc1b-5377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=frWEAPJHT%2B2jbTp5sAvPYIz%2FJOzDQiLmA8Kx3KE10r6nBA4x9l57ToLly70r6Z1gbctM5v8W6Cq6NEiDaiRIIdbUlmspeg2DrIMJS2isiCbagn2m3YgMCZRzaxKFhGziErRjy5tUBYvX5jQI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a3b1f25-FRA

GET
H2 200 pikachu.png
loykratong.billbuild-studio.com/img/ 9 KB
9 KB 263ms
261ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/pikachu.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a990e44a65177e383666900ba49e0d868476d0ad73d8d68973236789133e977

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 8746
cf-request-id: 06176f98a800001f25e38bb000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-222a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WRI4umrr3cGjVOkh%2BA6S57kZTDORuTH6uqrb9Qe9hSbV%2F2AY14zZwg8ArYFsliz7nd6Vnl7FLS4gsk%2FQqrRXpGOvcUnPDfYZdcXBXmJpjm30wTb8TvWZuvQVYyvPFz6ugOCI51hnWJXKCoJX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a3e1f25-FRA

GET
H2 200 hamtaro.png
loykratong.billbuild-studio.com/img/ 25 KB
26 KB 230ms
228ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/hamtaro.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e3499f6dee1f1f360b53c74b9cde6368a75f70d36d5a5ed05a1542f3a560b8

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 25943
cf-request-id: 06176f98ad00001f257a12e000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-6557"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rXgrPl0%2BkGAeUW9nQVBzKJzp1uNCeJTzHeSogZEV%2FwHLnpFP5FQgHAIIM%2F5EgUmTS9X%2FdjMcKd9B1iuS%2B7dH2BT8%2FZqEOe3iU1IRyuiFs6qortNs1Vmq25kKAIHS1YtH88A8s%2FLxWT1XRi1G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a3f1f25-FRA

GET
H2 200 meowmallow.png
loykratong.billbuild-studio.com/img/ 25 KB
26 KB 231ms
229ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/meowmallow.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78fd18a5dd4f29589996aaa304b601b235319593d4d49ed572815b0ead86740f

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 26078
cf-request-id: 06176f98b400001f254426b000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-65de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OcPln2VR5f8mk0dxqH4mhzFDsibZSEv2XJaOwbGAXZhunPfm87PK%2BYrLDiO5lO7CmUFIL8GSebe3f6qt%2F2kuRx3E1%2BFND6fGNujB3JHQwnujltUPfCmVa1xNU%2B1IMhHMvM91UbMlA8O9hXi%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a5b1f25-FRA

GET
H2 200 tischan.png
loykratong.billbuild-studio.com/img/ 6 KB
6 KB 232ms
231ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/tischan.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57015fdd308f9a522b6932acad66d5782726bed21e2b9b091b7ad18fe6e2dfd8

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 5637
cf-request-id: 06176f98ae00001f25f586c000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-1605"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zK2x3oWkvXUNuW0jCn8tTKYX2%2FFlw1605VD0XQRA8KSR5iQ7z%2Bi1yhusqOAcRyLbw85QfjFtjNaYM4jrp1clpc0jggR9wkPs9c7GtduynrUG5Se1Q5Oid78fbPKIW%2BjiPqap7tZpjCjykUzK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a5d1f25-FRA

GET
H2 200 ejeab.png
loykratong.billbuild-studio.com/img/ 24 KB
24 KB 233ms
231ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/ejeab.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db318682c552475360a3b72faa49afdf60bd77169b4e741ca1cded3676ee00bc

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 24517
cf-request-id: 06176f98b500001f25ee900000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-5fc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4YiUB2X0ymwLSz%2BQ9ZFHiJHYrX2Jcy5MpYKbhVkiAWaBVvnENP%2BjgrO%2FCR8oJ1la3yc95jYdxzGRKOAla52xMZFHc%2BHuHAbJyAIGRXXYa8YbrA9FDnp1P9r0XD%2FoFWMp7uFzEbOL1ekehbOt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a5f1f25-FRA

GET
H2 200 pomnee.png
loykratong.billbuild-studio.com/img/ 11 KB
11 KB 213ms
211ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/pomnee.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b379c7412c34d5b8bad3c633a30cee18e92c72a3a66a72b1abbb6dcb273156

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 11346
cf-request-id: 06176f98b300001f25d5304000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-2c52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o85WC1bk7NJ%2FVTw%2FB0%2Fs5sPs3yokX1RayRRwT2g%2BhHARxFiqPfmcWo5rqn3OnpLMU3%2F5dOmPIqlRCguLXigfMgC4e%2B8VnBfQA0StdjZ6UBsNKvU8N0KYDYFHWVnCl8PQz5lOj1oSg%2BSo9dOL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a631f25-FRA

GET
H2 200 kiiroseal.png
loykratong.billbuild-studio.com/img/ 6 KB
6 KB 238ms
236ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/kiiroseal.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa9eac8325a47e88671e92eff13ed9cd07a964bb954455db3f6bd5dd51e0b2a9

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 6313
cf-request-id: 06176f98af00001f25a9a0a000000001
last-modified: Fri, 11 Nov 2016 12:39:55 GMT
server: cloudflare
etag: "5825bc1b-18a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z65Bg0ogaG8Ddmwe08nvXyaF%2Fr7%2BwXQxZd26eoc4CA1q90oAYAGjdZ2Mow8g5uUy8ppQudyvrKTVI%2BK40NK%2BRd06bXnJthOGWpLCStCDdj6aT4Rh%2BwrPcwXUEbvEs5hkgUizTR9n9Dbuqtnv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed42a651f25-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
59 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=45ddb0cd7c42ade7b14d3daa81ab90f9&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6dba9a4fdd9eace733065ffdb43cdace6cb033a5659fe6bcd574df4c2e1ed8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://loykratong.billbuild-studio.com
Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: vTl+DPUwHx3BD6CJMfnt9A==
status: 200
cross-origin-resource-policy: cross-origin
content-length: 60114
etag: "6d6fc18927f0ab1414fd734d20536737"
x-fb-debug: fV0I7G5JzDsXkUt5hpzoOzaFTwwqKsBl+gGdQDOt4EGTbuORvaP1DOLqS8lOWT93gO5lkZLQdE4l4f8E8jwtIw==
x-fb-trip-id: 664085054
x-fb-content-md5: c344cd5960d0d6a82eb2697d7d366a0e
x-frame-options: DENY
date: Thu, 29 Oct 2020 19:29:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 29 Oct 2021 17:19:05 GMT

GET
H2 206 loykratong.ogg
loykratong.billbuild-studio.com/sound/ 68 KB
0 228ms
227ms Media
audio/ogg 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/sound/loykratong.ogg
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://loykratong.billbuild-studio.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Nov 2016 10:34:42 GMT
server: cloudflare
status: 206
etag: "58259ec2-f6d48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CgPqvr3C2DgDjVP9FBSgE0inPjWbZ2CYideWgeX91HYX%2Fm%2Fwsosr%2Fw9wzjI7MWek9kgLVvBEIVSF7jiLswID979qvWCadrAEIS49KnPhkncCOvXdnNS%2FHBPq8iAGUqb6OuexnI9olIxjXs4G"}],"group":"cf-nel","max_age":604800}
content-type: audio/ogg
Content-Range: bytes 0-1011015/1011016
cf-ray: 5e9f4ed44a6c1f25-FRA
Content-Length: 1011016
cf-request-id: 06176f98be00001f25f39c7000000001

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
410 B 57ms
55ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=loykratong.billbuild-studio.com&callback=_gfp_s_&client=ca-pub-2564185992965455

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

d0e772648ef8660860ff16228338e1e474fd9cc62649a4fafd3d3d8002dfa41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
17ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=loykratong.billbuild-studio.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
320 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=loykratong.billbuild-studio.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0AF2 0
0 248ms
247ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2564185992965455&output=html&h=60&slotname=9033888011&adk=1646585214&adf=2900977362&pi=t.ma~as.9033888011&w=234&lmt=1484846886&psa=0&guci=1.2.0.0.2.2.0.0&format=234x60&url=https%3A%2F%2Floykratong.billbuild-studio.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1603999793175&bpp=24&bdt=232&idt=149&shv=r20201026&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4073114284621&frm=20&pv=2&ga_vid=47472027.1603999793&ga_sid=1603999793&ga_hid=1942176537&ga_fc=0&iag=0&icsg=10740039743&dssz=20&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084&oid=3&pvsid=2208986249454509&pem=202&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=9216&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wJlzW6HVyR&p=https%3A//loykratong.billbuild-studio.com&dtd=168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2564185992965455&output=html&h=60&slotname=9033888011&adk=1646585214&adf=2900977362&pi=t.ma~as.9033888011&w=234&lmt=1484846886&psa=0&guci=1.2.0.0.2.2.0.0&format=234x60&url=https%3A%2F%2Floykratong.billbuild-studio.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1603999793175&bpp=24&bdt=232&idt=149&shv=r20201026&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4073114284621&frm=20&pv=2&ga_vid=47472027.1603999793&ga_sid=1603999793&ga_hid=1942176537&ga_fc=0&iag=0&icsg=10740039743&dssz=20&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=146&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084&oid=3&pvsid=2208986249454509&pem=202&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=9216&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wJlzW6HVyR&p=https%3A//loykratong.billbuild-studio.com&dtd=168
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://loykratong.billbuild-studio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://loykratong.billbuild-studio.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 29 Oct 2020 19:29:53 GMT
server: cafe
content-length: 22168
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Oct-2020 19:44:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Oct 2020 19:29:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 63ms
43ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34d9891a81b9b276febf3b6f763ededd97fc364bd399e9446f71159be6cb1d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603885550448160"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27554
x-xss-protection: 0
expires: Thu, 29 Oct 2020 19:29:53 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 468C 0
0 16ms
15ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2564185992965455&output=html&adk=1812271804&adf=3025194257&lmt=1484846886&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Floykratong.billbuild-studio.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1603999793251&bpp=1&bdt=308&idt=112&shv=r20201026&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=234x60&nras=1&correlator=4073114284621&frm=20&pv=1&ga_vid=47472027.1603999793&ga_sid=1603999793&ga_hid=1942176537&ga_fc=0&iag=0&icsg=45099778111&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084&oid=3&pvsid=2208986249454509&pem=202&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=9216&bc=31&ifi=1&uci=a!1&fsb=1&dtd=118

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2564185992965455&output=html&adk=1812271804&adf=3025194257&lmt=1484846886&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Floykratong.billbuild-studio.com%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1603999793251&bpp=1&bdt=308&idt=112&shv=r20201026&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=234x60&nras=1&correlator=4073114284621&frm=20&pv=1&ga_vid=47472027.1603999793&ga_sid=1603999793&ga_hid=1942176537&ga_fc=0&iag=0&icsg=45099778111&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084&oid=3&pvsid=2208986249454509&pem=202&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=9216&bc=31&ifi=1&uci=a!1&fsb=1&dtd=118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://loykratong.billbuild-studio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://loykratong.billbuild-studio.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 29 Oct 2020 19:29:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Oct-2020 19:44:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Oct 2020 19:29:53 GMT
cache-control: private

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
77 B 13ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1942176537&t=pageview&_s=1&dl=https%3A%2F%2Floykratong.billbuild-studio.com%2F&ul=en-us&de=UTF-8&dt=%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B8%97%E0%B8%87%20%7C%20BillBuild%20Studio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1169057442&gjid=1018010755&cid=47472027.1603999793&tid=UA-66624261-3&_gid=922189501.1603999793&_r=1&_slc=1&z=442840677

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 19:29:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://loykratong.billbuild-studio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wave.png
loykratong.billbuild-studio.com/img/ 1 KB
2 KB 213ms
213ms Image
image/png 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loykratong.billbuild-studio.com/img/wave.png
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755b7beef18a7b49360b3dbb5c251a8ff8f4517f2f378e74e4818f04054ec4eb

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 1313
cf-request-id: 06176f99f200001f255e151000000001
last-modified: Fri, 11 Nov 2016 10:34:41 GMT
server: cloudflare
etag: "58259ec1-521"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rsta0waEQmDaY2hk95zcgAd5344bWy8%2B%2F5psRs82pFnVsNS8Tls72jOvtBUbQ7jPRLM17xCWe%2BW2abYISzzdyvVlRxKfjvvwAcguZsInyeg2nKud4EW17Ia6Y3DrRA3AOyIEFVof5yiaQtwJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e9f4ed64fde1f25-FRA

GET
H2 206 loykratong.ogg
loykratong.billbuild-studio.com/sound/ 91 KB
92 KB 181ms
180ms Media
audio/ogg 2606:4700:3031::681b:8280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loykratong.billbuild-studio.com/sound/loykratong.ogg
Requested by: Host: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:8280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd2c4441e5594d1d181edab7d1bdce656416f87b25f66aa6184b58b5b992f78

Request headers

Referer: https://loykratong.billbuild-studio.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=917504-

Response headers

date: Thu, 29 Oct 2020 19:29:53 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 11 Nov 2016 10:34:42 GMT
server: cloudflare
status: 206
etag: "58259ec2-f6d48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7HhUygeILrbJzeFrMrFpHjqUr%2B8I5gwo9pxfNMhYeaGIfsDJuS7tItP3iN1W2yyqaqka1e0rIrUWLxiT9B7pHDs31qpTI6Z%2FXqZ5Areklep7apt4g%2FD6rA9fh%2BBkH0sOLH4PKWXuVtMkHKAA"}],"group":"cf-nel","max_age":604800}
content-type: audio/ogg
Content-Range: bytes 917504-1011015/1011016
cf-ray: 5e9f4ed709a71f25-FRA
Content-Length: 93512
cf-request-id: 06176f9a6800001f25f41c9000000001

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 47ms
33ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201026&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a72691cb1855374178a99a17b3e197e702d4ecd50452efe5fcac72360fefb4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Oct 2020 19:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6517
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/v2.5/plugins/ Frame 1C93 0
0 97ms
96ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=334786236711202&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16f1bb75ec05cc%26domain%3Dloykratong.billbuild-studio.com%26origin%3Dhttps%253A%252F%252Floykratong.billbuild-studio.com%252Ff79e58d9dc4f3c%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Floykratong.billbuild-studio.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=45ddb0cd7c42ade7b14d3daa81ab90f9&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/like.php?action=like&app_id=334786236711202&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16f1bb75ec05cc%26domain%3Dloykratong.billbuild-studio.com%26origin%3Dhttps%253A%252F%252Floykratong.billbuild-studio.com%252Ff79e58d9dc4f3c%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Floykratong.billbuild-studio.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://loykratong.billbuild-studio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://loykratong.billbuild-studio.com/

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v3.2
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: WZQoubJtAJqrMt7vBHSGbMuOOak7sBTa94bNzz7uB3Nvc4Br/IIsFCGCWqGDipEFElnLTi/7we9huTTYGg8ktg==
date: Thu, 29 Oct 2020 19:29:54 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET loykratong.ogg
loykratong.billbuild-studio.com/sound/ 0
0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 70ms
55ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201026/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 19:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 29 Oct 2020 19:29:54 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 6D89 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://loykratong.billbuild-studio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://loykratong.billbuild-studio.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Tue, 27 Oct 2020 19:49:39 GMT
expires: Wed, 27 Oct 2021 19:49:39 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 171615
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
241 B 36ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201026&jk=2208986249454509&bg=!WVqlWnrNAAVp0lmVaVg1fAflpoB3OAIAAAByUgAAAA4KASLBAdHbQG0lx5I8bEmB-2n4FCXy4djwx0KinEswunv0F47KNWuAzMNtJ7T8m89bczXBB5Ai0KzPKPrCeMOofgTO0mszvck67rv-ff7f7vtiwhGHz5oRqxYC28KBO4L4vaGUgB_clWc0k27DgIn1lhwOjkrhp_Q0DsYTWbW3FP0VuyTLVMGVkgBAFm0SgfjQMUpEIU4VDsVZ5OWJcikQXxa9DLMT_aWEIfy4jX5ZeQclbo88do1Zpv4brjJAUuo3oaTtFV29tdvAps9Av13WQcuFVTp6-CRuMpkBsIQrumR_v_mRbU7Bk5tpG7GNal2ySxO59ugetgYjuHy0BY3WJYCXpPop0FLNgqF1NAImKIZodaZJPW9S1ESedxVuTMuppJeuJJkBuCwLwcULNdAi3fu7ghZ-6j2NYtwT3fxXs2a_CQVKwbcSBmF1VV6Y3YWe8lrvLbmdi2ycY692p8VfjiEvXCJvXESp7WLvgUDpCRfMg8Jaemlsw2DwuARBAIjfCIYnQ6hJqhL1iltuHHdM8xhBPOVx1Z0jUpBUl7EnUMtc4T03E4bIYvEsO9Bi55lZlStEtJgvlNtqbnV7RMe8efLmn3_NcWFOG5a7ds9FltF_vTACyUDI-saq4KW0PZ-CgKyht1fJzE5Wwv76BRqCMn199j8AH_0-uCH81oZYBCki3kwKHzZulo1zSMqqOV3BBrxPkP5IOhoLuhgl8Tw_euzeK4ckOqZJNcapd2I98iI4_urF5cNw5e80z-u2oEsgMqLLMk7gf3ROGkaIyvbQa35UkmD1UltKvEJr4yjOSfwlvMKQ4EV7AnAc-GRkxWS9Od4hZUn_c5w0Z5EkF8bvNM4W-zxXvRW1xeTJFUGKov_b4fxEIid9g-kg6Jr5Gs6yM-tg3vL3lciXmImVvQQv5VU51lwsf2ekjCKlLcUBIiiRuFvxZpTqeEtQGXr_UkfQjZq2_l2PlCMCdqOkjjhV

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loykratong.billbuild-studio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Oct 2020 19:29:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: loykratong.billbuild-studio.com
URL: https://loykratong.billbuild-studio.com/sound/loykratong.ogg

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 22:54:55	Name: IDE Value: AHWqTUmDqkViUAbCesBCQLdrZKDThW5GMZaW5h1RqxgSjI87V1Ynv22Pnxi_PikG
.billbuild-studio.com/	1970-01-19 13:33:19	Name: _gat Value: 1
.billbuild-studio.com/	1970-01-19 13:34:46	Name: _gid Value: GA1.2.922189501.1603999793
.billbuild-studio.com/	1970-01-19 22:54:55	Name: __gads Value: ID=aec07b221448e50d-225ababe15b9003b:T=1603999793:RT=1603999793:S=ALNI_Ma7mJ43JPtxusaJ2EPZRbOW2lwc2Q
.billbuild-studio.com/	1970-01-20 07:04:31	Name: _ga Value: GA1.2.47472027.1603999793
.billbuild-studio.com/	1970-01-19 14:16:31	Name: __cfduid Value: dbd6f9e7c524bc4509ac4005fe8d9d4121603999792

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdnjs.cloudflare.com
code.createjs.com
code.jquery.com
connect.facebook.net
gitcdn.github.io
googleads.g.doubleclick.net
loykratong.billbuild-studio.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
loykratong.billbuild-studio.com
172.217.21.226
185.199.111.153
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:2b
2606:4700:3031::681b:8280
2606:4700::6810:135e
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2001
2a00:1450:4001:815::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:81f::2002
2a02:26f0:10c:4a3::1349
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
02f414f73d6bcbb30023c23cbd04bd6606dd0f3d9d750d9c75a3d82cea7601f6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
072c01f8da3f785130abf4693424eecd4875ad670bd05729faf3785e92e92f91
0a990e44a65177e383666900ba49e0d868476d0ad73d8d68973236789133e977
10dd8a26af7302821cf4185ef7d5f5b59a049b1e7a4d92420adc6945f37cab26
17cb1d1d632c217ab5b1ca1a1892b4aa47b6a29ae914c31e6339981f04bd7e45
1e9b168111dfb6be642f2df4578e0e40c9a6c0067e5abda7dc625b30c8c3626d
2327eafab7fc6346d8c208e52330b4e911375aa10f5e2320843cd5523843cd65
24b379c7412c34d5b8bad3c633a30cee18e92c72a3a66a72b1abbb6dcb273156
251cc1b3df71c6baa3525635aa5e1751be31269baa8242b9d8354a2b2eca212b
2a72691cb1855374178a99a17b3e197e702d4ecd50452efe5fcac72360fefb4f
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
34d9891a81b9b276febf3b6f763ededd97fc364bd399e9446f71159be6cb1d0c
3a8bd6ec652f33b26a2353c63c21f575bf7052998a0ad9d1830ba2783d288ef8
3d2591df71c645c0d6b2a515cd8432033b0012c3e328df35fef015a925593298
47681310bac0643761cae8074cc0e265f7b98a0fa0f2dc2ac0c7267cf7b6b9a1
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4e374b102917f3f41cb2caff1cc31375e6f0d4e0d7ddfd4ab84bce1ce14b619e
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
57015fdd308f9a522b6932acad66d5782726bed21e2b9b091b7ad18fe6e2dfd8
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60e6a0e62b8db2f104ec22e6398b1d0a7e91666e97535ebc0d341665331e8917
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6dba9a4fdd9eace733065ffdb43cdace6cb033a5659fe6bcd574df4c2e1ed8cd
755b7beef18a7b49360b3dbb5c251a8ff8f4517f2f378e74e4818f04054ec4eb
78fd18a5dd4f29589996aaa304b601b235319593d4d49ed572815b0ead86740f
799360060bad2c8e3bacace97d48e2fdd0fdb7a2d1b36808dd8a9729da033a6a
7f1650b4c9b0faf47c6277bfa8ca644a76a4324698552124b26f42fa45bd415c
8b396d50f8df31cc6f082c85e0f924bbe5f419055464bbc1755b065884d82df0
9443807dc6fd1a57dd8b2f8fd55b5ca91138918a7f8f6c73b5252f8e33370507
9d31b403d50de1e8963d1cec655091f98986a25cfb62f2a2dee9e884b216cf2e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1ab0c6e495275973b67b8294b5ecfd18e3dc2d493de1491f341522ce48e6efe
ac3597e97ae646db56c9505e3e19aba479e767510f98ce96411425ea1d21ec9f
acbfd66b174b006cd348e6ea063f81011ecd731e9134fecb6278ea70ed163a99
bdd2c4441e5594d1d181edab7d1bdce656416f87b25f66aa6184b58b5b992f78
c26a09b6c2bc5bb752a162f8cc8a2aa254b7500bc66060c3a2aabcac9657a650
c2f41de51bb8efeaf69b2ff69eca79ef0f3b4427c6ffc948ccffe34c9857b20e
ca0392c939fb9e02e62b846a294fe2d978bd17bf2b96241ce88a2e3d1d1a7def
ce002324c9a3956909860804317974535d1696202fd4ff662434a72fad05904c
d0e772648ef8660860ff16228338e1e474fd9cc62649a4fafd3d3d8002dfa41a
db318682c552475360a3b72faa49afdf60bd77169b4e741ca1cded3676ee00bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c1059a70091b12ccb30238ae20ffe17d8ebf768dbb669c01974f9eb0309175
f3af78da1d928290657e104eb70027dd60dc212fdbfd4c3a90e2310a4f1819c6
f3e3499f6dee1f1f360b53c74b9cde6368a75f70d36d5a5ed05a1542f3a560b8
fa9eac8325a47e88671e92eff13ed9cd07a964bb954455db3f6bd5dd51e0b2a9
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

loykratong.billbuild-studio.com Open in urlscan Pro 2606:4700:3031::681b:8280 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

88 %IPv6

16 Domains

17 Subdomains

17 IPs

5 Countries

1097 kBTransfer

2358 kBSize

6 Cookies

2 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

loykratong.billbuild-studio.com Open in urlscan Pro
2606:4700:3031::681b:8280 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

88 %
IPv6

16
Domains

17
Subdomains

17
IPs

5
Countries

1097 kB
Transfer

2358 kB
Size

6
Cookies

58 HTTP transactions
0 data transactions