urlscan.io logo urlscan.io
SecurityTrails logo

health.kapook.com Open in urlscan Pro
27.254.43.248  Public Scan

Go To Rescan Add Verdict Report
URL: https://health.kapook.com/view63418.html
Submission: On December 27 via manual from TH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 13 countries across 62 domains to perform 400 HTTP transactions. The main IP is 27.254.43.248, located in Thailand and belongs to CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH. The main domain is health.kapook.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 16th 2020. Valid for: 2 years.
This is the only time health.kapook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27.254.43.248 9891 (CSLOX-IDC...)
71 27.254.43.242 9891 (CSLOX-IDC...)
4 2a00:1450:400... 15169 (GOOGLE)
2 202.183.165.226 4750 (CSLOXINFO...)
13 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.35.253.128 16509 (AMAZON-02)
1 2 2a03:2880:f21... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 2.18.233.180 16625 (AKAMAI-AS)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 178.79.242.16 22822 (LLNW)
4 2a00:1450:400... 15169 (GOOGLE)
2 203.154.91.10 4618 (INET-TH-A...)
4 2600:9000:214... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
10 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
17 13.35.253.61 16509 (AMAZON-02)
24 142.250.185.66 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
3 104.111.224.62 16625 (AKAMAI-AS)
1 27.254.43.243 9891 (CSLOX-IDC...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
1 188.65.124.59 41690 (DAILYMOTI...)
1 188.65.124.90 41690 (DAILYMOTI...)
3 119.81.192.134 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 85.202.161.2 7489 (HOSTUS-GL...)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 101.32.249.128 132203 (TENCENT-N...)
3 4 37.157.4.29 198622 (ADFORM)
2 2 213.155.156.165 1299 (TWELVE99 ...)
6 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
8 185.64.190.80 62713 (AS-PUBMATIC)
3 3 151.101.2.49 54113 (FASTLY)
3 3 54.77.6.213 16509 (AMAZON-02)
15 17 142.250.74.194 15169 (GOOGLE)
1 185.86.138.142 201081 (SMARTADSE...)
3 3 185.29.134.248 30419 (MEDIAMATH...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 51.210.112.236 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 169.50.137.182 36351 (SOFTLAYER)
2 4 15.197.193.217 16509 (AMAZON-02)
3 4 185.33.220.241 29990 (ASN-APPNEX)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 3 18.185.209.98 16509 (AMAZON-02)
1 1 51.75.146.161 16276 (OVH)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 66.155.71.149 13768 (COGECO-PEER1)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 87.240.137.158 47541 (VKONTAKTE...)
1 217.20.155.208 47764 (MAILRU-AS...)
4 2.19.35.65 16625 (AKAMAI-AS)
4 27.254.43.241 9891 (CSLOX-IDC...)
1 185.64.189.111 62713 (AS-PUBMATIC)
4 2602:803:c004... 26667 (RUBICONPR...)
1 195.161.16.148 8342 (RTCOMM-AS)
8 23.106.249.95 59253 (LEASEWEB-...)
20 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 104.109.78.125 16625 (AKAMAI-AS)
4 2602:803:c004... 26667 (RUBICONPR...)
1 83.222.114.188 42632 (MNOGOBYTE...)
2 31.220.27.134 39572 (ADVANCEDH...)
1 81.222.128.215 20597 (ELTEL-AS)
1 46.161.36.23 49505 (SELECTEL)
9 2a00:1450:400... 15169 (GOOGLE)
4 69.173.144.139 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
3 3 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 51.89.21.5 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 63.35.242.195 16509 (AMAZON-02)
1 104.111.218.85 16625 (AKAMAI-AS)
1 37.157.4.28 198622 (ADFORM)
4 142.250.186.162 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 4 2.18.234.21 16625 (AKAMAI-AS)
1 198.47.127.20 3257 (GTT-BACKB...)
1 185.64.190.82 62713 (AS-PUBMATIC)
400 85
1    27.254.43.248 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
health.kapook.com
71    27.254.43.242 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
my.kapook.com
www.kapook.com
api-center.kapook.com
i.kapook.com
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    202.183.165.226 (Bangkok, Thailand)

ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH)
PTR: p352-nasbkkST3.C.csloxinfo.net
cdn.thelead.tech
connect.thelead.tech
13    2606:4700:10::6816:4f7b (United States)

ASN13335 (CLOUDFLARENET, US)
code.th.giraff.io
cdn.th.giraff.io
1    13.35.253.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-128.fra6.r.cloudfront.net
pubmatic.mainroll.com
2    2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
9    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
vpaid.pubmatic.com
aktrack.pubmatic.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    178.79.242.16 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net
api.dmcdn.net
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    203.154.91.10 (Ban Bang Yang, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-91-10.inter.net.th
lvs.truehits.in.th
4    2600:9000:214f:e400:1d:47ad:2280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.bluebillywig.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
10    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
21    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
17    13.35.253.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-61.fra6.r.cloudfront.net
stats.mainroll.com
24    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com
ssl-avd.innity.net
avd.innity.net
1    27.254.43.243 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
cacheportal.kapook.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
34    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    188.65.124.59 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg
pebed.dm-event.net
1    188.65.124.90 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
api.pxl.dailymotion.com
3    119.81.192.134 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    85.202.161.2 (Rovigo, Italy)

ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK)
PTR: 85.202.161.2.adnuntius.com
delivery.adnuntius.com
7    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
a720579e6a80717fd9c2b7a1a4d8f38d.safeframe.googlesyndication.com
cdd4c39bf83343b0a57879b3c124727d.safeframe.googlesyndication.com
2    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
2    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    101.32.249.128 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
data.th.giraff.io
4    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
8    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    54.77.6.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-6-213.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
17    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a05:d018:d29:3602:5ce0:1e2e:863d:4da1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    18.185.209.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-209-98.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.75.146.161 (France)

ASN16276 (OVH, FR)
PTR: de04.roqad.pl
ws.rqtrk.eu
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    87.240.137.158 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv158-137-240-87.vk.com
vk.com
1    217.20.155.208 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip208.155.odnoklassniki.ru
connect.ok.ru
4    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
4    27.254.43.241 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
cms.kapook.com
1    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
4    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
smarttag.rubiconproject.com
1    195.161.16.148 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
a.giraff.io
8    23.106.249.95 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
a.th.giraff.io
20    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
8    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2602:803:c004:200::152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
1    83.222.114.188 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
2    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru
ssp.adriver.ru
1    46.161.36.23 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.sselp1.imcmdb.net
stat.media
9    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    51.89.21.5 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p38.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
1    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
Apex Domain
Subdomains		 Transfer
77 kapook.com
health.kapook.com
my.kapook.com
www.kapook.com
cacheportal.kapook.com
api-center.kapook.com
cms.kapook.com
i.kapook.com
778 KB
60 googlesyndication.com
pagead2.googlesyndication.com
af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
tpc.googlesyndication.com
05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
a720579e6a80717fd9c2b7a1a4d8f38d.safeframe.googlesyndication.com
cdd4c39bf83343b0a57879b3c124727d.safeframe.googlesyndication.com
333 KB
52 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
705 KB
30 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
vpaid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
simage4.pubmatic.com
t.pubmatic.com
203 KB
27 rubiconproject.com
ads.rubiconproject.com
smarttag.rubiconproject.com
eus.rubiconproject.com
beacon-fra2.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
95 KB
24 giraff.io
code.th.giraff.io
data.th.giraff.io
a.giraff.io
a.th.giraff.io
cdn.th.giraff.io
246 KB
21 2mdn.net
s0.2mdn.net
653 KB
18 mainroll.com
pubmatic.mainroll.com
stats.mainroll.com
31 KB
12 google.com
adservice.google.com
www.google.com
3 KB
10 googletagservices.com
www.googletagservices.com
355 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
89 KB
6 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
216 KB
5 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
3 KB
5 adform.net
c1.adform.net
cm.adform.net
2 KB
5 google.de
www.google.de
adservice.google.de
2 KB
5 facebook.com
www.facebook.com
graph.facebook.com
1 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 adnxs.com
ib.adnxs.com
4 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 bluebillywig.com
cdn.bluebillywig.com
365 KB
4 google-analytics.com
www.google-analytics.com
54 KB
4 facebook.net
connect.facebook.net
197 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 everesttech.net
sync-tm.everesttech.net
880 B
3 innity.com
avd.innity.com
2 KB
3 innity.net
ssl-avd.innity.net
avd.innity.net
13 KB
2 createjs.com
code.createjs.com
125 KB
2 rlcdn.com
id.rlcdn.com
api.rlcdn.com
329 B
2 uuidksinc.net
s.uuidksinc.net
482 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
890 B
2 de17a.com
d5p.de17a.com
637 B
2 truehits.in.th
lvs.truehits.in.th
10 KB
2 dmcdn.net
api.dmcdn.net
20 KB
2 jsdelivr.net
cdn.jsdelivr.net
9 KB
2 instagram.com
www.instagram.com
5 KB
2 thelead.tech
cdn.thelead.tech
connect.thelead.tech
11 KB
1 yieldlab.net
ad.yieldlab.net
522 B
1 crwdcntrl.net
id.crwdcntrl.net
339 B
1 id5-sync.com
id5-sync.com
535 B
1 stat.media
stat.media
265 B
1 adriver.ru
ssp.adriver.ru
201 B
1 com.ru
rtb.com.ru
240 B
1 ok.ru
connect.ok.ru
2 KB
1 vk.com
vk.com
479 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 rqtrk.eu
ws.rqtrk.eu
516 B
1 quantserve.com
pixel.quantserve.com
544 B
1 simpli.fi
um.simpli.fi
616 B
1 onaudience.com
pixel.onaudience.com
400 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 adnuntius.com
delivery.adnuntius.com
2 KB
1 dailymotion.com
api.pxl.dailymotion.com
1 KB
1 dm-event.net
pebed.dm-event.net
363 B
0 cookiepix.com Failed
pix.cookiepix.com Failed
0 thaibuffer.com Failed
img.thaibuffer.com Failed
400 62
Domain Requested by
52 my.kapook.com health.kapook.com
my.kapook.com
34 pagead2.googlesyndication.com srcdoc
smarttag.rubiconproject.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
s0.2mdn.net
health.kapook.com
www.googletagservices.com
24 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
health.kapook.com
smarttag.rubiconproject.com
21 s0.2mdn.net cdn.bluebillywig.com
s0.2mdn.net
health.kapook.com
20 tpc.googlesyndication.com af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
health.kapook.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
s0.2mdn.net
17 cm.g.doubleclick.net 15 redirects health.kapook.com
googleads.g.doubleclick.net
17 stats.mainroll.com health.kapook.com
14 i.kapook.com securepubads.g.doubleclick.net
health.kapook.com
10 cdn.th.giraff.io health.kapook.com
10 www.googletagservices.com health.kapook.com
securepubads.g.doubleclick.net
af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
s0.2mdn.net
05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
8 eus.rubiconproject.com smarttag.rubiconproject.com
eus.rubiconproject.com
health.kapook.com
8 a.th.giraff.io code.th.giraff.io
8 simage2.pubmatic.com ads.pubmatic.com
7 www.google.com 1 redirects health.kapook.com
af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
tpc.googlesyndication.com
05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
6 googleads.g.doubleclick.net smarttag.rubiconproject.com
health.kapook.com
af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
6 image2.pubmatic.com ads.pubmatic.com
5 adservice.google.com s0.2mdn.net
securepubads.g.doubleclick.net
5 ads.pubmatic.com health.kapook.com
ads.pubmatic.com
vpaid.pubmatic.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 googleads4.g.doubleclick.net health.kapook.com
4 pixel.rubiconproject.com health.kapook.com
4 beacon-fra2.rubiconproject.com health.kapook.com
smarttag.rubiconproject.com
4 smarttag.rubiconproject.com ads.rubiconproject.com
4 cms.kapook.com health.kapook.com
4 ads.rubiconproject.com securepubads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 match.adsrvr.org 2 redirects health.kapook.com
ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 adservice.google.de securepubads.g.doubleclick.net
4 cdn.bluebillywig.com pubmatic.mainroll.com
cdn.bluebillywig.com
client
4 www.google-analytics.com health.kapook.com
www.google-analytics.com
4 connect.facebook.net health.kapook.com
connect.facebook.net
4 fonts.googleapis.com health.kapook.com
af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
s0.2mdn.net
3 token.rubiconproject.com 3 redirects
3 www.gstatic.com af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 sync.mathtag.com 3 redirects
3 match.prod.bidr.io 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 avd.innity.com avd.innity.net
health.kapook.com
3 www.facebook.com health.kapook.com
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
3 www.kapook.com health.kapook.com
3 code.th.giraff.io health.kapook.com
2 code.createjs.com securepubads.g.doubleclick.net
2 05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 s.uuidksinc.net health.kapook.com
2 aktrack.pubmatic.com health.kapook.com
2 api-center.kapook.com my.kapook.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 data.th.giraff.io code.th.giraff.io
2 csi.gstatic.com imasdk.googleapis.com
2 graph.facebook.com my.kapook.com
code.th.giraff.io
2 af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 vpaid.pubmatic.com imasdk.googleapis.com
2 avd.innity.net ssl-avd.innity.net
health.kapook.com
2 imasdk.googleapis.com s0.2mdn.net
2 mug.criteo.com health.kapook.com
2 gum.criteo.com 1 redirects
2 lvs.truehits.in.th health.kapook.com
2 api.dmcdn.net health.kapook.com
api.dmcdn.net
2 cdn.jsdelivr.net health.kapook.com
2 www.instagram.com 1 redirects health.kapook.com
1 t.pubmatic.com ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cdd4c39bf83343b0a57879b3c124727d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 a720579e6a80717fd9c2b7a1a4d8f38d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 ads.yahoo.com health.kapook.com
1 id.rlcdn.com health.kapook.com
1 stat.media health.kapook.com
1 ssp.adriver.ru health.kapook.com
1 rtb.com.ru health.kapook.com
1 a.giraff.io code.th.giraff.io
1 vid.pubmatic.com vpaid.pubmatic.com
1 connect.ok.ru code.th.giraff.io
1 vk.com code.th.giraff.io
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 connect.thelead.tech cdn.thelead.tech
1 www.google.de health.kapook.com
1 delivery.adnuntius.com ads.pubmatic.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 stats.g.doubleclick.net www.google-analytics.com
1 api.pxl.dailymotion.com api.dmcdn.net
1 pebed.dm-event.net api.dmcdn.net
1 cacheportal.kapook.com my.kapook.com
1 ssl-avd.innity.net my.kapook.com
1 pubmatic.mainroll.com health.kapook.com
1 cdn.thelead.tech health.kapook.com
1 health.kapook.com
0 pix.cookiepix.com Failed health.kapook.com
0 img.thaibuffer.com Failed health.kapook.com
400 112
Subject Issuer Validity Valid
*.kapook.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-16 -
2022-10-18		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
cdn.thelead.tech
R3		 2021-11-25 -
2022-02-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-25 -
2022-10-24		 a year crt.sh
*.mainroll.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2021-11-10 -
2022-02-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
lvs.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2021-09-15 -
2022-10-14		 a year crt.sh
*.bluebillywig.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2021-12-15 -
2022-03-15		 3 months crt.sh
api.pxl.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2021-10-30 -
2022-01-28		 3 months crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-09 -
2022-11-11		 a year crt.sh
ads.adnuntius.delivery
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
connect.thelead.tech
R3		 2021-11-25 -
2022-02-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
th.giraff.io
R3		 2021-11-22 -
2022-02-20		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.ok.ru
GeoTrust RSA CA 2018		 2021-02-18 -
2022-03-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
giraff.io
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
rtb.com.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-03-01 -
2022-03-07		 a year crt.sh
uuidksinc.net
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
stat.media
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh

This page contains 47 frames:

Primary Page: https://health.kapook.com/view63418.html
Frame ID: 80CDF43ACA78116E1F3AA1FCC3D7493C
Requests: 170 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16d1b84c261ffc%26domain%3Dhealth.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhealth.kapook.com%252Ff35ff8c0d13f168%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Frame ID: B01B75C7D9A41C9440B8220584FF845B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Frame ID: 7940ABDA69B777D232ECB49113BE2468
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2C072866BACC4508888F96B446D54207
Requests: 1 HTTP requests in this frame

Frame: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27CA498D7861D8930A915C3B766564EF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0E89D239DBB0C038CDEC8B076DF059DB
Requests: 21 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E009B58E38AAD0680BE971DD18E07F56
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 10EBAD815651E21061DC3A5DE6250132
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6FA943A8-012F-41DF-84A6-FD240F687AF4
Frame ID: 99EEDCBB1C611F59A8F0701B482653DB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6806502886808422361
Frame ID: D9C0122EF1BEE298E17047D8D0CFD66D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 077FD5DA694C76F3AC8E04F508D08CF2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7046316005730613399
Frame ID: 6D678129926211FF37FF0AD73B9EA955
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcmLEwABBZ0vgwAF&gdpr=0&gdpr_consent=&_test=YcmLEwABBZ0vgwAF
Frame ID: F6FE5D7710DB35F2B72306CE4F9D36E6
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACahk7DkxYAAD9sv82YbQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 4FD9C874D3EECFDE2006C0F723AA41B8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2130BCFA146A1CA0238BB517551BEC46
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW2Mnc-XDRdORWP5_VsJ3NClQSGVsiyMwZy7uoGuncmUD0MYYL5vFxOJ7qfh1Xc4CDN0SAG3DYZ0QEP2UpBBtmqL14rrVgfEKltiXiUgTJJQJDPpIWiFC6z_eTVEEMQwh186u6HwZvLZ4gb9WoCG4b7Z5qwlQThMThShexEjWUJhuR36QfrrOJdsVNV4qn2uW0O_mSt9p4wvBBc_lkRmTBWu-goJ7MoLnaUO9gmkVjKxqff8qX-cP_VTaRVHbXSmgyqW-YpfirohQNyKPlRk11RAz5S6xOqKDvTw8K0WCkIyh1WwRKMQIvIw34jHxY&sai=AMfl-YQAWv1voDe6zf5v7yhsCRMNNMXWJ6ImF6ndGPqzrWNOk9TU5k8IgZv6aoQ5gW7z5qztNRb_VP3O7ipZmRAROHVcF9blnCZfvzMo201FGlf7HdU-3TwwiCSfa4chBmfy&sig=Cg0ArKJSzK-E_VxtEJzLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8AAB5635ABB77EEEF45E648EB3431CC0
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHYwJbv-oE7ig7vliGKc_MkNpXW9fw_SWPZR6JZpS1E9zYnNrJC4OnR0qoACtHuRSObch6xyGDe_6TqJ5-s-IBQW6cBL8M0qRriOErdlMCYRUaQ0JcoIu08xGyunFQSiPAHbKw41Zxkr1qdETEiZ4sNlKBjOtF1rpZim3JEG43zYoZcO-vnDPqs1nWI0-JjFXMJbns_dIiBLfgG3KvfhuhQ9jsg9vwbZ7zU9eheCA0b_XDBJKHF56Bi9_DVWKMRh1GB63jgjgwO8JUuSThfpCFMP5tdsmA6TXV_DzAdKOJBaFQ-g01A0GUrxNJh12w9sqmtA&sai=AMfl-YTNud9kxirYhuXd5zCX3ZHL-mgWOCDtCQp87QZklO4Ka6GWt72-acVMxLgNcKzVBbjG5EqqYDHJUlao47Q1gN7zwrBnZp6m4oRKICQX7Xn1s60bUVq-01dTaUW2rHWs&sig=Cg0ArKJSzDi_pOUxu6_UEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4BB4E709CA820E92198EEF4AAC2ED1FD
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrqDAYSS_jhL52gYQjw8UtW8BVwnMKjeoyrsjsDVzNOR2V1--VExSGAdGJcU9cVSQy1x0GOp9kdq7Uui7Z1VaKByBqKubMUxEqzPexv7oM4Jj2lmA9nmBWcP5KhsSjCTOCQRvUtao5st_QHjNwQnTWCjA5JSxQ2_YkAfVaJaT1qPceSDMT3cruToSO8lU5Fzv9NptB8IPWuecFdt8VqtNDLHYPQOsytMAefuG4F-HrJiNWemnIZTtb22GHV_PupBx2Enf3tskLZFuUfM0SdaPO0wEOCy7zhsDdX1Jb-ubXzLYOaB_84Tb2quo&sai=AMfl-YTAtYZqvQ8CCnC7cbcTuTNT7qoWsgCxWvuY0WeU88fHjyFqa7uSfUoARnXkFy0jm2Lj_so9f7_ZjYtslhv__wMwLyr8dJ20c3sYFMG6GOViGVyBQChlfANXqTlCnAwP&sig=Cg0ArKJSzA1McVzvW48CEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A09B03A3FF6599D2ED917612414B8F22
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOCNhbpWJlfxJeweYnPDAjqJ681unqkrpeihWgyNTrDk6QY4jwjIalkM4kpXuIr9-zeZRasVt6qiEBc3t9jCFSg6CITW02ctdPne-YEu9DnC-DgIICgot0S34QDGkm8PLugQjRTSiHfDV_jpgn5cu8E6dH3K8oBVq_F7TnTRVt0ec8T37Jb3wPQJi9EMzBj7wZ1JprC2lGbGGwyNwd4GQqGWCOJJqktnShAXvgK5i28QaSYj7mgluDNboK_60PCXJVhCA4d4x41ZRLeB-rVeGbbTzOe7BNTXa3kId-vZKId2z8tm24S_QjeEp6&sai=AMfl-YRMCUZ5_SO0nAFf3CZnXyf57Y5YeIh9lIjtJebs0xLXxQ_tN23a80Ztji0E8pNEFfOnSPuu3hHQw4ey0Z2zjz_2cxWyXt-0dpKvysX3XDy5Lc2Wj-gSoAab-RXXzILF&sig=Cg0ArKJSzMM4ZKKz-FtwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FB1A3DCA57F0FCD4B1A3EAE43C933D59
Requests: 20 HTTP requests in this frame

Frame: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 24B171D101568F66A13C91DE805E86F1
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6AEDCB55DBC120AEC6695D53A587C6F3
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: A7201BD202D5C47BF339E855EE100CD1
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 12565C2195BD5A29C04DB8DF812399FE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICT9wIQkdPp3QIYrfz1uwEwAQ&v=APEucNWETasTBf4r-PvT1AZQEXHFkdKm4AgGvs4iu5-LaEyLObkl8-yDuTLrRszH0nVC_IMIZR5irxT8zOwSaGEXTV4Q1CG_VqUHFQVavGosbjdjs9kRN-EBcFPYkAHqqDFS3sMQ7yqcXZLi_qFF-IS_ECGBHRQ2B8pNKMDgMOkliAmu9Y5Owug
Frame ID: 68E0D71825D07ABDDAF1F12088BF81BB
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 7CEC271815EF7119A7C053323A2242F9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 667AA4CA2C07DAFCA454DE26F8FCD3C4
Requests: 2 HTTP requests in this frame

Frame: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 66D3C82F8ED77477BEA64A31F43F9E61
Requests: 1 HTTP requests in this frame

Frame: https://a720579e6a80717fd9c2b7a1a4d8f38d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7C1ECCCC25AC7AC83F05F83DB06B6BB9
Requests: 1 HTTP requests in this frame

Frame: https://cdd4c39bf83343b0a57879b3c124727d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FB74BBD58509574319B469CD90F09D23
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: FF2880C8CD31325645372A50F258CC2E
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9968920053668752910/index.html?e=69&leftOffset=0&topOffset=0&c=CWmnKkk5oM&t=1&renderingType=2
Frame ID: 36004E7490527265B44FB7331B304053
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4CCC0384F20515CF02921286B3ADDE3F
Requests: 3 HTTP requests in this frame

Frame: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F52C440F2E53C160258F5A62BE3127AC
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 91A1604EB1D31FC88E479EE997A2A4CA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 856781B31EAFB2A84C19C5049D455EDD
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk27RekikqcHIo1RJrioWqQPnbK672_R2rdMwEs6f-3yDuMoGTkSaTdyRuoCxaB32E78D3MpgWVjnvzI2abinBXxnFXLWKSF40nSZqONkaK-l-EgH-iDOSuRk8W3WQK43El9RsJLE-fA1a7t3g3tef6f6Wr0hhKZuU9I13_uh5TfbVxwsU9FDFy26XS6J1ASQDlhNee7BBqUMAwRH8R3prbHg6P1t0g4Gk_2XpLMOYGjehicG7Omp0pVLpttBvfYu4tuWMs2ZNL7fZTuKUN9Yn-o7JlyG8M-pkd6DwpIW8h4EugfW13hUFwxc&sig=Cg0ArKJSzP0yPJXVvSZmEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FFAE1FC8D301475977FE043C0AB60D01
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9B399633C763C5A3CB2C3D807EC8A0DB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E17774D9D04A6D80D5CC5852191413D0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 634E37A0D8A6F225AADB45AEAED41F29
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA174D9C68F1C79C08D1A05387AA780D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYg4HwvAEwAQ&v=APEucNVXpdWnTNkiOfHErJOcNNVuN7zr6a79j-9LlLgz_-YCox0fH95j-5sx_2OKgUL2Twgpy_jvAvkIWjvD4RIt4JFBKNSZBiXCbrZUY9Q4bk2WTFOPISV2NVMjxL2CLagDoyPIoUgyrVVvPrNPCkx2h9P7ugZZLOM6aEHX-DeKxM1CWjwg-fg
Frame ID: B57A5B175AE16A4F9A8DB81688F358EE
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS7BYeS1HGa6Umn1cVO_gWUd1u1ElbJbOB9jTzSqLEK-L65bkrdPcGnwui4GCGkZ-GzoI2OAyRl_UZGOSlSMgTTOwBk4id7aIUnsF-NWtrTEQdQuGeby7g1gtxVCwl-TMqDbWlHRjR1t1vmGsmRTiFIe9QX9NUtDNXYU8C_SGJZymHsk73AfVF_ck9P5UICAb9t1Z8KzHDRxEeOE8qQ2jwWHg8AEXf3eNGJ8bHUdH9iz0qoIzhmMfMo44kT8plg5sgHtVrWsPDdKPDBjjYWD5dL6-HLWDfAK6n9dYp4Ntwu55sSTtzmw&sig=Cg0ArKJSzKnLNuoSSM8qEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9143784813C311F49684CBC80BDD8A8D
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Frame ID: 74C83EFD79B7E3B7F1A42EF69E5BBAB7
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
Frame ID: D34C66D323398258B654DEFEEBC51E84
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 72CB876BF2D5C570FCE97484DB520D7B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Frame ID: 8C226965BAE5EE90532078310CD9CFEB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Frame ID: D7749034D3DFD446661C1F023665D11C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

มะม่วงหาว มะนาวโห่ 2 สมุนไพรเด่น รักษาโรค บำรุงร่างกาย

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • head\.(?:core|load)(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

400
Requests

92 %
HTTPS

35 %
IPv6

62
Domains

112
Subdomains

85
IPs

13
Countries

4534 kB
Transfer

11674 kB
Size

101
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 56
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhealth.kapook.com%2F&domain=health.kapook.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=TZ7clHxEYVk4M1E3djJBaEVydkdwRXZtOFE4WXlKNEhwb0xQYldxd05DZkRwUGNGVDFnVTRNRVRVc2xKZ0h3ejZkK3JWdGJHNHJ4RFRkUmJOTHQvZU1pVWlGYkVtRFptTHIxZTZITk11NzhGTlVKa1dqaENmRGVQWVlIQjk5enFsekZyQ2wvWlhpS1pPTno3Mkd0RGNMMGF3QnJSRlk2L1A0VFVLdUhZVFlqNEhoQzhWTSsza2xCdFo2dG1VbGF0UVJVSGNxRGhvVWFURXhVb0huQldQUmlYS2MvbisvOXdxQjdpVnhaZndrVER4eXlFPXw&cppv=2
Request Chain 86
  • https://img.kapook.com/u/2015/wanchalerm/Health_08_58/Cashew_5.jpg HTTP 302
  • https://img.thaibuffer.com/u/2015/wanchalerm/Health_08_58/Cashew_5.jpg
Request Chain 87
  • https://img.kapook.com/u/2015/wanchalerm/Health_08_58/Cashew_4.jpg HTTP 302
  • https://img.thaibuffer.com/u/2015/wanchalerm/Health_08_58/Cashew_4.jpg
Request Chain 131
  • https://c1.adform.net/serving/cookie/match?party=14&cid=6FA943A8-012F-41DF-84A6-FD240F687AF4 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6FA943A8-012F-41DF-84A6-FD240F687AF4
Request Chain 132
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6806502886808422361
Request Chain 134
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7046316005730613399
Request Chain 135
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YcmLEwABBZ0vgwAF HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcmLEwABBZ0vgwAF&gdpr=0&gdpr_consent=&_test=YcmLEwABBZ0vgwAF
Request Chain 136
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYWhrN0RreFlBQUQ5c3Y4MlliUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACahk7DkxYAAD9sv82YbQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b6lDqAEvQd-Epv0kD2h69A%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b6lDqAEvQd-Epv0kD2h69A%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 138
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=247f61c9-8b13-4700-8ff2-fb250daebef3
Request Chain 139
  • https://pixel.onaudience.com/?partner=214&mapped=6FA943A8-012F-41DF-84A6-FD240F687AF4 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=58ee53e899f76d95 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cabb4e2f-3e25-43f3-6698-f1fda54dbe50&reqId=02e3bc77-0455-4154-53d6-efcb07577dab&zcluid=58ee53e899f76d95&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cabb4e2f-3e25-43f3-6698-f1fda54dbe50&reqId=02e3bc77-0455-4154-53d6-efcb07577dab&zcluid=58ee53e899f76d95&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGyUqwjNkgfePjpR1etVzkU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cabb4e2f-3e25-43f3-6698-f1fda54dbe50&reqId=02e3bc77-0455-4154-53d6-efcb07577dab&zcluid=58ee53e899f76d95&zdid=1332
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkZBOTQzQTgtMDEyRi00MURGLTg0QTYtRkQyNDBGNjg3QUY0&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkZBOTQzQTgtMDEyRi00MURGLTg0QTYtRkQyNDBGNjg3QUY0&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOj1atFnBzZsfLqGqKrmHic&google_cver=1
Request Chain 143
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ac2961c9-8b13-4b00-b479-10f6ce151738&gdpr=0&gdpr_consent=
Request Chain 144
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9104460859100794455
Request Chain 145
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9373be2f-47c4-4142-b075-2ff4325d5c74
Request Chain 146
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4007992267938059231&gdpr=0&gdpr_consent=
Request Chain 147
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6FA943A8-012F-41DF-84A6-FD240F687AF4&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6FA943A8-012F-41DF-84A6-FD240F687AF4&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G8_6rjZE2uWyz9Rg.psOJwKBlx0qk0s-~A&gdpr=0&gdpr_consent=
Request Chain 149
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MW9q7z88OOUqPD7gPzgk7zJqPeMqOj3uNmjU6XC6
Request Chain 150
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=55d6a8b8-5b26-4d25-8617-47a0bc7ba20d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 151
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3132789014598353078&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 153
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 154
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b80a511a-0040-44b9-ada9-0c2dff75518e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENF7h1tz1GFi_rGLyy8f6Og&google_cver=1
Request Chain 244
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YBWS18XlwUpeYle19K5nzw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1444798816364433609
Request Chain 245
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=247f61c9-8b13-4700-8ff2-fb250daebef3&expires=28
Request Chain 246
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPSFY0MEotVy1GQTBY
Request Chain 247
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YcmLEwABBZ0vgwAF
Request Chain 248
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXOHV40J-W-FA0X&sigv=1&esig=2~011325ddc706d5d42f42325b2c83d1b636f2bdd6
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJsE744te_IoOE9GSuYxyA8&google_cver=1
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEN3FxXX2SN8c9ayx7BW9teQ&google_cver=1&adform_v=1
Request Chain 270
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIN4GV2g5ixlbc-knrpX1kc&google_cver=1
Request Chain 325
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YcmLFTkXu3avWCJj23WvqwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIN4GV2g5ixlbc-knrpX1kc&google_cver=1
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKcVJZfkGC5fqRbMeLgTsW4&google_cver=1
Request Chain 327
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAwNzk5MjI2NzkzODA1OTIzMQ%3D%3D

400 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request view63418.html
health.kapook.com/ 		68 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.248 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e4547790d6859e087d6d5ca6e23733c88b699374ec77f503de0f1819e50a971f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 27 Dec 2021 09:44:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
api.instagram.com
access-control-allow-credentials
true
access-control-allow-headers
application/json,X-Requested-With,Accept,Content-Type, Origin
access-control-allow-methods
GET
kp-cache-status
EXPIRED
content-encoding
gzip
fontface.css
my.kapook.com/fonts/kittithada_roman/ 		387 B
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/kittithada_roman/fontface.css
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-183"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:49 GMT
fontface.css
my.kapook.com/fonts/chatthai/ 		321 B
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/fontface.css
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-141"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:49 GMT
css2
fonts.googleapis.com/ 		3 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kanit:wght@500;700&display=swap
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d30fef5abee1aa73c4347303f5bf0f0483c70adba058240f8dbee3a16aa53c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Dec 2021 09:44:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 27 Dec 2021 09:44:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Dec 2021 09:44:49 GMT
theme.css
my.kapook.com/css/portal/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/portal/theme.css
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
990361213a788f276de016ed7f9f42e96c2a4d91bb97bb59acf026ea9cbf4d56
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:49 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 08:34:59 GMT
etag
W/"606c1d33-2909"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:49 GMT
main.css
my.kapook.com/signin_2017/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2017/css/main.css
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
303b701d48a7993b4176e72cf7e6f990959046b802acf41d0682d7344a40f4a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
W/"5c493593-116b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:49 GMT
jquery-1.9.1.min.js
my.kapook.com/jquery/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery-1.9.1.min.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-169d5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
92629
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:49 GMT
content_template2017.css
my.kapook.com/css-template2017/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css-template2017/content_template2017.css
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
61a8c08051254353c1d63a917d8726bf4ec00b058c8c788dbb24dd98005dd59b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:49 GMT
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 06:35:09 GMT
etag
W/"61c95e9d-3918"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:49 GMT
lead-latest.js
cdn.thelead.tech/lead/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelead.tech/lead/lead-latest.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.226 Bangkok, Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
p352-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Tue, 08 Jun 2021 09:22:42 GMT
etag
"60bf36e2-28da"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
must-revalidate, max-age=3600
accept-ranges
bytes
content-length
10458
widget-v2_kapookcom.js
code.th.giraff.io/data/ 		165 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.th.giraff.io/data/widget-v2_kapookcom.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec6f2043344702a66d4407b13c4e513ae49a41f02b7aa332b1d38468e896843

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 24 Dec 2021 08:07:28 GMT
server
cloudflare
etag
W/"61c57fc0-2953f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
6c419cd3aef62bad-FRA
expires
Mon, 27 Dec 2021 09:45:51 GMT
logo-kapook.png
my.kapook.com/img-portal/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-portal/logo-kapook.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-7206"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
twitter.svg
my.kapook.com/review/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/review/svg/twitter.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
632f5cd08bf1e4b618918edafe034f3ce838afe3b8a010b8fd26b08e79e50599
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-43d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1085
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
facebook.svg
my.kapook.com/review/svg/ 		492 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/review/svg/facebook.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
078485c2ef3f95d9c63732cb9445ba6814ee1b9f2cb6a2f9eaebc85a59227b3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-1ec"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
492
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
kapook_outstream_live.js
pubmatic.mainroll.com/a/ 		126 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pubmatic.mainroll.com/a/kapook_outstream_live.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-128.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
f4e9f3f764143f70d69af4f0846ba4666fbfd4934b64ab1c7cfbcc47e5e10c9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:19 GMT
Content-Encoding
gzip
Age
31
X-Cache
Hit from cloudfront
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-ovp-host
vms-prod-frontend-spot-10-1-17-59
Access-Control-Allow-Origin
*
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
Cache-Control
public,max-age=90
X-Amz-Cf-Pop
FRA6-C1
Content-Length
22426
X-Amz-Cf-Id
ZO2Uw_eSInZrZGivb5MMIRQik_ye0ZS-u6yTL_yIMEdlaQu8eAfYjw==
Expires
Mon, 27 Dec 2021 09:45:48 GMT
footer2018.css
my.kapook.com/css/portal/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/portal/footer2018.css
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
ad4958ed3cb815e2b8b1ff4ae13807cb6c4780403d1c79fd94b2ca56005fbefb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 08:20:20 GMT
etag
W/"61790bc4-15ef"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
ic-sv-01.png
my.kapook.com/img-services/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-01.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-b5a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
ic-sv-02.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-02.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-954"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
ic-sv-03.png
my.kapook.com/img-services/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-03.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-988"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
ic-sv-04.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-04.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-8e8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
icon-dailymotion.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-dailymotion.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
41f5f41fae57894923b9c02c9b5d619b8492bb1e4ab823a00cfd7dea2e70232c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2019 04:45:21 GMT
etag
W/"5cdb9961-7be"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
icon-fb.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-fb.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-6f6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
icon-tw.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-tw.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-7c7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
icon-yt.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-yt.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-6bb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
icon-ig.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-ig.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-84e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
app-store.jpg
www.kapook.com/assets_2017/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kapook.com/assets_2017/images/app-store.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Wed, 25 Mar 2020 07:34:26 GMT
etag
"8fe-5a1a8e5e15276"
content-type
image/jpeg
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
2302
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
google-play.jpg
www.kapook.com/assets_2017/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kapook.com/assets_2017/images/google-play.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Wed, 25 Mar 2020 07:34:26 GMT
etag
"7cf-5a1a8e5e27b57"
content-type
image/jpeg
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1999
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
swiper.min.js
my.kapook.com/portal_view/js/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/portal_view/js/swiper.min.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-178a3"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
96419
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
galleryPlugin-loadmore.js
my.kapook.com/portal_view/js/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/portal_view/js/galleryPlugin-loadmore.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
2257a1847773bc2f2273720e446fb019b71e6c4b2410ab2ff8c2961b7c538a0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 19 Sep 2019 11:25:04 GMT
etag
"5d836590-43a9"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
17321
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
head.load.min.js
my.kapook.com/jquery/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/head.load.min.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-11fa"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
4602
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
jquery.easing.1.3.js
my.kapook.com/js_emocomment/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/js_emocomment/jquery.easing.1.3.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-1fa1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
8097
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
jquery.worldjwplayer.js
my.kapook.com/jquery/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery.worldjwplayer.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
bf42d056ce8cf3ccacfcfcd4319b5f5d96a9bd63b60a2d0899f30cc209bf60b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-fa1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
4001
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
oembed.js
my.kapook.com/jquery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/oembed.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
44b1dfba3096651cfa5bf09eabf8e6ae420490fce25bfb4dcf8a46101549f9d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-841"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
2113
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
run_oembed.js
my.kapook.com/jquery/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/run_oembed.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1869a799ad8fcb8ed4f7ca265940db5656e2d369376e6a7c8ba2d0b041fedd79
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-507"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1287
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 00:29:48 GMT
content-encoding
br
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
4843
priority
u=3,i

Redirect headers

date
Mon, 27 Dec 2021 09:44:50 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
ldc
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
0
dmp.js
my.kapook.com/js_tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/js_tag/dmp.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-466"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1126
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
tag.js
my.kapook.com/jquery/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/tag.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
38efc54eb97b294bf9f710239d5922ba7854186c13d9d39571e972fc5e6bc834
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Wed, 17 Nov 2021 04:45:52 GMT
etag
"61948900-8b3"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
2227
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
intersection-observer.js
cdn.jsdelivr.net/npm/intersection-observer@0.7.0/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/intersection-observer@0.7.0/intersection-observer.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5403477
x-jsd-version
0.7.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19132-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"57ad-m3EaUx6495LHE8zS0+QpFP8kqM0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6c419cd3acf34ebc-FRA
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5403473
x-jsd-version
12.4.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19142-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1926-ftj+zhhSvu4E/RMH3S02cxSkfWc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6c419cd3acf54ebc-FRA
lazysizes.min.js
www.kapook.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kapook.com/js/lazysizes.min.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2020 07:45:44 GMT
etag
"1b91-5a1a90e454b08-gzip"
content-type
application/javascript
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3307
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156743/740/ 		327 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f58089bd78c9c0bec016b4f773e16b083c2bd6b23e1241df58c6aedeff3410ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 07:51:06 GMT
server
Apache/2.2.15 (CentOS)
etag
"fe0ad3-51cfc-5ceafec82592e"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=125544
accept-ranges
bytes
content-type
text/javascript
content-length
101313
expires
Tue, 28 Dec 2021 20:37:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
PIT8W6ulW2nvS5F9Tg/m7plwDCOZRic+XEDrvGk8hYUy77kxrbzM5Q+opO5zcrg+btkBbqBUlKCEXu5qkjuPmA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 27 Dec 2021 09:44:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
client.min.js
api.dmcdn.net/pxl/cpe/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/pxl/cpe/client.min.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
f6328097b88e89b824f66b7327ac9625e7fdb720231b031c89171303dd5c2fff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
age
56170
server-timing
total;dur=19, dc;desc="dc3"
x-amz-request-id
PT60EJM9BZMVY5D3
x-amz-id-2
kXubJqjFthwFgCPyLCVbJVTBDgnas6L5CtToVUHcdVIzlmOhEaGBmgHAEHjPvMtI1VncaRY+yW4=
last-modified
Wed, 24 Nov 2021 09:47:44 GMT
server
DMS/1.0.42
etag
"ef9fd4ac3739dcc0cf8dcd8e9f0beeeb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
content-length
736
timing-allow-origin
*
x-llid
6bb8eaaefc4d96b5d54f9d96daab1a18
expires
Mon, 27 Dec 2021 18:08:40 GMT
sdk.js
connect.facebook.net/th_TH/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b07a6b6e227ca370462d8114ab23ffadea742bb4c18501f3144bee0b50793886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
eivp3jlhRSbRphqY6+siNA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1684
x-fb-rlafr
0
x-fb-debug
gGvki6EkSPIa1SW0CxqTHuIKf0cLFQA37XvDTJGBgRc3RDsbBUI17a3GC0+MyJ2DFsLg6GeDmtLwYdu5LT/xww==
x-fb-trip-id
686109401
x-fb-content-md5
e3e8e898e0f7860bf704427228cd7513
x-frame-options
DENY
date
Mon, 27 Dec 2021 09:44:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"fe17d96fc12d6cfb7ebb003e59e1f0a4"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 27 Dec 2021 09:51:31 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
596
date
Mon, 27 Dec 2021 09:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 27 Dec 2021 11:34:54 GMT
arrow-down.svg
my.kapook.com/portal_config_desktop/header/svg/ 		213 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/portal_config_desktop/header/svg/arrow-down.svg
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.kapook.com/css/portal/theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-d5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
213
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
kit55p-webfont.woff2
my.kapook.com/fonts/kittithada_roman/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/kittithada_roman/kit55p-webfont.woff2
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/fonts/kittithada_roman/fontface.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://my.kapook.com/fonts/kittithada_roman/fontface.css
Origin
https://health.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
"5c492fea-5160"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
20832
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
CSChatThaiUI.woff2
my.kapook.com/fonts/chatthai/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/CSChatThaiUI.woff2
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/fonts/chatthai/fontface.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://my.kapook.com/fonts/chatthai/fontface.css
Origin
https://health.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
"5c492fea-3fb4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
16308
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
a0000034.js
lvs.truehits.in.th/dataa/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs.truehits.in.th/dataa/a0000034.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.91.10 Ban Bang Yang, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-91-10.inter.net.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d0fb9d85f3a15dde211d1cd1f4104b482d961af829dbe756bc9493a166942e10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 23 Dec 2021 07:02:00 GMT
server
nginx/1.14.0 (Ubuntu)
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
cache-control
max-age=604800
content-type
application/x-javascript
content-length
9086
expires
Mon, 3 Jan 2022 9:44:51 GMT
player.js
cdn.bluebillywig.com/apps/player/20211213.122749/ 		2 MB
330 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/apps/player/20211213.122749/player.js
Requested by
Host: pubmatic.mainroll.com
URL: https://pubmatic.mainroll.com/a/kapook_outstream_live.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e400:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
578061f0b58ba4782b67f7ea748aa8e0e8f36c35e4b7d05601751462579502d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:32:09 GMT
content-encoding
gzip
age
762
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 13 Dec 2021 12:29:33 GMT
server
AmazonS3
etag
W/"d14f98f9c239cc431ee247d0f5d47cf0"
vary
Accept-Encoding
access-control-allow-methods
PUT, GET, POST
content-type
application/javascript
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
public,max-age=1209600
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
9tQd7usljRD0fsyEgD0aaPUMcFwkBmtJ4ocAuYnS4sXOqTCVssHiIw==
ico-health.svg
my.kapook.com/svg-portal/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/svg-portal/ico-health.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
966c5f1ce6b98f3b182f5adc3235818c2da9a42ff45e59af74a31ec52734c90a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Wed, 15 May 2019 07:49:19 GMT
etag
"5cdbc47f-4bd7"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
19415
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
circle-list.png
my.kapook.com/img-services/ 		989 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/circle-list.png
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/footer2018.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.kapook.com/css/portal/footer2018.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-3dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
icomoon.woff
my.kapook.com/fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/icomoon.woff?-3adk29
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e0fe3cf3f4b694a7bc4bb1b11462e00a89eebf156fdb9436f7f01c38fea73e26
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://my.kapook.com/css/portal/theme.css
Origin
https://health.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-11d4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff
access-control-allow-origin
https://health.kapook.com
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:50 GMT
nKKU-Go6G5tXcr5mOBWzVaF5NQ.woff2
fonts.gstatic.com/s/kanit/v7/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v7/nKKU-Go6G5tXcr5mOBWzVaF5NQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21bc81ba1f16ebcbc9888677d7b8bd02a1807d15d3c9391617c9aa4c00c28026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://health.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 08:01:16 GMT
x-content-type-options
nosniff
age
524614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13116
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:25:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 08:01:16 GMT
nKKU-Go6G5tXcr5mOBWnVaE.woff2
fonts.gstatic.com/s/kanit/v7/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v7/nKKU-Go6G5tXcr5mOBWnVaE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1ccfa5f9dd6abf3666f87852807901abe7e1fd2b63c8e3bc4e12d9d48fe0439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://health.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 04:24:38 GMT
x-content-type-options
nosniff
age
278412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18984
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:13:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Dec 2022 04:24:38 GMT
162488171107136
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/162488171107136?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e6733c9c2e5a3b02f9a30a80822e46bf05ead43eb696a95b711f0f445e57b266
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
uYtUl9NcgrBnxcK+AOLylNm87KLKRrInRpFQcF8ovGYPv4z2AMizrf+26hBAkfLV2n36EXYX+n1U4vZEEmNGug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 27 Dec 2021 09:44:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/th_TH/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js?hash=2e7a3ec9e56c59ebc6bcbedafbf6b476
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/th_TH/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c90488a2522bc6ece3758e0a56c788894b50daa67f50d64eeb76315e85ef0d28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://health.kapook.com/
Origin
https://health.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2SSeCPo/Ae1/ev7d+wfUYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83551
x-fb-rlafr
0
x-fb-debug
7Qh2cTzOPfTEFI/R/jRcHOt+Bi2kgtcIanAlZln4j8ZvLA8gDmkaq3Jv/n2p7CCo1S+IhupzvfNGSSXLB1kOPQ==
x-fb-content-md5
1b06ca5e6ad03ec7cb3339d2d233a152
x-frame-options
DENY
date
Mon, 27 Dec 2021 09:44:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"a2404aad51f83900484263e221df6bf8"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 27 Dec 2022 09:31:32 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhealth.kapook.com%2F&domain=health.kapook.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://health.kapook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://health.kapook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1667
date
Mon, 27 Dec 2021 09:44:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhealth.kapook.com%2F&domain=health.kapook.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=TZ7clHxEYVk4M1E3djJBaEVydkdwRXZtOFE4WXlKNEhwb0xQYldxd05DZkRwUGNGVDFnVTRNRVRVc2xKZ0h3ejZkK3JWdGJHNHJ4RFRkUmJOTHQvZU1pVWlGYkVtRFptTHIxZTZITk11NzhGTlVKa1dqaENmRGVQWVlIQj...
361 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TZ7clHxEYVk4M1E3djJBaEVydkdwRXZtOFE4WXlKNEhwb0xQYldxd05DZkRwUGNGVDFnVTRNRVRVc2xKZ0h3ejZkK3JWdGJHNHJ4RFRkUmJOTHQvZU1pVWlGYkVtRFptTHIxZTZITk11NzhGTlVKa1dqaENmRGVQWVlIQjk5enFsekZyQ2wvWlhpS1pPTno3Mkd0RGNMMGF3QnJSRlk2L1A0VFVLdUhZVFlqNEhoQzhWTSsza2xCdFo2dG1VbGF0UVJVSGNxRGhvVWFURXhVb0huQldQUmlYS2MvbisvOXdxQjdpVnhaZndrVER4eXlFPXw&cppv=2
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c056864708cb8181e365c3cd4226edba934923d5a1169ba17720837baca0a267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2573
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:50 GMT
location
https://mug.criteo.com/sid?cpp=TZ7clHxEYVk4M1E3djJBaEVydkdwRXZtOFE4WXlKNEhwb0xQYldxd05DZkRwUGNGVDFnVTRNRVRVc2xKZ0h3ejZkK3JWdGJHNHJ4RFRkUmJOTHQvZU1pVWlGYkVtRFptTHIxZTZITk11NzhGTlVKa1dqaENmRGVQWVlIQjk5enFsekZyQ2wvWlhpS1pPTno3Mkd0RGNMMGF3QnJSRlk2L1A0VFVLdUhZVFlqNEhoQzhWTSsza2xCdFo2dG1VbGF0UVJVSGNxRGhvVWFURXhVb0huQldQUmlYS2MvbisvOXdxQjdpVnhaZndrVER4eXlFPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://health.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2122
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1083 / 547 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Dec 2021 09:44:50 GMT
ima3.js
s0.2mdn.net/instream/html5/ 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/html5/ima3.js
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20211213.122749/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3e8d29300a41ec048a958bbf536d66943e80bb75453389e8b38a2df85d189b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126523
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Dec 2021 09:44:50 GMT
admanager.js
cdn.bluebillywig.com/apps/player/20211213.122749/components/ 		44 B
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/apps/player/20211213.122749/components/admanager.js
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20211213.122749/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e400:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d83682d408b8a5341dccb1e99215ef987833d80b13f28c2e19b91e1c4ea3df3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:29:34 GMT
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
age
916
x-cache
Hit from cloudfront
content-length
44
last-modified
Mon, 13 Dec 2021 12:29:33 GMT
server
AmazonS3
etag
"3e5a0ee4658a47e9066d1c307c5ee323"
access-control-allow-methods
PUT, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public,max-age=1209600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
XwFGWOdlqqA-ByQ6RHkZhYD3JHeD_WAuK9GZc4ekDY-n9xRRT5G7dQ==
ubuntu.css
cdn.bluebillywig.com/fonts/ 		555 B
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/fonts/ubuntu.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e400:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:26:15 GMT
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
age
1116
x-cache
Hit from cloudfront
content-length
555
last-modified
Tue, 18 May 2021 09:41:13 GMT
server
AmazonS3
etag
"2a6307abebf25c55ddb0722a4b7ef277"
access-control-allow-methods
PUT, GET, POST
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
nbFhGGO_QyJLSVgQYm1ke-3jCmFFLMOt0fiHt7tle4Y_KnzFJHHL1A==
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598290727&pp=pubmatic&ev=xst&id=gZRatrhMF2Pe&et=Session&cid=0&xu=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&xr=&pt=%5Buntitled%5D&aup=1&aum=1&aul=0&sn=0
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:50 GMT
Via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
0tyOJ3NJNQrwgRz-Wk2I4HS8_Y0yyW7aNDVX6YsJujlBq7WZ3NLzKA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?vu=DE5E8FC8%2d6F64%2d4AEE%2dA2A9%2d64363C6CD89C&pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598290728&pp=pubmatic&pt=%5Buntitled%5D&pv=6.x&ev=it&id=0&ct=Kapook%20Outstream&pd=&vs=n%2Fa&rs=1600x1200&fs=0&mt=mainroll&du=0&xu=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&xr=&aup=1&aum=1&aul=0&ut=commercial&sn=1
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:50 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
g0P31LrENOZWBGcKcTm_wEPMVFKCtL1APcDr0IHd4nYeb9_RoGCAuA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TZ7clHxEYVk4M1E3djJBaEVydkdwRXZtOFE4WXlKNEhwb0xQYldxd05DZkRwUGNGVDFnVTRNRVRVc2xKZ0h3ejZkK3JWdGJHNHJ4RFRkUmJOTHQvZU1pVWlGYkVtRFptTHIxZTZITk11NzhGTlVKa1dqaENmRGVQWVlIQjk5enFsekZyQ2wvWlhpS1pPTno3Mkd0RGNMMGF3QnJSRlk2L1A0VFVLdUhZVFlqNEhoQzhWTSsza2xCdFo2dG1VbGF0UVJVSGNxRGhvVWFURXhVb0huQldQUmlYS2MvbisvOXdxQjdpVnhaZndrVER4eXlFPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1189
date
Mon, 27 Dec 2021 09:44:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
ubuntu.woff2
cdn.bluebillywig.com/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/fonts/ubuntu.woff2
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/fonts/ubuntu.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e400:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Request headers

Referer
https://cdn.bluebillywig.com/fonts/ubuntu.css
Origin
https://health.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:34:02 GMT
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
age
648
x-cache
Hit from cloudfront
content-length
34260
last-modified
Tue, 18 May 2021 09:41:13 GMT
server
AmazonS3
etag
"5b23eeb3a32b30e91682d601535d2a89"
access-control-allow-methods
PUT, GET, POST
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
rDDCaODe7zbNWaN9xR4pLQ20bnhKZ9MhFigQGhwz-nZLYYWQMK0Evw==
js
www.google-analytics.com/gtm/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TTM3PW3&cid=1043213445.1640598291
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5888b4c8d8ab024d27ca9f6ada80aab83740f90fa70ce16c163b586a1da6fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34971
x-xss-protection
0
last-modified
Mon, 27 Dec 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Dec 2021 09:44:50 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Dec 2021 09:44:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		153 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=health.kapook.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8e8a8560be6ba78a0df4dfd2ea70ad822ff4c77a0a5100a706100c6d856a86da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
0
expires
Mon, 27 Dec 2021 09:44:51 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598290904&pp=pubmatic&ev=xst&id=rCpbfSm9EK7s&et=View&cid=0&pid=gZRatrhMF2Pe&pet=Session&fs=0&xu=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&xr=&pt=%5Buntitled%5D&iet=default&ut=commercial&sn=2
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:50 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
nZ1eOwvK6FChN9UrIqUW4RjODmPw1nSrsaGanypXjAhYytjI9C4NRQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598290918&pp=pubmatic&ev=xit&id=kapook_outstream_live&et=~~02~~Unit&cid=0&pid=rCpbfSm9EK7s&pet=View&ap=inarticle&sn=3
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:50 GMT
Via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
PPMgOR1795QJ8Y3058v5dLyuj3IpX2euG9U8sy9YyNDDZCMESO9Zdw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598290919&pp=pubmatic&ev=xov&id=kapook_outstream_live&et=~~02~~Unit&cid=0&pid=rCpbfSm9EK7s&pet=View&ap=inarticle&sn=4
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:50 GMT
Via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
L0XP1y76YgCFROczhJ1OQjXRMYf9kP-V6frWf2ccby4p7yJgKiPi7w==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598290929&pp=pubmatic&ev=xit&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&sn=5
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:50 GMT
Via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
K-KZLQmIl5nwOK8bcIv-PSCCQC6VNosGMrT7rODhPYDhuXosxANFfw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=162488171107136&ev=PageView&dl=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&rl=&if=false&ts=1640598290947&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640598290946.731012111&it=1640598290523&coo=false&rqm=GET
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 27 Dec 2021 09:44:50 GMT
skrollr.min.js
my.kapook.com/jquery/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/skrollr.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
638b569a555e5237e935eaa674fca4ef1317347d53c41171b811759c47534d0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-211b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
8475
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
jquery.fbbutton.js
my.kapook.com/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery.fbbutton.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
ab0335a147eedff460c9dcd5fd249b78606c81898e57db7397d1a4bacb962d5e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Wed, 09 Jun 2021 14:06:01 GMT
etag
"60c0cac9-2714"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
10004
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
main_2020.js
my.kapook.com/angular/app/content_relate/js/ 		779 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/app/content_relate/js/main_2020.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
ebd473d7f288cf6fc7cd00a65cece7f14fa649b25b4f47effd1acc7ad5f4c1eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 14 May 2020 02:53:48 GMT
etag
"5ebcb2bc-30b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
779
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
jquery.tagCenter.js
my.kapook.com/jquery/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery.tagCenter.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
33ceac8852b43e0afb94ba6646ebda4654e9aba3c178e3d4819e4de6be134c8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-2176"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
8566
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
container_56d8ee121c51b14f6e964404.js
ssl-avd.innity.net/143/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/js_tag/dmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:15:51 GMT
Server
nginx/1.18.0
ETag
"5f48bd37-20f7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1867243
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3228
Expires
Tue, 18 Jan 2022 00:25:33 GMT
1
cacheportal.kapook.com/tag/compound/tag/63418/health/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cacheportal.kapook.com/tag/compound/tag/63418/health/1
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
0d9f0cf2ac917bd1438ee7ca79f1c6c006e20884bfcab074419478f4d5ced17c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 27 Dec 2021 09:44:51 GMT
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
access-control-allow-credentials
false
kp-cache-status
HIT
content-type
application/json
app.min.js
api.dmcdn.net/pxl/cpe/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/pxl/cpe/app.min.js
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/client.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
8fb6a3fed795d18c97e59795ac6fe8f7d4ad804e2844b9129d562d94b06f04fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
content-encoding
gzip
age
56157
server-timing
total;dur=20, dc;desc="dc3"
x-amz-request-id
TY5GXVD47N8ZPHDV
x-amz-id-2
aa3BQF9S9z9jKJ4yIpy9Wju5NmxnsxVLyZ2aRxmzalQXEKHQnZLoTIJPUzxRIukG99pbUakjBy0=
last-modified
Wed, 24 Nov 2021 09:47:44 GMT
server
DMS/1.0.42
etag
"71ea3dac5743ec86f436a091fcfc3deb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
content-length
18563
timing-allow-origin
*
x-llid
84a599e05c12560eb97a5974cfac77b6
expires
Mon, 27 Dec 2021 18:08:53 GMT
comments.php
www.facebook.com/v2.12/plugins/ Frame B01B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.12/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df16d1b84c261ffc%26domain%3Dhealth.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhealth.kapook.com%252Ff35ff8c0d13f168%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/th_TH/sdk.js?hash=2e7a3ec9e56c59ebc6bcbedafbf6b476
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
RwYg/fhw+rRXkUy8gRt80ksmeuDFgFQ4fQKAGtjKGENmaVV0Yqcg7n4RNduNflGwfEWeg094a+4lnewYtdfrjg==
content-length
0
date
Mon, 27 Dec 2021 09:44:51 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598291002&pp=pubmatic&ev=xiv&id=kapook_outstream_live&et=~~02~~Unit&cid=0&pid=rCpbfSm9EK7s&pet=View&abd=0&ap=inarticle&sn=6
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
ZpsidlGcNW8RujkyGKpLqhsd-sICq_ONjsUdjUdepRrTZtsBqEqQDQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bridge3.493.0_en.html
imasdk.googleapis.com/js/core/ Frame 7940 		598 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198942
date
Wed, 22 Dec 2021 04:54:22 GMT
expires
Thu, 22 Dec 2022 04:54:22 GMT
last-modified
Wed, 15 Dec 2021 20:12:41 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
449429
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Dec 2021 09:44:51 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598291039&pp=pubmatic&ev=xls&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&sdk=GOOGLE_IMA&sn=7
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
dytPERSXR95_bLYb9jTdLOpUxumbG7dSaYVSCcJBYCcDqnaOTLp_aw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=health.kapook.com
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
Cashew_5.jpg
img.thaibuffer.com/u/2015/wanchalerm/Health_08_58/
Redirect Chain
  • https://img.kapook.com/u/2015/wanchalerm/Health_08_58/Cashew_5.jpg
  • https://img.thaibuffer.com/u/2015/wanchalerm/Health_08_58/Cashew_5.jpg
0
0
Cashew_4.jpg
img.thaibuffer.com/u/2015/wanchalerm/Health_08_58/
Redirect Chain
  • https://img.kapook.com/u/2015/wanchalerm/Health_08_58/Cashew_4.jpg
  • https://img.thaibuffer.com/u/2015/wanchalerm/Health_08_58/Cashew_4.jpg
0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2C07 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 08:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:50:27 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=214515964&t=pageview&_s=1&dl=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&ul=en-us&de=UTF-8&dt=%E0%B8%A1%E0%B8%B0%E0%B8%A1%E0%B9%88%E0%B8%A7%E0%B8%87%E0%B8%AB%E0%B8%B2%E0%B8%A7%20%E0%B8%A1%E0%B8%B0%E0%B8%99%E0%B8%B2%E0%B8%A7%E0%B9%82%E0%B8%AB%E0%B9%88%202%20%E0%B8%AA%E0%B8%A1%E0%B8%B8%E0%B8%99%E0%B9%84%E0%B8%9E%E0%B8%A3%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99%20%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%B2%E0%B9%82%E0%B8%A3%E0%B8%84%20%E0%B8%9A%E0%B8%B3%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%81%E0%B8%B2%E0%B8%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAAADQAAAAC~&jid=619141923&gjid=1172471602&cid=1043213445.1640598291&tid=UA-36103152-15&_gid=1326059944.1640598291&_r=1&_slc=1&z=1391853985
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://health.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=214515964&t=event&ni=1&_s=2&dl=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&ul=en-us&de=UTF-8&dt=%E0%B8%A1%E0%B8%B0%E0%B8%A1%E0%B9%88%E0%B8%A7%E0%B8%87%E0%B8%AB%E0%B8%B2%E0%B8%A7%20%E0%B8%A1%E0%B8%B0%E0%B8%99%E0%B8%B2%E0%B8%A7%E0%B9%82%E0%B8%AB%E0%B9%88%202%20%E0%B8%AA%E0%B8%A1%E0%B8%B8%E0%B8%99%E0%B9%84%E0%B8%9E%E0%B8%A3%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99%20%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%B2%E0%B9%82%E0%B8%A3%E0%B8%84%20%E0%B8%9A%E0%B8%B3%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%81%E0%B8%B2%E0%B8%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Screentime&ea=Time%20on%20Screen&el=all-def&ev=1&_u=KGBAAAADQAAAAC~&jid=&gjid=&cid=1043213445.1640598291&tid=UA-36103152-15&_gid=1326059944.1640598291&z=1926806023
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 00:11:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34387
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.1
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=854475
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Thu, 06 Jan 2022 07:06:06 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1513350
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Thu, 13 Jan 2022 22:07:21 GMT
/
pebed.dm-event.net/ 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
5d5cee4ac52b3f494eabac4d
api.pxl.dailymotion.com/players/ 		926 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pxl.dailymotion.com/players/5d5cee4ac52b3f494eabac4d?fields=config
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
nginx/1.19.3 /
Resource Hash
f651e0344ed67b104b79c3b8cfb88260a7f5bc6bc9ed9a70737ac09b7bdc7289
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Content-Encoding
gzip
Vary
Origin
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Length
444
X-Dm-Lb-Name
icscale-01-01
Expires
Mon, 27 Dec 2021 09:54:51 GMT
Last-Modified
Fri, 12 Jun 2020 13:48:43 GMT
Server
nginx/1.19.3
Access-Control-Max-Age
0
Access-Control-Allow-Methods
PATCH, OPTIONS, DELETE, GET, HEAD, PUT, POST
Content-Type
application/json
Access-Control-Allow-Origin
https://health.kapook.com
Access-Control-Expose-Headers
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, X-HTTP-Method-Override, Content-Type, Accept
X-Proxy-Cache
EXPIRED
/
avd.innity.com/dc/cb/ 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
d0fc07f6eab24b2cb3d3428a8284159524909c8741a8ced0d24e9de23e78d3a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Dec 2021 09:44:51 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
application/javascript
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36103152-15&cid=1043213445.1640598291&jid=619141923&gjid=1172471602&_gid=1326059944.1640598291&_u=KGBAAAACQAAAAC~&z=1707039241
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 27 Dec 2021 09:44:51 GMT
content-type
text/plain
access-control-allow-origin
https://health.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://health.kapook.com
date
Mon, 27 Dec 2021 09:44:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
i
delivery.adnuntius.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://delivery.adnuntius.com/i?tzo=-60&format=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.202.161.2 Rovigo, Italy, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK),
Reverse DNS
85.202.161.2.adnuntius.com
Software
/
Resource Hash
90bd908b0d915e9369a08ed7b18020df49c544c7e254e7284672b5032bad0591

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
content-type
application/json;charset=utf-8
access-control-allow-origin
https://health.kapook.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-adn-backend-server-id
fc88cdd7
x-adn-diagnostic-request-id
e2f4b82861b1bb791c19185378d84b01
content-length
1347
expires
Mon, 26 Jul 1997 05:00:00 GMT
angular.min.js
my.kapook.com/angular/1.3.15/ 		123 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-1ebd5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
125909
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
angular-aria.min.js
my.kapook.com/angular/1.3.15/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular-aria.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-d05"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
3333
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
angular-sanitize.min.js
my.kapook.com/angular/1.3.15/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular-sanitize.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1c37b9f272a717c741e9294666fec7c6f3bdfb63ca3544803f4770668047c788
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-17c0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
6080
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
angular-resource.min.js
my.kapook.com/angular/1.3.15/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular-resource.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fc856d4345031aa1129a23530aa157b64f231ae829b8e1954a2c80ae14ac9d71
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-dfe"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
3582
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
fontface.css
my.kapook.com/fonts/display/ 		326 B
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/display/fontface.css
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
bd14d25fb8b5f98af810efea7049fad966e15e3c4bae892398398cacf2950e19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-146"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
relate_th.css
my.kapook.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/relate_th.css
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
786c04f75c9e13cec3f0aceccba3e6a87d9e1dff0a905fbf89c32ec104793c88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:25 GMT
etag
W/"5c492fe9-b0e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
headLoadComplete.js
my.kapook.com/jquery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/headLoadComplete.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1cf1f7132ec2b6e9966d683b1fe193d130ae40191ec77e5449f3c3de6cb4456c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-646"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1606
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36103152-15&cid=1043213445.1640598291&jid=619141923&_u=KGBAAAACQAAAAC~&z=44382534
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36103152-15&cid=1043213445.1640598291&jid=619141923&_u=KGBAAAACQAAAAC~&z=44382534
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
connect.thelead.tech/event/ 		77 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/event/bulk
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.226 Bangkok, Thailand, ASN4750 (CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED, TH),
Reverse DNS
p352-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
ef83975282d2e87c8806a58221b6408800642fd5cafaaa16f0fb1539c9649ef4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 27 Dec 2021 09:44:51 GMT
vary
Origin
content-length
77
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
goggen.php
lvs.truehits.in.th/ 		91 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs.truehits.in.th/goggen.php?hc=a0000034&rand=480036&bv=0&rf=bookmark&web=OzyRK4dBz5Ko5kS2esX55Q%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=384A2926.1&fp=d&fv=-&truehitspage=health_content&truehitsurl=https%3a//health.kapook.com/view63418.html
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.154.91.10 Ban Bang Yang, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
203-154-91-10.inter.net.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server
nginx/1.14.0 (Ubuntu)
content-type
image/jpeg
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 7940 		939 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.5&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
56b0eb52eba4ded7bc6772d855d0f25f19eb0ba9735bc21ea8c68a66db159976

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
578
expires
Mon, 27 Dec 2021 09:44:51 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=health.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=health.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		223 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1856883717265615&correlator=845073307102177&output=ldjh&impl=fifs&eid=31063378%2C31063898&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=16357739%2Chealth300pc%2CHealth_300_2_PC%2Chealth728pc%2Chealth970pc%2C1px_health_PC_inread%2CSkin_health%2Cgallery_desktop_728%2CHealth_inter_mob&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=1x1%7C300x250%2C300x250%7C1x1%7C300x600%2C728x90%7C1x1%2C970x250%7C1x1%2C1x1%2C1500x900%7C1x1%2C728x90%7C1x1%2C1x1&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&prev_scp=pwtsid_pubmatic%3D18bc460202f924a%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D1924826b48e171b%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2045b0e8cc9ec48%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D21a5b5426767017%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2274c17c2acafb9%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D23458097832d123%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2416a4c04d5e40a%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D25f19d5090047f4%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&cookie_enabled=1&bc=31&abxe=1&lmt=1640598291&dt=1640598291436&dlt=1640598289116&idt=2027&frm=20&biw=1600&bih=1200&oid=2&adxs=1069%2C1069%2C436%2C315%2C231%2C100%2C-9%2C-9&adys=405%2C483%2C4643%2C373%2C461%2C301%2C-9%2C-9&adks=2321400244%2C2532747384%2C2311243195%2C3467923295%2C1198416340%2C3926269548%2C509936929%2C2684822399&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x4129%7C300x4129%7C728x-1%7C1138x32%7C798x4119%7C1500x-1%7C0x-1%7C0x-1&msz=300x0%7C300x250%7C728x-1%7C1002x32%7C798x0%7C1500x-1%7C0x-1%7C0x-1&ga_vid=1043213445.1640598291&ga_sid=1640598291&ga_hid=214515964&ga_fc=true&fws=0%2C512%2C0%2C0%2C0%2C512%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0%7C0%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
733945c853d6aaae24fabdf3f5642912bc623f787f65c6ef45269b95d51669aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47420
x-xss-protection
0
google-lineitem-id
5428982779,5427990870,5429260751,5427974322,-2,-2,5410249604,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138317679687,138318053002,138318066085,138317632259,-2,-2,138315487331,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://health.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 27CA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 27 Dec 2021 09:44:51 GMT
expires
Tue, 27 Dec 2022 09:44:51 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12940
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Dec 2021 09:44:51 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0E89 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=18509
expires
Mon, 27 Dec 2021 14:53:20 GMT
date
Mon, 27 Dec 2021 09:44:51 GMT
vary
Accept-Encoding
app_t.js
my.kapook.com/angular/app/content_relate/js/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/app/content_relate/js/app_t.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
2f54e8a76f78dc7236969087cfef1e06b5ef42fc4f96ab8c5dd29180e36267ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Thu, 24 Jan 2019 03:24:25 GMT
etag
"5c492fe9-258d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
9613
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
signin-drt.js
my.kapook.com/signin_2020/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2020/js/signin-drt.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Wed, 20 May 2020 08:35:07 GMT
etag
"5ec4ebbb-c3e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
3134
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
/
graph.facebook.com/v2.3/ 		267 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/v2.3/?id=https://health.kapook.com/view63418.html&fields=og_object{engagement}&access_token=370377049760317|319b3e98932ed33ff3315808c9b53879&callback=jQuery191009557656105230894_1640598290415&_=1640598290416
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e66594d52f39cfa57b072f7054cc3cfbb1c53af8979d8b3885c90236b489896d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"2f11774f8671ea5fe4bf40fe7b1a5e9bbbf29d4e"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
cross-origin-resource-policy
cross-origin
x-fb-rev
1004896725
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
197
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
XMUoPtc2Ay64vDV0PAmUlHUnj+6lyCmXg/hjkUD9BnBxpAmjPBSdXs5chaiFiyPGKr9+Ud3JrMbGgLPwbYxMCg==
x-fb-trace-id
EDNjwtFa8Ny
date
Mon, 27 Dec 2021 09:44:51 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AmJZEIf0sbJLXmg-sJqzg-w
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v5.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame E009 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://health.kapook.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://health.kapook.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Mon, 27 Dec 2021 09:44:51 GMT
csi
csi.gstatic.com/ Frame 7940 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kxohv3ao&c=6592157207638&slotId=3296078603819&fb=ima_html5-lima&sdkv=h.3.493.0&ppt=Blue%20Billywig%20Player&ppv=6.x&mrd=9&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44750604%2C44752711
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 10EB 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eecfcca8b3ddd49a6952aead630573434f31185cf4cefc25b959ce7a709a6144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:35:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18582
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 20:15:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:50:59 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598291531&pp=pubmatic&ev=xld&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&sdk=GOOGLE_IMA&sn=8
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
rcR_MgQwW2YP8TtgHY4WLzrnOrkPpDpAhpxwSmMSrFDgQzripd1Ukw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598291532&pp=pubmatic&ev=xst&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&sdk=GOOGLE_IMA&sn=9
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
xYsn6wpU_Ny8p5n6W2s2W4V2k7JbJQl_q2prJRZ_h20jdNnl8dDmLQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598291533&pp=pubmatic&ev=xit&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=rCpbfSm9EK7s&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&auc=kapook_outstream_live&lic=kapook_outstream_desktop&vastid=%5Bunknown%5D&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=GOOGLE_IMA&sn=10
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
79irwTf7o78gfE4qmZV4WnYrLkkg01PYVF5IHK5TwRCOiFqvo-C5Mg==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598291534&pp=pubmatic&ev=xls&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=rCpbfSm9EK7s&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&vastid=%5Bunknown%5D&auc=kapook_outstream_live&lic=kapook_outstream_desktop&sn=11
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
j5degRiNVU-miVaNDDzoZvAEaJzDNqKnG0H0ThBoK601I-siSnW55A==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598291535&pp=pubmatic&ev=xld&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=rCpbfSm9EK7s&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&vastid=%5Bunknown%5D&auc=kapook_outstream_live&lic=kapook_outstream_desktop&sn=12
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
sp1M6x1Y2ueKwlqEj1ALorXaD2Zdkgejv64_QXa6E858qAgMDxq8qQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0E89 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4612051&p=156743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
be6d864177eb46e5f65d3d86c1bbe9e9fbb189a47fcb380a9b76baf1e09bdffa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:49 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
advert.gif
code.th.giraff.io/data/ 		34 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/advert.gif
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
cf-cache-status
HIT
age
22
cf-polished
origFmt=gif, origSize=43
content-disposition
inline; filename="advert.webp"
content-length
34
last-modified
Thu, 21 Oct 2021 12:25:13 GMT
server
cloudflare
etag
"61715c29-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 27 Dec 2021 09:45:29 GMT
cache-control
max-age=60
accept-ranges
bytes
cf-ray
6c419cda39992bad-FRA
cf-bgj
imgq:85,h2pri
v2_kapookcom.js
data.th.giraff.io/track/ 		80 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/track/v2_kapookcom.js?r=&u=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&rand=0.862939851071403&v=1_106_0&vis=1&callback=cbGeo650862430&sp=h
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
101.32.249.128 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
0a8e0b01e7137784e1584c6889c2f0fc5fbbd38080956af70aec4d89d739e6c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
match
c1.adform.net/serving/cookie/ Frame 99EE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=6FA943A8-012F-41DF-84A6-FD240F687AF4
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6FA943A8-012F-41DF-84A6-FD240F687AF4
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6FA943A8-012F-41DF-84A6-FD240F687AF4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 27 Dec 2021 09:44:51 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 27 Dec 2021 09:44:51 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=6FA943A8-012F-41DF-84A6-FD240F687AF4
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame D9C0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6806502886808422361
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6806502886808422361
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 27 Dec 2021 09:44:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug014:0:380
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6806502886808422361
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 077F 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 27 Dec 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
527728
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame 6D67
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7046316005730613399
42 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7046316005730613399
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 27 Dec 2021 09:44:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug002:0:422
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 27 Dec 2021 09:44:51 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7046316005730613399
Pug
simage2.pubmatic.com/AdServer/ Frame F6FE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcmLEwABBZ0vgwAF&gdpr=0&gdpr_consent=&_test=YcmLEwABBZ0vgwAF
1 B
257 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcmLEwABBZ0vgwAF&gdpr=0&gdpr_consent=&_test=YcmLEwABBZ0vgwAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 27 Dec 2021 09:44:51 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug024:0:1669
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YcmLEwABBZ0vgwAF&gdpr=0&gdpr_consent=&_test=YcmLEwABBZ0vgwAF
accept-ranges
bytes
date
Mon, 27 Dec 2021 09:44:51 GMT
via
1.1 varnish
x-served-by
cache-hhn4044-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1640598292.736192,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
redir
rtb-csync.smartadserver.com/ Frame 4FD9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYWhrN0RreFlBQUQ5c3Y4MlliUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACahk7DkxYAAD9sv82YbQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACahk7DkxYAAD9sv82YbQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACahk7DkxYAAD9sv82YbQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0E89
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b6lDqAEvQd-Epv0kD2h69A%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b6lDqAEvQd-Epv0kD2h69A%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=46288
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Mon, 27 Dec 2021 22:36:19 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=247f61c9-8b13-4700-8ff2-fb250daebef3
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=247f61c9-8b13-4700-8ff2-fb250daebef3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 08:34:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Server
MT3 4133 baa842e master cdg-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=247f61c9-8b13-4700-8ff2-fb250daebef3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Dec 2021 09:44:50 GMT
mw
mwzeom.zeotap.com/ Frame 0E89
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6FA943A8-012F-41DF-84A6-FD240F687AF4
  • https://spl.zeotap.com/?zdid=1332&zcluid=58ee53e899f76d95
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cabb4e2f-3e25-43f3-6698-f1fda54dbe50&reqId=02e3bc77-0455-4154-53d6-efcb07577dab&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cabb4e2f-3e25-43f3-6698-f1fda54dbe50&reqId=02e3bc77-0455-4154-53d6-efcb07577dab&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGyUqwjNkgfePjpR1etVzkU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cabb4e2f-3e25-43f3-6698-f1fda54dbe50&reqId=02e3bc77-0455-4154-53d6-efc...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGyUqwjNkgfePjpR1etVzkU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cabb4e2f-3e25-43f3-6698-f1fda54dbe50&reqId=02e3bc77-0455-4154-53d6-efcb07577dab&zcluid=58ee53e899f76d95&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6c419cdc1826d6d5-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGyUqwjNkgfePjpR1etVzkU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=cabb4e2f-3e25-43f3-6698-f1fda54dbe50&reqId=02e3bc77-0455-4154-53d6-efcb07577dab&zcluid=58ee53e899f76d95&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkZBOTQzQTgtMDEyRi00MURGLTg0QTYtRkQyNDBGNjg3QUY0&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkZBOTQzQTgtMDEyRi00MURGLTg0QTYtRkQyNDBGNjg3QUY0&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:431
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOj1atFnBzZsfLqGqKrmHic&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOj1atFnBzZsfLqGqKrmHic&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:472
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOj1atFnBzZsfLqGqKrmHic&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0E89 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 26 Dec 2021 09:44:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ac2961c9-8b13-4b00-b479-10f6ce151738&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ac2961c9-8b13-4b00-b479-10f6ce151738&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:458
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 27 Dec 2021 09:44:51 GMT
Server
MT3 4133 baa842e master cdg-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ac2961c9-8b13-4b00-b479-10f6ce151738&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Dec 2021 09:44:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9104460859100794455
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9104460859100794455
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:562
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9104460859100794455
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9373be2f-47c4-4142-b075-2ff4325d5c74
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9373be2f-47c4-4142-b075-2ff4325d5c74
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:415
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9373be2f-47c4-4142-b075-2ff4325d5c74
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4007992267938059231&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4007992267938059231&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:581
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:51 GMT
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
62d4c435-06eb-42cd-b8fd-0bf0ee8f1796
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4007992267938059231&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6FA943A8-012F-41DF-84A6-FD240F687AF4&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6FA943A8-012F-41DF-84A6-FD240F687AF4&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G8_6rjZE2uWyz9Rg.psOJwKBlx0qk0s-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G8_6rjZE2uWyz9Rg.psOJwKBlx0qk0s-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 08:34:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G8_6rjZE2uWyz9Rg.psOJwKBlx0qk0s-~A&gdpr=0&gdpr_consent=
date
Mon, 27 Dec 2021 09:44:51 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
6FA943A8-012F-41DF-84A6-FD240F687AF4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0E89 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6FA943A8-012F-41DF-84A6-FD240F687AF4?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:5ce0:1e2e:863d:4da1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MW9q7z88OOUqPD7gPzgk7zJqPeMqOj3uNmjU6XC6
42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MW9q7z88OOUqPD7gPzgk7zJqPeMqOj3uNmjU6XC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:49 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MW9q7z88OOUqPD7gPzgk7zJqPeMqOj3uNmjU6XC6
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=55d6a8b8-5b26-4d25-8617-47a0bc7ba20d&gdpr=&gdpr_consent=&gdpr_pd=
1 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=55d6a8b8-5b26-4d25-8617-47a0bc7ba20d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:593
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=55d6a8b8-5b26-4d25-8617-47a0bc7ba20d&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 27 Dec 2021 09:44:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3132789014598353078&gdpr=0&gdpr_consent=&us_privacy=
1 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3132789014598353078&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:436
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3132789014598353078&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 0E89 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6FA943A8-012F-41DF-84A6-FD240F687AF4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:51 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0E89
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b80a511a-0040-44b9-ada9-0c2dff75518e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b80a511a-0040-44b9-ada9-0c2dff75518e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:466
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b80a511a-0040-44b9-ada9-0c2dff75518e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 27 Dec 2021 09:44:52 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 10EB 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.5&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2130 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.5&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=18509
expires
Mon, 27 Dec 2021 14:53:20 GMT
date
Mon, 27 Dec 2021 09:44:51 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 10EB 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.5&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=18509
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Mon, 27 Dec 2021 14:53:20 GMT
my-profile.html
my.kapook.com/signin_2020/templates/ 		1 KB
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2020/templates/my-profile.html
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/angular/1.3.15/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d3b3a603c3c709ff564c8f2e3ea5703116008e997674664f3f341ead54bd6958
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept
application/json, text/plain, */*
Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 08:52:41 GMT
etag
W/"5ed8b659-4b4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:51 GMT
/
graph.facebook.com/ 		231 B
210 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&callback=_grf_9523081742157442
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44ee0d1f2056c9f93ef5d764d71054516ff7be993bdba3c87ed4ad58e6365153
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004896725
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
174
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
mPDx3zeYa6fI9fwfYsY3EYMn7j54Y+SdaanL/muPFGwG70zsjWeqFf8HWjzzvhESXLeAF4KLhuP6nh3QTp7kJw==
x-fb-trace-id
GyU1qR64IDY
date
Mon, 27 Dec 2021 09:44:51 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AWY8zzJrtSmWaumf2MZQNI0
cache-control
no-store
facebook-api-version
v5.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
share.php
vk.com/ 		21 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&url=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&index=0
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv158-137-240-87.vk.com
Software
kittenx / KPHP/7.4.109774
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:51 GMT
content-encoding
gzip
x-frontend
front632921
server
kittenx
x-powered-by
KPHP/7.4.109774
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
41
dk
connect.ok.ru/ 		25 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
br
vary
Accept-Encoding
rendered-blocks
WidgetExtLike
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
me
api-center.kapook.com/v1/market/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-center.kapook.com/v1/market/me
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
kuid
Origin
https://health.kapook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-type
application/json; charset=UTF-8
content-length
21
vary
Accept-Encoding
access-control-allow-origin
https://health.kapook.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
me
api-center.kapook.com/v1/market/ 		55 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-center.kapook.com/v1/market/me
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/angular/1.3.15/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f

Request headers

Accept
application/json, text/plain, */*
Kuid
Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://health.kapook.com
access-control-allow-credentials
true
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
content-length
79
ic_create.svg
my.kapook.com/signin_2017/svg/ 		630 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/signin_2017/svg/ic_create.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-276"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
630
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:52 GMT
ic_settings.svg
my.kapook.com/signin_2017/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/signin_2017/svg/ic_settings.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-476"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1142
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:52 GMT
sign-out.svg
my.kapook.com/signin_2017/svg/ 		709 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/signin_2017/svg/sign-out.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-2c5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
709
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:52 GMT
switch2.svg
my.kapook.com/portal_config_desktop/header/svg/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/portal_config_desktop/header/svg/switch2.svg
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.kapook.com/css/portal/theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-2f4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
756
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:52 GMT
/
avd.innity.com/dc/ 		43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=143&cuid=d9006bf1af8db163b28decfd7f7d0c81&cb=1640598291966&douid=&sess=207372294.143.1640598291965&dur=0&ref=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&srf=&pk=&pt=%E0%B8%A1%E0%B8%B0%E0%B8%A1%E0%B9%88%E0%B8%A7%E0%B8%87%E0%B8%AB%E0%B8%B2%E0%B8%A7%20%E0%B8%A1%E0%B8%B0%E0%B8%99%E0%B8%B2%E0%B8%A7%E0%B9%82%E0%B8%AB%E0%B9%88%202%20%E0%B8%AA%E0%B8%A1%E0%B8%B8%E0%B8%99%E0%B9%84%E0%B8%9E%E0%B8%A3%E0%B9%80%E0%B8%94%E0%B9%88%E0%B8%99%20%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%B2%E0%B9%82%E0%B8%A3%E0%B8%84%20%E0%B8%9A%E0%B8%B3%E0%B8%A3%E0%B8%B8%E0%B8%87%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%81%E0%B8%B2%E0%B8%A2&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
Last-Modified
Mon, 27 Dec 2021 09:44:52 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=d9006bf1af8db163b28decfd7f7d0c81&type=cookie&itmcb=1640598291966
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
Last-Modified
Mon, 27 Dec 2021 09:44:52 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8AAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW2Mnc-XDRdORWP5_VsJ3NClQSGVsiyMwZy7uoGuncmUD0MYYL5vFxOJ7qfh1Xc4CDN0SAG3DYZ0QEP2UpBBtmqL14rrVgfEKltiXiUgTJJQJDPpIWiFC6z_eTVEEMQwh186u6HwZvLZ4gb9WoCG4b7Z5qwlQThMThShexEjWUJhuR36QfrrOJdsVNV4qn2uW0O_mSt9p4wvBBc_lkRmTBWu-goJ7MoLnaUO9gmkVjKxqff8qX-cP_VTaRVHbXSmgyqW-YpfirohQNyKPlRk11RAz5S6xOqKDvTw8K0WCkIyh1WwRKMQIvIw34jHxY&sai=AMfl-YQAWv1voDe6zf5v7yhsCRMNNMXWJ6ImF6ndGPqzrWNOk9TU5k8IgZv6aoQ5gW7z5qztNRb_VP3O7ipZmRAROHVcF9blnCZfvzMo201FGlf7HdU-3TwwiCSfa4chBmfy&sig=Cg0ArKJSzK-E_VxtEJzLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame 8AAB 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=12707
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Mon, 27 Dec 2021 13:16:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8AAB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:44:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4BB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHYwJbv-oE7ig7vliGKc_MkNpXW9fw_SWPZR6JZpS1E9zYnNrJC4OnR0qoACtHuRSObch6xyGDe_6TqJ5-s-IBQW6cBL8M0qRriOErdlMCYRUaQ0JcoIu08xGyunFQSiPAHbKw41Zxkr1qdETEiZ4sNlKBjOtF1rpZim3JEG43zYoZcO-vnDPqs1nWI0-JjFXMJbns_dIiBLfgG3KvfhuhQ9jsg9vwbZ7zU9eheCA0b_XDBJKHF56Bi9_DVWKMRh1GB63jgjgwO8JUuSThfpCFMP5tdsmA6TXV_DzAdKOJBaFQ-g01A0GUrxNJh12w9sqmtA&sai=AMfl-YTNud9kxirYhuXd5zCX3ZHL-mgWOCDtCQp87QZklO4Ka6GWt72-acVMxLgNcKzVBbjG5EqqYDHJUlao47Q1gN7zwrBnZp6m4oRKICQX7Xn1s60bUVq-01dTaUW2rHWs&sig=Cg0ArKJSzDi_pOUxu6_UEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame 4BB4 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=12707
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Mon, 27 Dec 2021 13:16:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BB4 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:44:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A09B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrqDAYSS_jhL52gYQjw8UtW8BVwnMKjeoyrsjsDVzNOR2V1--VExSGAdGJcU9cVSQy1x0GOp9kdq7Uui7Z1VaKByBqKubMUxEqzPexv7oM4Jj2lmA9nmBWcP5KhsSjCTOCQRvUtao5st_QHjNwQnTWCjA5JSxQ2_YkAfVaJaT1qPceSDMT3cruToSO8lU5Fzv9NptB8IPWuecFdt8VqtNDLHYPQOsytMAefuG4F-HrJiNWemnIZTtb22GHV_PupBx2Enf3tskLZFuUfM0SdaPO0wEOCy7zhsDdX1Jb-ubXzLYOaB_84Tb2quo&sai=AMfl-YTAtYZqvQ8CCnC7cbcTuTNT7qoWsgCxWvuY0WeU88fHjyFqa7uSfUoARnXkFy0jm2Lj_so9f7_ZjYtslhv__wMwLyr8dJ20c3sYFMG6GOViGVyBQChlfANXqTlCnAwP&sig=Cg0ArKJSzA1McVzvW48CEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame A09B 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=12707
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Mon, 27 Dec 2021 13:16:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A09B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:44:52 GMT
thumb_4997_573c1b39cbb06.jpg
cms.kapook.com/uploads/tag/6/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.kapook.com/uploads/tag/6/thumb_4997_573c1b39cbb06.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.241 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f46f045bf8e5f684df6f39d485fa5d38195a4ca2cafeb13079eccecb95f9c70a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Wed, 18 May 2016 07:35:21 GMT
etag
"4ae0fb-3a83-53318e6628040"
content-type
image/jpeg
cache-control
max-age=1800, private, must-revalidate
accept-ranges
bytes
content-length
14979
kp-cache-status
MISS, HIT
expires
Mon, 27 Dec 2021 10:14:52 GMT
thumb_15903_5a0ec12df066e.jpg
cms.kapook.com/uploads/tag/16/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.kapook.com/uploads/tag/16/thumb_15903_5a0ec12df066e.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.241 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a4d6b8573820a1dfaadabd529ebaac42e088fb74bd0ed4f4eea3701d1a7ceb9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Fri, 17 Nov 2017 10:59:58 GMT
etag
"4622f2-3b29-55e2ba3302780"
content-type
image/jpeg
cache-control
max-age=1800, private, must-revalidate
accept-ranges
bytes
content-length
15145
kp-cache-status
MISS, HIT
expires
Mon, 27 Dec 2021 10:14:52 GMT
thumb_14124_58f5be1fbf477.jpg
cms.kapook.com/uploads/tag/15/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.kapook.com/uploads/tag/15/thumb_14124_58f5be1fbf477.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.241 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
3e124e0c85932a70f7c3de5813789f23b47c1e029c84ce046dbbfa05b49ef46f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Tue, 18 Apr 2017 07:19:59 GMT
etag
"1561ed-4846-54d6bbc4485c0"
content-type
image/jpeg
cache-control
max-age=1800, private, must-revalidate
accept-ranges
bytes
content-length
18502
kp-cache-status
MISS, HIT
expires
Mon, 27 Dec 2021 10:14:52 GMT
thumb_3745_57a07dc9aeb15.jpg
cms.kapook.com/uploads/tag/4/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.kapook.com/uploads/tag/4/thumb_3745_57a07dc9aeb15.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.241 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
cbef1373bb473c63473d1f582fa31c4ee5d03a9bef057091e74877c814c7089a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Tue, 02 Aug 2016 11:02:33 GMT
etag
"15017b-24c2-53914a7544440"
content-type
image/jpeg
cache-control
max-age=1800, private, must-revalidate
accept-ranges
bytes
content-length
9410
kp-cache-status
MISS, HIT
expires
Mon, 27 Dec 2021 10:14:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FB1A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOCNhbpWJlfxJeweYnPDAjqJ681unqkrpeihWgyNTrDk6QY4jwjIalkM4kpXuIr9-zeZRasVt6qiEBc3t9jCFSg6CITW02ctdPne-YEu9DnC-DgIICgot0S34QDGkm8PLugQjRTSiHfDV_jpgn5cu8E6dH3K8oBVq_F7TnTRVt0ec8T37Jb3wPQJi9EMzBj7wZ1JprC2lGbGGwyNwd4GQqGWCOJJqktnShAXvgK5i28QaSYj7mgluDNboK_60PCXJVhCA4d4x41ZRLeB-rVeGbbTzOe7BNTXa3kId-vZKId2z8tm24S_QjeEp6&sai=AMfl-YRMCUZ5_SO0nAFf3CZnXyf57Y5YeIh9lIjtJebs0xLXxQ_tN23a80Ztji0E8pNEFfOnSPuu3hHQw4ey0Z2zjz_2cxWyXt-0dpKvysX3XDy5Lc2Wj-gSoAab-RXXzILF&sig=Cg0ArKJSzMM4ZKKz-FtwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame FB1A 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=12707
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Mon, 27 Dec 2021 13:16:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB1A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:44:52 GMT
container.html
af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 24B1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 27 Dec 2021 09:44:51 GMT
expires
Tue, 27 Dec 2022 09:44:51 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 10EB 		27 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=449&vw=798&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&cb=1640598291649&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fhealth.kapook.com%252Fview63418.html&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fhealth.kapook.com%252Fview63418.html&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-27%209:44:52&ranreq=0.966415714142373&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.5&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://health.kapook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
1774388-15.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 4BB4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774388-15.js?&cb=0.6889059848785299&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6931d085849524d8192d6e42936113cabde1c5a238a0f2fd7a5df65236fe9b54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1006
Expires
Wed, 17 Sep 1975 21:32:10 GMT
list
a.giraff.io/rtb/match/ 		310 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.giraff.io/rtb/match/list
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.161.16.148 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9f9055f144830dc9e6fb5c5f8a1dfe9f193196bd3370a9acba102200d9a7f3e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://health.kapook.com
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
1774390-2.js
smarttag.rubiconproject.com/a/22392/330930/ Frame A09B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774390-2.js?&cb=0.39814463076499007&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fafccde9bd3adf87fed817163ec5b848c76140e954290078c593b89b637b2c46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1001
Expires
Wed, 17 Sep 1975 21:32:10 GMT
1774384-57.js
smarttag.rubiconproject.com/a/22392/330930/ Frame FB1A 		12 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774384-57.js?&cb=0.38626499043017226&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
da36aad67b63ab86318e2f2afe08baebdefa6767b7b7337d7cf86399915217f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
6893
Expires
Wed, 17 Sep 1975 21:32:10 GMT
399294.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399294.js?json=1&async=1&cs=utf-8&rand=0.8993224225303134&num=1&as=&callback=callback776814357624382
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
a8b6a484da0de071b913f546b352898895311833f876aa13734c0ed1d22371ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
1774386-15.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 8AAB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774386-15.js?&cb=0.6223681528486129&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
bd5b0a4ed2a0791f5cc9eb666cf575c6153491ff522e965910e364fde80f8ab0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1008
Expires
Wed, 17 Sep 1975 21:32:10 GMT
css2
fonts.googleapis.com/ Frame 24B1 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Dec 2021 09:00:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 27 Dec 2021 09:44:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Dec 2021 09:44:52 GMT
css
fonts.googleapis.com/ Frame 6AED 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Dec 2021 08:13:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 27 Dec 2021 09:44:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Dec 2021 09:44:52 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6AED 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:43:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:43:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 6AED 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:09:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:09:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6AED 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
653
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:33:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6AED 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:44:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6AED 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:27:08 GMT
l
www.google.com/ads/measurement/ Frame 6AED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR29nWiNuTKobpO4yaoojtyG-jr4rKO4yd0Kw0zalLBj9SgegC3b4zAk8uMUpkKQP9mz9a0DfF_2CVvNAnx4LYt15JLug
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 6AED 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 09:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 25 Mar 2022 09:57:12 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 24B1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8346
x-xss-protection
0
server
cafe
etag
3177319193432224586
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:37:24 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 24B1 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 11:51:44 GMT
x-content-type-options
nosniff
age
251588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 24 Dec 2022 11:51:44 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 24B1 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 26 Dec 2021 07:58:31 GMT
x-content-type-options
nosniff
age
92781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 26 Dec 2022 07:58:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4BB4 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774388-15.js?&cb=0.6889059848785299&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1083 / 375 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Dec 2021 09:44:52 GMT
usync.html
eus.rubiconproject.com/ Frame A720 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774388-15.js?&cb=0.6889059848785299&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Dec 2021 09:44:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
1a730489-3de6-435d-89d8-b37a42e399d5
beacon-fra2.rubiconproject.com/beacon/d/ Frame 4BB4 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/1a730489-3de6-435d-89d8-b37a42e399d5?oo=0&accountId=22392&siteId=330930&zoneId=1774388&sizeId=15&e=6A1E40E384DA563B043997ACCBA00868B5F36C98222BB77EBADFEBF167D404E28A91987E5923EE0F8BD62B820A9DBD89172DB22D3B21A9B5BABC32A17AB730039290713A3CDEA412B8EFC21D83CF2A4C63AF685AF18256F39A99469E25461F40693ADFE53A6CE1B3C5ADF88F9ABCF25406ED968E8680843595BCEA9A1A431B34
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:51 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
track
aktrack.pubmatic.com/ Frame 10EB 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156743&s=670822&a=2752542&ts=1640598292&wa=0&e=95&vc=2
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-length
0
content-type
text/html
track
aktrack.pubmatic.com/ Frame 7940 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156743&s=670822&a=2752542&ts=1640598291&wa=0&e=96&ier=901
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-length
0
content-type
text/html
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598292341&pp=pubmatic&ev=xpf&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A101%2C%22errorMessage%22%3A%22Invalid%2FEmpty%20VAST%20Response%20from%20PubMatic%20~~02~~%20Server%22%2C%22actualErrorMessage%22%3A%22%3CVAST%20version%3D%5C%222.0%5C%22%3E%3C%2FVAST%3E%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sn=13
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
VykeWTyMSgsXYEuApla6i_LjnjzKwPjJ1AZCiZ_WjIHRZjxItzQv7A==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598292342&pp=pubmatic&ev=xit&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=rCpbfSm9EK7s&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&auc=kapook_outstream_live&lic=kapook_outstream_desktop&vastid=%5Bunknown%5D&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=0&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=&sn=14
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
eLxk01FWKOl-4ZEZjHsMFiCpJRssGu3iFkfjkg9N3_4IpB-FNOuGwQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598292343&pp=pubmatic&ev=xpf&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=rCpbfSm9EK7s&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.5%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A101%2C%22errorMessage%22%3A%22Invalid%2FEmpty%20VAST%20Response%20from%20PubMatic%20~~02~~%20Server%22%2C%22actualErrorMessage%22%3A%22%3CVAST%20version%3D%5C%222.0%5C%22%3E%3C%2FVAST%3E%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&auc=kapook_outstream_live&lic=kapook_outstream_desktop&vastid=%5Bunknown%5D&sn=15
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Via
1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
psJOqIfsRE6IbKVBfRU5SIx9G1hv9XON4Gk73rUKKJmshWajmZs6SA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=jR8nixZDqs9X&prid=&ts=1640598292350&pp=pubmatic&ev=xfn&id=rCpbfSm9EK7s&et=View&cid=0&pid=gZRatrhMF2Pe&pet=Session&abd=0&fs=0&sn=16
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-61.fra6.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
c3fCfWrZhNvD46cSzhRxyDx9VIc1bOKj1FZuFCvqQRf8fGA1wX86pw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
directadvert-sync
rtb.com.ru/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/directadvert-sync?uid=942483595
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.188 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
/
s.uuidksinc.net/match/246/ 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/246/?remote_uid=942483595
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
sync.cgi
ssp.adriver.ru/cgi-bin/ 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=77&external_id=942483595
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync.gif
stat.media/counter/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.media/counter/sync.gif?system=directadvert&ext_uid=942483595
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.161.36.23 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.sselp1.imcmdb.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
Server
nginx
Content-Type
image/gif
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
expires
0
/
s.uuidksinc.net/match/618/ 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/618/?remote_uid=942483595
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
usync.js
eus.rubiconproject.com/ Frame A720 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
748dbfe2db71572c8630493771ecef6bf281f6d536e9eecbff8bc36a11d1286e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30812
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9701
Expires
Mon, 27 Dec 2021 18:18:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A09B 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774390-2.js?&cb=0.39814463076499007&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1083 / 277 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Dec 2021 09:44:52 GMT
usync.html
eus.rubiconproject.com/ Frame 1256 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774390-2.js?&cb=0.39814463076499007&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Dec 2021 09:44:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
ff9ecb32-1c5b-4acf-a309-3d1837ee33cb
beacon-fra2.rubiconproject.com/beacon/d/ Frame A09B 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/ff9ecb32-1c5b-4acf-a309-3d1837ee33cb?oo=0&accountId=22392&siteId=330930&zoneId=1774390&sizeId=2&e=6A1E40E384DA563BB9A022EA1D7E62936B990443CA3F2CF21D4BA9EBE54609858FB533C68C27D9F6E3EBDE0854695A566D748C0D8D7FAA229DFCB9EBA0C880739290713A3CDEA412B8EFC21D83CF2A4C63AF685AF18256F39A99469E25461F4062270C0ABC47CA00C8E98AB87208168C06ED968E8680843595BCEA9A1A431B34
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 68E0 		261 B
499 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICT9wIQkdPp3QIYrfz1uwEwAQ&v=APEucNWETasTBf4r-PvT1AZQEXHFkdKm4AgGvs4iu5-LaEyLObkl8-yDuTLrRszH0nVC_IMIZR5irxT8zOwSaGEXTV4Q1CG_VqUHFQVavGosbjdjs9kRN-EBcFPYkAHqqDFS3sMQ7yqcXZLi_qFF-IS_ECGBHRQ2B8pNKMDgMOkliAmu9Y5Owug
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774384-57.js?&cb=0.38626499043017226&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 27 Dec 2021 09:44:52 GMT
server
cafe
cache-control
private
content-length
145
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 27 Dec 2021 09:44:52 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FB1A 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdbUWxhu97QnfRRP1U-Jh0ebVmWHBO5zJaFAqybX-w46ETIcaiaWLjNpYcAz_uR6z-SnX4iJRO6tmBnryyZnnWbJbvY0oXMiB_CSOEg3wzDE_oErRGNK44k-E4d1ZbzXlvbjzsUq59xcpqI4af_ApPmkFpTA&dbm_d=AKAmf-DkHtb0T1XCHVB6PvkVtv4EtA5B02BL6JjhQbIbxSDG3zYUipBlNt4hT22VnNO_sjQQmtOD1utvXe_P6aAl1feU3oigxjGd7AkaTMETHd1EX68g9nDV2py79ln9zjwQCWNb-x0-oZNMhAU84v1TXW4jwStJ3hPqMMby1q_03jRqEWOpUdCwlcz8kRDvUFJ1UbY-TA2amGfq1lvGCvnARlU4aeWrZGMwAr24Zh_fPM4imYycpW618uraaMOeCYqmHY-QmzUFBallP1sBN4-j08I_iUJwT-vQXdRyfE_jSkhnhYkMvbBcxf-qHm2UNQB5cn_WrX5f7IsGApTHyTRioEBtxuNSPK1jUkwuKJO6ZRkQNbfZmgzDPZmNH7Oq6mHDfm0-cmmO-zzv-e-Yhwvvh15xkcLuIRbMV5nvfUC0PY_IBzkDeE2gyYMNN3BZn8XlOGKqEFFnEVmpztagqCQJywQ50axS4xJB6X7AOvMicVIgHm7BIk93Sxhxzp6kiWDiUWGx8xvDZHlN6fyWBwwowpyv9Vq8ksau_hNnsRSznlZXecNnYvSMrZHZbl05VQrlk329S_SzIPaQ77X8H6-MHmTzp4Ehb1UOV1wyA8ddsotTxI39ufRNTnr1RBM2FJB_Z3xlWMk1o4ApgA3d_E_pR0MOnHo6xAEXPl4HscihyhV6xyT6UihCJtjAYp4P6NckcS1W45uDG6mBgZK8cdRSwY_5la7VOzTCStVDMZ49dihw59qOx5VU2ccvOcFrzeuCczm5_1leZuvkn4opz0n9sy0xMgJgAKla2m46QT0qRUN8M7Iu-GM5NsKcOHVr8PUaYPuusFf3Z74O6Z4H2UmuHV2rqLrIUF5gleHV5qGuU1WARjgdsYLzEYU3xQGpJYPSjfPc9UUQvmxrFvvTyUrE7NPlQsXFNcoaPY-h3CznzQp5OCsopvqsc_V8Hc1r8YaJohTJqRegGiRuej_Mi5CXBuD1VN0RP6DJMh5uRDJygZJJ--XN30zU8vXow7rTR60mPdMZNmSmx-C2-0H39IDdH8DkZMCYnwgN2YSN_EY3Wko0nUmLco1Y2F_-mXu7Iv76_n6CdIbNEBkrUj6AMWwLgSxjrgmzfQsUuVDhrg7AqVXu9aquwvcBuvX_Gss0dAQgcsYhiaBosRQhZtGjvGLOqkX1zeRDtFvUQ-sc2C7oKU2ji7vrN5f4TQVewV6ubrrUM0fgH_jnkEhIDnYtMGV7y_xiImaYVcX_Aj8KB16lstBfvayddA9HvcLPuDgHP5g30CwsclbPBrrNh5okEYI_0f9vJlvTeuWfasxP0jZfkz7U5MnB7GihWzYNrTolTbrfv56l3RnQib0TPuQD0cZ9T78wB7OCaMiKB32VOJczxKTK9QuydEYzbiIXT2CegRP8hllw2MkzMaYPmD4XO6QE2Utz0JY3WphqW9EQWIOhLdQixBbVNog87mTRTabFTNSe1_DfJUiWrFEYB4ualHUUoOnBg_91WD74llyTIo8y1KyIWB-GNIss89qjpe-wv0xRyGET5sWy_xbWzVjnYx6_brHb-Mxm4ZoVwkx_UTv3pj8YrB6vDd7nlH8TfzZEejh3nvPOzV9zdyzJXmTwt8xs4JsOTLec5_xZjSCM35PL8NKd__DLNGkdrkjCUL_jY1prBS-NDUc2xfo8QW0K7L515ZN1oi0YsF1i7vPLtwuEEAgsSwBK9RwOmoQKRvHTTO0AcRIXauT6IvNSO3JoJJ1FvI-p4-yfJbz6nuGEEUFykgciDT7cWxCqmbSj1hIlp6scTcXUvJ6h3M_jxBSY4KLeKHDiGzGuf40CFw02NLDlrycw8opUxPbOVkRIoNXdDsKhaLsJzoyFkc9EJjRjpmXtCcujOMkjhJy7yPP7YV4my5OCkgub0ydTy3C2sLbERoTDtPk8aILiIkRqwe7GNVvZVOfJS6PFqgB0zxCphxt70HzFTbo2Z13-9ENHpnkdoRtBsBp5J8wO2Hx2OonVIPPExLjyL4bKU6fSM2K4vg5NNlsgxRce_Zv8kYQheNUurbwIloK4I-vZzmrwyGOxwRxTLn8KfyCOhwMEdBHR6IuBEpOajRk4IMlnhWMF_TeLK1_y0tJI6vbH_yX-XORViEji1v0itowMxPWNIc_PCUugw3Qt0VZ2hFC8wnbhDByBdkJqAg0p-7-MGuBMwO06lcHvq7We-94tjmYZTalGDY-3BbFVby8xC5FmZktUs921n8TI6bwAt_bWrQ5vKVs8A5arhdr0QFd6s6oFGiKOuaWf5rt6iEViVLlWaG-1BZrhw6BWSL8H9NWZ8eN8UZmCEjD6hJe0rdENcbpgrs7QFwhyaIzmJM5bbo_QV3ZLDkoYNP15kMmguGm13SXo8psEJIaQx8G_7jSDJ2JgxUr9aKTte2G4TdAPnrv3XjFxYFaOFCo_MQnMEV2BGJsjPfHQm86_RNySjN5tICn-LHEgSLRBAdzSpoLJd73flc_MIXLRvDQ9gqN8JAgCJvFBsRQ534GN054R6bQvSr5_oM4b2STpF49p6OIellY-JtKjWINkMWMbOHnVrdqdfiWxmbmQpHZW8YbiPSyDw-K6G0M6luadBg7sTw2ba5jOf_wb-bJxp7HPHLWCsroZw4DJrB5a0mbjxj-eRrMfFZnYrYd7fE742NnPUF89mirKmQQakVwCK4UhonCNPgWXC9aBPHhyqLsY1s5iW25njuHnIl0zumfUmTCam4MLITfPIOYXCPWxvZc1NEc0jN9hrw9MwF5nEyXGjxcgq6sNChvpo3W0AXVMF9vTCrHX-Eu8aNrD8AyeXRXsmgyy9zdK_LIqDHyaYEAdSrrFxhwRNDeIuj0XPSqtEvbj0irmfUY4L7cvjZ845xb-shKJvgXyV_eSt3G0aTTCG-UdPQhktLKn0ChzU7R6eVj2TntPHsiwSb--Wg3GHwk4ws1sa0mc2UR5Nb401P2tQ7w03-gjSoGn5prr7gAg0etdeoXNW4jn2zFOLurdRgfb7BAlvhcsfmmEWjv-aU5GgCjKLhxOvvNJ3YKCT-N4FqcwJcI2V4cTxC2BMZSv9WSwshJxXi5I-1retQHvYkqB7g7zJqp-TUa_b6cxKAJ1jL8biyWM6yXun1LlIOaqG5xCkKImcPUwqYfzX8s-DQZaY5RdbfJZZXP_SOs96ReFs67Gt6Bw_JU&pr=8:BB0D7E6172DDEEDC&cid=CAASBORobaw&rfl=1%2Chttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html%240
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45fe03612b8b6aeffdf8add339418381176e660f01684b1abf6b742871b5fcc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31561
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB1A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3GTsQFvB1KkK7ZxZ4pMCqKjSaLn9cSd6wTzoMb-SdFMG7ENLlHl2CU3hMO-4WNQ8MkROg26BMBEb9LRcCZjs3eHLdTgdPD72uh7KO7pDoLExUZp0
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774384-57.js?&cb=0.38626499043017226&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
24650a5e-c14d-4bb4-81bb-978b50524047
beacon-fra2.rubiconproject.com/beacon/d/ Frame FB1A 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/24650a5e-c14d-4bb4-81bb-978b50524047?oo=0&accountId=22392&siteId=330930&zoneId=1774384&sizeId=57&e=6A1E40E384DA563BBDF27D8428020548FCECFC35E03D55BFE51796B45C24A509FF9DAB575922316DDD2435535D038887172DB22D3B21A9B564534D51E82007DA9290713A3CDEA412B8EFC21D83CF2A4CFCE5BF940B3FF7E5B968ED6DD63300B20E5BA069DC9408D825DD24D94B4D482D4777F2AE7F51F464F9CE21A0D6769B4506ED968E868084357BDC170DEF70CC5C719B755F0741FCC4CA9B6500717D108099C192D1CE19B8E1DDDC4E2A919FB9800977393059D1C05F
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774384-57.js?&cb=0.38626499043017226&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 4BB4 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Dec 2021 09:44:52 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8AAB 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774386-15.js?&cb=0.6223681528486129&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1083 / 594 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Dec 2021 09:44:52 GMT
usync.html
eus.rubiconproject.com/ Frame 7CEC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774386-15.js?&cb=0.6223681528486129&tk_st=1&rf=https%3A//health.kapook.com/view63418.html&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Dec 2021 09:44:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
fb824cb4-8f9a-4a95-a835-353cbdea0a3e
beacon-fra2.rubiconproject.com/beacon/d/ Frame 8AAB 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/fb824cb4-8f9a-4a95-a835-353cbdea0a3e?oo=0&accountId=22392&siteId=330930&zoneId=1774386&sizeId=15&e=6A1E40E384DA563B079A04227F4064EC36A66C8E8A12937B62172FC9E7F7DAC7A80ACB106B5F15BC5EF0BDD898ED3E726D748C0D8D7FAA229DFCB9EBA0C880739290713A3CDEA412B8EFC21D83CF2A4C63AF685AF18256F39A99469E25461F4077CC4A40C7ADBBC2B54465D9008CE22606ED968E8680843595BCEA9A1A431B34
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:51 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 1256 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
748dbfe2db71572c8630493771ecef6bf281f6d536e9eecbff8bc36a11d1286e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30812
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9701
Expires
Mon, 27 Dec 2021 18:18:24 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 667A 		143 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 27 Dec 2021 09:04:52 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.js
eus.rubiconproject.com/ Frame 7CEC 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
748dbfe2db71572c8630493771ecef6bf281f6d536e9eecbff8bc36a11d1286e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30812
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9701
Expires
Mon, 27 Dec 2021 18:18:24 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame A09B 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Dec 2021 09:44:52 GMT
csi
csi.gstatic.com/ Frame 7940 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kxohv3fu&c=6592157207638&slotId=3296078603819&fb=ima_html5-lima&sdkv=h.3.493.0&ppt=Blue%20Billywig%20Player&ppv=6.x&mrd=9&aab=1&itv=1&met.4=err.kxohv42h&aec=901
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.493.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 8AAB 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Dec 2021 09:44:52 GMT
truncated
/ Frame 8AAB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9b621f415957783fc1b0594efd18ac4940d034e26c9352a775e45a30b08d78f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A09B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86231dfad56fd7beb3a0640b4bf4ade8310458c8b3d58252ce9a0fcf20cc9578

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4BB4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84b8e1438b8f489d081d2996d1eaf17818e009e6b93c95a70460b1a476bf4611

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
tap.php
pixel.rubiconproject.com/ Frame A720
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENF7h1tz1GFi_rGLyy8f6Og&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENF7h1tz1GFi_rGLyy8f6Og&google_cver=1
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENF7h1tz1GFi_rGLyy8f6Og&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame A720 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
709414.gif
id.rlcdn.com/ Frame A720 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame A720
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YBWS18XlwUpeYle19K5nzw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1444798816364433609
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1444798816364433609
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Mon, 27 Dec 2021 09:44:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1444798816364433609
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame A720
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=247f61c9-8b13-4700-8ff2-fb250daebef3&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=247f61c9-8b13-4700-8ff2-fb250daebef3&expires=28
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Server
MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=247f61c9-8b13-4700-8ff2-fb250daebef3&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Dec 2021 09:44:51 GMT
pixel
cm.g.doubleclick.net/ Frame A720
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPSFY0MEotVy1GQTBY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPSFY0MEotVy1GQTBY
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPSFY0MEotVy1GQTBY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A720
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YcmLEwABBZ0vgwAF
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YcmLEwABBZ0vgwAF
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1640598293.587623,VS0,VE0
x-served-by
cache-hhn4044-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YcmLEwABBZ0vgwAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
ads.yahoo.com/cms/ Frame A720
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXOHV40J-W-FA0X&sigv=1&esig=2~011325ddc706d5d42f42325b2c83d1b636f2bdd6
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXOHV40J-W-FA0X&sigv=1&esig=2~011325ddc706d5d42f42325b2c83d1b636f2bdd6
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KXOHV40J-W-FA0X&sigv=1&esig=2~011325ddc706d5d42f42325b2c83d1b636f2bdd6
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
integrator.js
adservice.google.de/adsid/ Frame 4BB4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=health.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4BB4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=health.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4BB4 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3053776919855962&correlator=1552801209161067&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=16357739%2CHealth_300_2_PC&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&prev_scp=passback%3Dmagnite&cookie=ID%3D8e9e60030b5ae022-2263f63c10cd00d2%3AT%3D1640598291%3AS%3DALNI_Mau4msyk6vJmXaRpGvtMpeB3lNapg&cdm=health.kapook.com&bc=31&abxe=1&lmt=1640598292&dt=1640598292595&dlt=1640598292108&idt=479&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1069&adys=979&adks=1439381921&ucis=fvgj6h7tzuwv&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&top=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1043213445.1640598291&ga_sid=1640598293&ga_hid=2074447178&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8defc86783fa4e9cbd954bfb8ad2c14583cc5b4cb271b6616a16c7a7491c79ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7798
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://health.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66D3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 27 Dec 2021 09:44:52 GMT
expires
Tue, 27 Dec 2022 09:44:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
621.json
id5-sync.com/g/v2/ 		213 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/621.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p38.id5-sync.com
Software
/
Resource Hash
20bc0b78bc2101c3249cebba7cec22169d5d3aaa382de111a7db4ba807bb88b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://health.kapook.com
Date
Mon, 27 Dec 2021 09:44:52 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://health.kapook.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		63 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1c48fe07be0bfc19f65b14fe76c920973385e52f7f797ab02abf7710c01f3b43

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://health.kapook.com
cache-control
no-cache
x-server
10.45.12.208
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		108 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f22e58c109f7df8402516d01d9280e8aa35f421b99140ee07b944290458cf604

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://health.kapook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 26 Jan 2022 09:44:52 GMT
html_obb_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame FB1A 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_obb_rendering_lib_200_275.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
406b4457b753e6582999535eb520f2e7994a3dacab6b1650fe4c99010f46597a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.kapook.com/
Origin
https://health.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 26 Dec 2021 20:07:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60223
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Dec 2021 20:07:40 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame FB1A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdbUWxhu97QnfRRP1U-Jh0ebVmWHBO5zJaFAqybX-w46ETIcaiaWLjNpYcAz_uR6z-SnX4iJRO6tmBnryyZnnWbJbvY0oXMiB_CSOEg3wzDE_oErRGNK44k-E4d1ZbzXlvbjzsUq59xcpqI4af_ApPmkFpTA&dbm_d=AKAmf-DkHtb0T1XCHVB6PvkVtv4EtA5B02BL6JjhQbIbxSDG3zYUipBlNt4hT22VnNO_sjQQmtOD1utvXe_P6aAl1feU3oigxjGd7AkaTMETHd1EX68g9nDV2py79ln9zjwQCWNb-x0-oZNMhAU84v1TXW4jwStJ3hPqMMby1q_03jRqEWOpUdCwlcz8kRDvUFJ1UbY-TA2amGfq1lvGCvnARlU4aeWrZGMwAr24Zh_fPM4imYycpW618uraaMOeCYqmHY-QmzUFBallP1sBN4-j08I_iUJwT-vQXdRyfE_jSkhnhYkMvbBcxf-qHm2UNQB5cn_WrX5f7IsGApTHyTRioEBtxuNSPK1jUkwuKJO6ZRkQNbfZmgzDPZmNH7Oq6mHDfm0-cmmO-zzv-e-Yhwvvh15xkcLuIRbMV5nvfUC0PY_IBzkDeE2gyYMNN3BZn8XlOGKqEFFnEVmpztagqCQJywQ50axS4xJB6X7AOvMicVIgHm7BIk93Sxhxzp6kiWDiUWGx8xvDZHlN6fyWBwwowpyv9Vq8ksau_hNnsRSznlZXecNnYvSMrZHZbl05VQrlk329S_SzIPaQ77X8H6-MHmTzp4Ehb1UOV1wyA8ddsotTxI39ufRNTnr1RBM2FJB_Z3xlWMk1o4ApgA3d_E_pR0MOnHo6xAEXPl4HscihyhV6xyT6UihCJtjAYp4P6NckcS1W45uDG6mBgZK8cdRSwY_5la7VOzTCStVDMZ49dihw59qOx5VU2ccvOcFrzeuCczm5_1leZuvkn4opz0n9sy0xMgJgAKla2m46QT0qRUN8M7Iu-GM5NsKcOHVr8PUaYPuusFf3Z74O6Z4H2UmuHV2rqLrIUF5gleHV5qGuU1WARjgdsYLzEYU3xQGpJYPSjfPc9UUQvmxrFvvTyUrE7NPlQsXFNcoaPY-h3CznzQp5OCsopvqsc_V8Hc1r8YaJohTJqRegGiRuej_Mi5CXBuD1VN0RP6DJMh5uRDJygZJJ--XN30zU8vXow7rTR60mPdMZNmSmx-C2-0H39IDdH8DkZMCYnwgN2YSN_EY3Wko0nUmLco1Y2F_-mXu7Iv76_n6CdIbNEBkrUj6AMWwLgSxjrgmzfQsUuVDhrg7AqVXu9aquwvcBuvX_Gss0dAQgcsYhiaBosRQhZtGjvGLOqkX1zeRDtFvUQ-sc2C7oKU2ji7vrN5f4TQVewV6ubrrUM0fgH_jnkEhIDnYtMGV7y_xiImaYVcX_Aj8KB16lstBfvayddA9HvcLPuDgHP5g30CwsclbPBrrNh5okEYI_0f9vJlvTeuWfasxP0jZfkz7U5MnB7GihWzYNrTolTbrfv56l3RnQib0TPuQD0cZ9T78wB7OCaMiKB32VOJczxKTK9QuydEYzbiIXT2CegRP8hllw2MkzMaYPmD4XO6QE2Utz0JY3WphqW9EQWIOhLdQixBbVNog87mTRTabFTNSe1_DfJUiWrFEYB4ualHUUoOnBg_91WD74llyTIo8y1KyIWB-GNIss89qjpe-wv0xRyGET5sWy_xbWzVjnYx6_brHb-Mxm4ZoVwkx_UTv3pj8YrB6vDd7nlH8TfzZEejh3nvPOzV9zdyzJXmTwt8xs4JsOTLec5_xZjSCM35PL8NKd__DLNGkdrkjCUL_jY1prBS-NDUc2xfo8QW0K7L515ZN1oi0YsF1i7vPLtwuEEAgsSwBK9RwOmoQKRvHTTO0AcRIXauT6IvNSO3JoJJ1FvI-p4-yfJbz6nuGEEUFykgciDT7cWxCqmbSj1hIlp6scTcXUvJ6h3M_jxBSY4KLeKHDiGzGuf40CFw02NLDlrycw8opUxPbOVkRIoNXdDsKhaLsJzoyFkc9EJjRjpmXtCcujOMkjhJy7yPP7YV4my5OCkgub0ydTy3C2sLbERoTDtPk8aILiIkRqwe7GNVvZVOfJS6PFqgB0zxCphxt70HzFTbo2Z13-9ENHpnkdoRtBsBp5J8wO2Hx2OonVIPPExLjyL4bKU6fSM2K4vg5NNlsgxRce_Zv8kYQheNUurbwIloK4I-vZzmrwyGOxwRxTLn8KfyCOhwMEdBHR6IuBEpOajRk4IMlnhWMF_TeLK1_y0tJI6vbH_yX-XORViEji1v0itowMxPWNIc_PCUugw3Qt0VZ2hFC8wnbhDByBdkJqAg0p-7-MGuBMwO06lcHvq7We-94tjmYZTalGDY-3BbFVby8xC5FmZktUs921n8TI6bwAt_bWrQ5vKVs8A5arhdr0QFd6s6oFGiKOuaWf5rt6iEViVLlWaG-1BZrhw6BWSL8H9NWZ8eN8UZmCEjD6hJe0rdENcbpgrs7QFwhyaIzmJM5bbo_QV3ZLDkoYNP15kMmguGm13SXo8psEJIaQx8G_7jSDJ2JgxUr9aKTte2G4TdAPnrv3XjFxYFaOFCo_MQnMEV2BGJsjPfHQm86_RNySjN5tICn-LHEgSLRBAdzSpoLJd73flc_MIXLRvDQ9gqN8JAgCJvFBsRQ534GN054R6bQvSr5_oM4b2STpF49p6OIellY-JtKjWINkMWMbOHnVrdqdfiWxmbmQpHZW8YbiPSyDw-K6G0M6luadBg7sTw2ba5jOf_wb-bJxp7HPHLWCsroZw4DJrB5a0mbjxj-eRrMfFZnYrYd7fE742NnPUF89mirKmQQakVwCK4UhonCNPgWXC9aBPHhyqLsY1s5iW25njuHnIl0zumfUmTCam4MLITfPIOYXCPWxvZc1NEc0jN9hrw9MwF5nEyXGjxcgq6sNChvpo3W0AXVMF9vTCrHX-Eu8aNrD8AyeXRXsmgyy9zdK_LIqDHyaYEAdSrrFxhwRNDeIuj0XPSqtEvbj0irmfUY4L7cvjZ845xb-shKJvgXyV_eSt3G0aTTCG-UdPQhktLKn0ChzU7R6eVj2TntPHsiwSb--Wg3GHwk4ws1sa0mc2UR5Nb401P2tQ7w03-gjSoGn5prr7gAg0etdeoXNW4jn2zFOLurdRgfb7BAlvhcsfmmEWjv-aU5GgCjKLhxOvvNJ3YKCT-N4FqcwJcI2V4cTxC2BMZSv9WSwshJxXi5I-1retQHvYkqB7g7zJqp-TUa_b6cxKAJ1jL8biyWM6yXun1LlIOaqG5xCkKImcPUwqYfzX8s-DQZaY5RdbfJZZXP_SOs96ReFs67Gt6Bw_JU&pr=8:BB0D7E6172DDEEDC&cid=CAASBORobaw&rfl=1%2Chttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:41:49 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame FB1A 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BdbUWxhu97QnfRRP1U-Jh0ebVmWHBO5zJaFAqybX-w46ETIcaiaWLjNpYcAz_uR6z-SnX4iJRO6tmBnryyZnnWbJbvY0oXMiB_CSOEg3wzDE_oErRGNK44k-E4d1ZbzXlvbjzsUq59xcpqI4af_ApPmkFpTA&dbm_d=AKAmf-DkHtb0T1XCHVB6PvkVtv4EtA5B02BL6JjhQbIbxSDG3zYUipBlNt4hT22VnNO_sjQQmtOD1utvXe_P6aAl1feU3oigxjGd7AkaTMETHd1EX68g9nDV2py79ln9zjwQCWNb-x0-oZNMhAU84v1TXW4jwStJ3hPqMMby1q_03jRqEWOpUdCwlcz8kRDvUFJ1UbY-TA2amGfq1lvGCvnARlU4aeWrZGMwAr24Zh_fPM4imYycpW618uraaMOeCYqmHY-QmzUFBallP1sBN4-j08I_iUJwT-vQXdRyfE_jSkhnhYkMvbBcxf-qHm2UNQB5cn_WrX5f7IsGApTHyTRioEBtxuNSPK1jUkwuKJO6ZRkQNbfZmgzDPZmNH7Oq6mHDfm0-cmmO-zzv-e-Yhwvvh15xkcLuIRbMV5nvfUC0PY_IBzkDeE2gyYMNN3BZn8XlOGKqEFFnEVmpztagqCQJywQ50axS4xJB6X7AOvMicVIgHm7BIk93Sxhxzp6kiWDiUWGx8xvDZHlN6fyWBwwowpyv9Vq8ksau_hNnsRSznlZXecNnYvSMrZHZbl05VQrlk329S_SzIPaQ77X8H6-MHmTzp4Ehb1UOV1wyA8ddsotTxI39ufRNTnr1RBM2FJB_Z3xlWMk1o4ApgA3d_E_pR0MOnHo6xAEXPl4HscihyhV6xyT6UihCJtjAYp4P6NckcS1W45uDG6mBgZK8cdRSwY_5la7VOzTCStVDMZ49dihw59qOx5VU2ccvOcFrzeuCczm5_1leZuvkn4opz0n9sy0xMgJgAKla2m46QT0qRUN8M7Iu-GM5NsKcOHVr8PUaYPuusFf3Z74O6Z4H2UmuHV2rqLrIUF5gleHV5qGuU1WARjgdsYLzEYU3xQGpJYPSjfPc9UUQvmxrFvvTyUrE7NPlQsXFNcoaPY-h3CznzQp5OCsopvqsc_V8Hc1r8YaJohTJqRegGiRuej_Mi5CXBuD1VN0RP6DJMh5uRDJygZJJ--XN30zU8vXow7rTR60mPdMZNmSmx-C2-0H39IDdH8DkZMCYnwgN2YSN_EY3Wko0nUmLco1Y2F_-mXu7Iv76_n6CdIbNEBkrUj6AMWwLgSxjrgmzfQsUuVDhrg7AqVXu9aquwvcBuvX_Gss0dAQgcsYhiaBosRQhZtGjvGLOqkX1zeRDtFvUQ-sc2C7oKU2ji7vrN5f4TQVewV6ubrrUM0fgH_jnkEhIDnYtMGV7y_xiImaYVcX_Aj8KB16lstBfvayddA9HvcLPuDgHP5g30CwsclbPBrrNh5okEYI_0f9vJlvTeuWfasxP0jZfkz7U5MnB7GihWzYNrTolTbrfv56l3RnQib0TPuQD0cZ9T78wB7OCaMiKB32VOJczxKTK9QuydEYzbiIXT2CegRP8hllw2MkzMaYPmD4XO6QE2Utz0JY3WphqW9EQWIOhLdQixBbVNog87mTRTabFTNSe1_DfJUiWrFEYB4ualHUUoOnBg_91WD74llyTIo8y1KyIWB-GNIss89qjpe-wv0xRyGET5sWy_xbWzVjnYx6_brHb-Mxm4ZoVwkx_UTv3pj8YrB6vDd7nlH8TfzZEejh3nvPOzV9zdyzJXmTwt8xs4JsOTLec5_xZjSCM35PL8NKd__DLNGkdrkjCUL_jY1prBS-NDUc2xfo8QW0K7L515ZN1oi0YsF1i7vPLtwuEEAgsSwBK9RwOmoQKRvHTTO0AcRIXauT6IvNSO3JoJJ1FvI-p4-yfJbz6nuGEEUFykgciDT7cWxCqmbSj1hIlp6scTcXUvJ6h3M_jxBSY4KLeKHDiGzGuf40CFw02NLDlrycw8opUxPbOVkRIoNXdDsKhaLsJzoyFkc9EJjRjpmXtCcujOMkjhJy7yPP7YV4my5OCkgub0ydTy3C2sLbERoTDtPk8aILiIkRqwe7GNVvZVOfJS6PFqgB0zxCphxt70HzFTbo2Z13-9ENHpnkdoRtBsBp5J8wO2Hx2OonVIPPExLjyL4bKU6fSM2K4vg5NNlsgxRce_Zv8kYQheNUurbwIloK4I-vZzmrwyGOxwRxTLn8KfyCOhwMEdBHR6IuBEpOajRk4IMlnhWMF_TeLK1_y0tJI6vbH_yX-XORViEji1v0itowMxPWNIc_PCUugw3Qt0VZ2hFC8wnbhDByBdkJqAg0p-7-MGuBMwO06lcHvq7We-94tjmYZTalGDY-3BbFVby8xC5FmZktUs921n8TI6bwAt_bWrQ5vKVs8A5arhdr0QFd6s6oFGiKOuaWf5rt6iEViVLlWaG-1BZrhw6BWSL8H9NWZ8eN8UZmCEjD6hJe0rdENcbpgrs7QFwhyaIzmJM5bbo_QV3ZLDkoYNP15kMmguGm13SXo8psEJIaQx8G_7jSDJ2JgxUr9aKTte2G4TdAPnrv3XjFxYFaOFCo_MQnMEV2BGJsjPfHQm86_RNySjN5tICn-LHEgSLRBAdzSpoLJd73flc_MIXLRvDQ9gqN8JAgCJvFBsRQ534GN054R6bQvSr5_oM4b2STpF49p6OIellY-JtKjWINkMWMbOHnVrdqdfiWxmbmQpHZW8YbiPSyDw-K6G0M6luadBg7sTw2ba5jOf_wb-bJxp7HPHLWCsroZw4DJrB5a0mbjxj-eRrMfFZnYrYd7fE742NnPUF89mirKmQQakVwCK4UhonCNPgWXC9aBPHhyqLsY1s5iW25njuHnIl0zumfUmTCam4MLITfPIOYXCPWxvZc1NEc0jN9hrw9MwF5nEyXGjxcgq6sNChvpo3W0AXVMF9vTCrHX-Eu8aNrD8AyeXRXsmgyy9zdK_LIqDHyaYEAdSrrFxhwRNDeIuj0XPSqtEvbj0irmfUY4L7cvjZ845xb-shKJvgXyV_eSt3G0aTTCG-UdPQhktLKn0ChzU7R6eVj2TntPHsiwSb--Wg3GHwk4ws1sa0mc2UR5Nb401P2tQ7w03-gjSoGn5prr7gAg0etdeoXNW4jn2zFOLurdRgfb7BAlvhcsfmmEWjv-aU5GgCjKLhxOvvNJ3YKCT-N4FqcwJcI2V4cTxC2BMZSv9WSwshJxXi5I-1retQHvYkqB7g7zJqp-TUa_b6cxKAJ1jL8biyWM6yXun1LlIOaqG5xCkKImcPUwqYfzX8s-DQZaY5RdbfJZZXP_SOs96ReFs67Gt6Bw_JU&pr=8:BB0D7E6172DDEEDC&cid=CAASBORobaw&rfl=1%2Chttps%253A%252F%252Fhealth.kapook.com%252Fview63418.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:44:21 GMT
m
ad.yieldlab.net/ Frame 68E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJsE744te_IoOE9GSuYxyA8&google_cver=1
0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJsE744te_IoOE9GSuYxyA8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICT9wIQkdPp3QIYrfz1uwEwAQ&v=APEucNWETasTBf4r-PvT1AZQEXHFkdKm4AgGvs4iu5-LaEyLObkl8-yDuTLrRszH0nVC_IMIZR5irxT8zOwSaGEXTV4Q1CG_VqUHFQVavGosbjdjs9kRN-EBcFPYkAHqqDFS3sMQ7yqcXZLi_qFF-IS_ECGBHRQ2B8pNKMDgMOkliAmu9Y5Owug
Protocol
HTTP/1.1
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sun, 26 Dec 2021 09:44:52 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJsE744te_IoOE9GSuYxyA8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 68E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEN3FxXX2SN8c9ayx7BW9teQ&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEN3FxXX2SN8c9ayx7BW9teQ&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICT9wIQkdPp3QIYrfz1uwEwAQ&v=APEucNWETasTBf4r-PvT1AZQEXHFkdKm4AgGvs4iu5-LaEyLObkl8-yDuTLrRszH0nVC_IMIZR5irxT8zOwSaGEXTV4Q1CG_VqUHFQVavGosbjdjs9kRN-EBcFPYkAHqqDFS3sMQ7yqcXZLi_qFF-IS_ECGBHRQ2B8pNKMDgMOkliAmu9Y5Owug
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
last-modified
Wed, 10 Apr 2019 10:06:26 GMT
server
nginx
accept-ranges
bytes
etag
"5cadc022-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEN3FxXX2SN8c9ayx7BW9teQ&google_cver=1&adform_v=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame A09B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=health.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A09B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=health.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A09B 		26 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1764987535653635&correlator=2362373344489546&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=16357739%2Chealth728pc&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C1x1&prev_scp=passback%3Dmagnite&cookie=ID%3D8e9e60030b5ae022-2263f63c10cd00d2%3AT%3D1640598291%3AS%3DALNI_Mau4msyk6vJmXaRpGvtMpeB3lNapg&cdm=health.kapook.com&bc=31&abxe=1&lmt=1640598292&dt=1640598292632&dlt=1640598292112&idt=515&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=4944&adks=3162787727&ucis=jsqflvgfirjx&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&top=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1043213445.1640598291&ga_sid=1640598293&ga_hid=770923504&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
7f6405da484a5faee7b9844a2abc336caf99a61ceef031b46e6903610937351e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13478
x-xss-protection
0
google-lineitem-id
5410249604
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138315487331
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://health.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a720579e6a80717fd9c2b7a1a4d8f38d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C1E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a720579e6a80717fd9c2b7a1a4d8f38d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 27 Dec 2021 09:44:52 GMT
expires
Tue, 27 Dec 2022 09:44:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 8AAB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=health.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8AAB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=health.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8AAB 		27 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1192596233980482&correlator=435587372190376&output=ldjh&impl=fif&eid=31063898&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=16357739%2Chealth300pc&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C1x1%7C336x280&prev_scp=passback%3Dmagnite&cookie=ID%3D8e9e60030b5ae022-2263f63c10cd00d2%3AT%3D1640598291%3AS%3DALNI_Mau4msyk6vJmXaRpGvtMpeB3lNapg&cdm=health.kapook.com&bc=31&abxe=1&lmt=1640598292&dt=1640598292646&dlt=1640598292101&idt=539&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1069&adys=651&adks=765368083&ucis=rhw97stuvgmf&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&top=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1043213445.1640598291&ga_sid=1640598293&ga_hid=2125209140&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9e0418788b8f67e1013ab645fbdf2546c1c423ca563d9cc0dbf5e080feea4761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13704
x-xss-protection
0
google-lineitem-id
5409938773
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138315522807
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://health.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cdd4c39bf83343b0a57879b3c124727d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB74 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdd4c39bf83343b0a57879b3c124727d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 27 Dec 2021 09:44:52 GMT
expires
Tue, 27 Dec 2022 09:44:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 667A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
URL: https://af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 27 Dec 2021 09:44:52 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 27 Dec 2021 09:44:52 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 27 Dec 2021 09:44:52 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FB1A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334195
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Dec 2022 12:54:57 GMT
usync.html
eus.rubiconproject.com/ Frame FF28 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Dec 2021 09:44:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame FB1A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvad0b5Hr1sWiO4VheNC9d81rFOvcqx5z1xIYW_HUlKmjorD87gY71eoIU_LCzrfUQWrqUoC2MLlQ70bO9NBkrkwLdOhxMaFlCNkG4j6AhcFnNt_Lr8p4Yc53JSJvIH7sWzHqCo9-9X14apgEJla-d5ZoPxcckiTocaVOv6WIqlgRMvMFRiZk9DVxeepCOfMJIg8w-qvIKPh2KE6GFwyVlhSqRpEYr1VSqlHL7oyRGK5Sm1qeWEXWERaNytVGJmtR9FNr0zI68PAszKS3CuYWhX722UiQiPpp1gb2xEuQRYqnnFxw9JwOKH5_XYV1M&sai=AMfl-YTY4Xnn3-GqFYNzty_EoOe9Uxr0AeLO1v3TFJPqZPymoptFkkbSH5briL9Fn8EEjEtXtpQMimmeU6LVZsTXJjuJZRWeJq8CwIi16Hlg-g9_yO7RrPobNJg6rqIEC1Q-&sig=Cg0ArKJSzMUiVAer7aO4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 27 Dec 2021 09:44:52 GMT
truncated
/ Frame FB1A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bea7b487fff4ed5887e53d5ff146cfb342dc144025338e77a92d4105906ea3a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame FF28 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
748dbfe2db71572c8630493771ecef6bf281f6d536e9eecbff8bc36a11d1286e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 27 Dec 2021 09:44:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30812
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9701
Expires
Mon, 27 Dec 2021 18:18:24 GMT
399296.js
a.th.giraff.io/data/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399296.js?json=1&async=1&cs=utf-8&rand=0.5963189611025619&num=2&as=&nodupes=1&callback=callback784677183778554
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
00fcdea81e1a3414c3d33d869bde8a16a3701e8b3587fcfebf473753daacf14d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
view
securepubads.g.doubleclick.net/pcs/ Frame 4BB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZLf7PSfN_rc-lR-Ws5Bjqn26SxCjRkQkB63CSS6EoNB541gM1lPxZJuPmzsgXu2EqJlmbbKzooRA4Q-njWVq7REz6WbKYx4SoIMTMCUZYEfJesC1XWM8VbgGWZlQRDa3kL4AptTlQMzxHb5kioQoSHRbXLecbJO_Z-_Ka_l6pSOV6dPkWTHpcDrsBwqZmXfTpaieKNAijoESHCF1KZ3oDF6Pm7h-fNDkh1XqrJd6gUVbU8rhNlvPXnYeOhJ547w-XtaJ0lsGHdpzEa5xeLI7hSO7UerH0Irvt06YS3IsQruqkl7DA3lJeJHx6OucauHJ7IjJR&sai=AMfl-YSwOrYJwPBZ-b5KE6eHCzR7U4HyOOtyyrwkF3YmoWjmfTvsiYgWuCDAHUHvww6L08w8YP2Gcnhp4Tansq-ytgvTu5DKB8Y98h2A5ysUoJS2jZpWgiRMTUfLzvCacz-l&sig=Cg0ArKJSzLrhPfvGF5DHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 27 Dec 2021 09:44:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4BB4 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
242590be73558b8c7d598891c9616b9ee13c00bf9e79e55e087e986699688e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8551
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A09B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaTR4plrrh03j82pHyI1kmqsfTIGjTSu8wAeiB8ib8FP2kUIOvfPwZiHy9aiss2g8u9-Z2emASqnRr6utupuVclVGe7ycP4DYU5vhG6eOzV5RSoF5K6f-5BL1UYM0LCgECVEvMREzAP85lUHFt_0CGKFqX5FS899VdZa5-iMK5qnoVgsJEqVgkkrCZjkIPrDNPTTIe65Uh6QCoYi_JiYeOya5hQ9HMjeqL_jDvdQOyulg8Z5i_twwyBSItGY1F8TEKMjMxsx_snioZmW3eOAwhl98B45X6Ni6s-GTa2-SUQrXztb1QyAyy5GcKFQ&sai=AMfl-YR7v75SdyFFMvauVOzxNlRnU22OTh8e8gPxj0LtGGU5Y5AGaX7AWvUI3iYemXp8peOdCOGGz5o2J0HrlFMf_THSplaSwW0tKX-2iH3DlBi-7vcKnna5pMLQ4zavfQgW&sig=Cg0ArKJSzG5Hb4ZrpMyCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 27 Dec 2021 09:44:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A09B 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3970967ddb7c833ecc807ef6c36c738ec3d2ad1a8acb2a4f020ad7ac4d9fe89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8475
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8AAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutLj_76y8xvW16nTBD6Q9kMn5fZ7JoXS88-yNa0np2ashwAF8-Ovi26lrmRO6qmGPeXp6KaqOSY_NuKEtoQdvVjFavY4eX533YCLGbw4pyVNnReUDq8GAeX-ssfRHAyl-Zp5uLdfT-yj6THteMPUOPNR69h1blC8SjcYolGI_6Xmm8Tv9x8hWh2Qsy-9PEssGGy-fiSBYPjUenfy9wVSVUTmukLjzsLp9mP1ddwfpUdX2sEIyNEmrSh92pnKkF0lErDbdpk8EeMn-wWwKaTVW3s5dmoPq-hGljCvC8TBr-libqIvePouCXtalLi1e1LsM&sai=AMfl-YQ8nOtayzR-9ssdbnV9ayJNbPzO9XoyWCGR8bsaGGc1WXmbvrzixPJFDAWdywoieUEqtlB0X8zW_hjaf6YyQ1ZmAQIkyN4ajw1JgRVvJT_yADFpSQh33d_Az8av22Vi&sig=Cg0ArKJSzKUajrKgNJrmEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 27 Dec 2021 09:44:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8AAB 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05b0bd352920171fb7cefb5bea7991c3733ab1e673f0e5366a4c593c0e7937c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8482
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB1A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:44:53 GMT
index.html
s0.2mdn.net/sadbundle/9968920053668752910/ Frame 3600 		115 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9968920053668752910/index.html?e=69&leftOffset=0&topOffset=0&c=CWmnKkk5oM&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2856fd01fd3cbf247af5a144c7fe3101aa736f03f969b8c3a28114ab86a2c350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:52 GMT
expires
Tue, 27 Dec 2022 09:44:52 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 25 Nov 2021 15:07:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame FB1A 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJsGDAeXJWwHsN6xiiEn1EQGcRyWtfxLadn4wRQkvcoslZHJpP23lVtl5KuE00c3ZWsU_8jlVdUyrK_ysjVrqIAU-1ZZeN4lWC9t1I-H2thn-Y8G7fTfux03b5ZCmJY5UAhl306d8VTtRrXyrJs2Q-_70bpiJUcnV4osliTwThqAck_-sipZDoirGW80-ja2nTk9WLLABbcBEodUe8NJfcu8LbT8U4DtpeGng-0z50PkCh_skQuXBnAogs6RbLwW3OJnUqLh8lq9GH9rf8CiXFhs3u5cQ5QetSgjNGc-J41d3LtTlLX5HgGpG4FfCNEBA6HNs19YrQ-0bj6yo8d0XI-pshHVkwHcv5o1Z4RPwHLTFHFYGWmJ97StdYYKcj5_QflHfdk1JWdpBIm587Q0pN-tkIx9Sasotem8x6wNeM1V1J1EkBlk664aFJdkkjEr-oLok6Bm0UMUZKVkpCIDVE42_j3TcCeAdPwqCfSVsiCr7ZudG4sY12CANOcsGLFmXDduA6gAgNZBhhCQ_YS7unsvtmTbDu4n_Jw-AXQda64P7bfoayHez7sLIHyO87MltF3ZByz-fy4BZtliebqqj2enmJ8hL4WKIyQjSqmddW1gFguXRKOEkEW1xWi3yeKsnckAISQuPKjFt4JIs024eQg5AGsqfA_osLGkW5orFSBAoDiZTbTTM8zotG67mQ4J_m40_jBMlWzr1Alvn3njatItDjqAgJc1mAb0qbw9Gqh0xVjDUPBhZHxYDRdCJa8qEMmo-OMua7PjQ55iZLwVUPrGjIt-6uWGDScLq5l_lFlooM0ZI0SJs-Q0q0DOy5eSgFQHYVs_lHwcOfv0uAb3LoM3zUOG9B07C9lMmIEbO_HsCBmlhpwEZyzwfxz5zrk3mAfuNcuqAjGvLLvsmU9C4ba3pd7DqpQJoPBSaqQ0OxGHdHqpX5h_YmZX5WBlEGtQm4dV2T6JEdC_mRTv-Rp2lQPIK6KQWVG-gpxh-Sk8WNoPIn46DLEIUuyUCogauOTSP1R6n5HYcbk3tCmPkqLKQe5DV0qZsIwgBhmM-dZf1LZnrcX5ZaDgR7JRCUPQwd40P5Ej4RqUd6ezPyKzaL-gzwqYfhbht8_gTGz49mo5xSduhx93RF6rmcVry3-eDde9dAJODVDPJZ8o6RHyukI0NcicpZ7LYWK7ApHPxXIiwoKHKCJpoASwZhAUaz8--VsRifay2yt6yFQ9I4LE8UtT7kMp12qEJ3RVvpn0yiLS6einok-7Rg&sai=AMfl-YRR0QFxqxLUMF7X2wyJOfZKt-Cbcr_PAPqHO9U3QIO4AZQrK_SPoIufDP2O5Hy_ORVVbWW3SQh1vifR29vV5wXw1O-MHr4GFGu5p9c8oY5t_tBfAQm6SwvCoNz-ds1IQkU4&sig=Cg0ArKJSzOYEjjsAvvMEEAE&uach_m=[UACH]&pr=8:BB0D7E6172DDEEDC&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=171&cbvp=1&cstd=165&cisv=r20211207.77249&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 27 Dec 2021 09:44:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4CCC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 27 Dec 2021 09:32:15 GMT
expires
Tue, 27 Dec 2022 09:32:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 3600 		10 KB
746 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600,700,300,regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9968920053668752910/index.html?e=69&leftOffset=0&topOffset=0&c=CWmnKkk5oM&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Dec 2021 09:44:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 27 Dec 2021 09:44:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Dec 2021 09:44:52 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 3600 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9968920053668752910/index.html?e=69&leftOffset=0&topOffset=0&c=CWmnKkk5oM&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9968920053668752910/index.html?e=69&leftOffset=0&topOffset=0&c=CWmnKkk5oM&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 26 Dec 2021 15:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Dec 2021 15:50:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4BB4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 27 Dec 2021 09:44:52 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 4CCC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 15:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
152206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 15:28:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A09B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 27 Dec 2021 09:44:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8AAB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 27 Dec 2021 09:44:52 GMT
container.html
05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F52C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 27 Dec 2021 09:44:52 GMT
expires
Tue, 27 Dec 2022 09:44:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 3600 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,700,300,regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 13:52:02 GMT
x-content-type-options
nosniff
age
244370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Dec 2022 13:52:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 91A1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 27 Dec 2021 09:38:17 GMT
expires
Tue, 27 Dec 2022 09:38:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8567 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
513660a98d5661850bc8aaffa04a3234ea92b817c7b4082ce11421808d8f1cb0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pyReGTj+RPF4pPUhPVw1oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 27 Dec 2021 09:44:53 GMT
date
Mon, 27 Dec 2021 09:44:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-pyReGTj+RPF4pPUhPVw1oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame FFAE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk27RekikqcHIo1RJrioWqQPnbK672_R2rdMwEs6f-3yDuMoGTkSaTdyRuoCxaB32E78D3MpgWVjnvzI2abinBXxnFXLWKSF40nSZqONkaK-l-EgH-iDOSuRk8W3WQK43El9RsJLE-fA1a7t3g3tef6f6Wr0hhKZuU9I13_uh5TfbVxwsU9FDFy26XS6J1ASQDlhNee7BBqUMAwRH8R3prbHg6P1t0g4Gk_2XpLMOYGjehicG7Omp0pVLpttBvfYu4tuWMs2ZNL7fZTuKUN9Yn-o7JlyG8M-pkd6DwpIW8h4EugfW13hUFwxc&sig=Cg0ArKJSzP0yPJXVvSZmEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs.min.js
code.createjs.com/1.0.0/ Frame FFAE 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:59:53 GMT
300x250.js
i.kapook.com/gorralit/kapookmarket1/300x250/ Frame FFAE 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/300x250.js?1593430650619
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
last-modified
Mon, 29 Jun 2020 12:17:35 GMT
etag
"5ef9dbdf-65d2"
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
26066
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FFAE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:44:53 GMT
399297.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399297.js?json=1&async=1&cs=utf-8&rand=0.21547208312101285&num=1&as=2339333&callback=callback7063650689941026
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
2ad1e7c7c3798df3e7f40051b14bef4cc986dd8bfb9cc164f3c13276ee284fc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2146994.jpg
cdn.th.giraff.io/cdn/images/380x200/94/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/94/2146994.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2af272519bbb10f3df032cdabc2b7e50d6f1c1c2f6f10e38dbbcaefe6b8d134

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
cf-cache-status
HIT
age
347193
cf-polished
degrade=85, origSize=53047, status=webp_bigger
access-control-max-age
1728000
content-length
25325
last-modified
Thu, 23 Dec 2021 07:18:06 GMT
server
cloudflare
etag
"61c422ae-cf37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 09:18:19 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419ce38c364dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
2153731.jpg
cdn.th.giraff.io/cdn/images/380x200/31/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/31/2153731.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32360e3c4b24b30e30f433ee6ae3c9855e028b5ca3723579f64da09c7714a68f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
cf-cache-status
HIT
age
27560
cf-polished
degrade=85, origSize=49128, status=webp_bigger
access-control-max-age
1728000
content-length
23357
last-modified
Mon, 27 Dec 2021 02:05:07 GMT
server
cloudflare
etag
"61c91f53-bfe8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 26 Jan 2022 02:05:33 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419ce38c384dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
1850004.jpg
cdn.th.giraff.io/cdn/images/380x200/04/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/04/1850004.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02727528cd686f9059616eed5d2510eb94d074c07456c7c8bf46b188c34eca85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
cf-cache-status
HIT
age
549031
cf-polished
qual=85, origFmt=jpeg, origSize=30487
access-control-max-age
1728000
content-disposition
inline; filename="1850004.webp"
content-length
13420
last-modified
Wed, 24 Nov 2021 08:09:24 GMT
server
cloudflare
etag
"619df334-7717"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 01:14:22 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419ce38c394dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
logo.svg
code.th.giraff.io/data/ 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/logo.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd396cba7949e705825c1cfc7f12946cce49176ee3d7da4ca179aa864674674d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Oct 2021 08:35:11 GMT
server
cloudflare
age
26
etag
W/"6177bdbf-30d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
6c419ce3490d2bad-FRA
expires
Mon, 27 Dec 2021 09:45:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9B39 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 27 Dec 2021 09:38:17 GMT
expires
Tue, 27 Dec 2022 09:38:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E177 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03fdb437d88cfdd13108407879e64b7d699271c1e0b9494600f91701d150be22
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GfE4pFVQpqtZidooV94mag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 27 Dec 2021 09:44:53 GMT
date
Mon, 27 Dec 2021 09:44:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-GfE4pFVQpqtZidooV94mag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 634E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 27 Dec 2021 09:38:17 GMT
expires
Tue, 27 Dec 2022 09:38:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
396
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EA17 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
98c5ae7bea678283d52343d3edb6a3a1a1973140e7cf788c675dee7d8f765aa6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sahUF4KHKIxRQ5Hiev3UMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 27 Dec 2021 09:44:53 GMT
date
Mon, 27 Dec 2021 09:44:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-sahUF4KHKIxRQ5Hiev3UMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame B57A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYg4HwvAEwAQ&v=APEucNVXpdWnTNkiOfHErJOcNNVuN7zr6a79j-9LlLgz_-YCox0fH95j-5sx_2OKgUL2Twgpy_jvAvkIWjvD4RIt4JFBKNSZBiXCbrZUY9Q4bk2WTFOPISV2NVMjxL2CLagDoyPIoUgyrVVvPrNPCkx2h9P7ugZZLOM6aEHX-DeKxM1CWjwg-fg
Requested by
Host: 05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
URL: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 27 Dec 2021 09:44:53 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F52C 		72 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdwF2vyo-394jTK_HEb5V-WzbBhlNiKrFyy_tQsMbCw0KBNFFzdKm6ZRFv68Yv__AteRvlwEDt6J8imlkjLUfRvkvchcCaUJ0eiKdT9ObMb1G4oEtSOYIht-qCyThHYQomwEAj9FsobtsrefB-Psi8EthWsw&dbm_d=AKAmf-DHX8fzN6zW9CSAdUwNxFLtKQLAz3MSSDULAjcIrhBhV3erhb1HyYlLl644x_Oh4naey14GUwKLMwkxk6posJXbsClaauiEpuXzVU9hc_OLeWMjVDbbr2nBcg7HNIq0m-61ubbWUnOcvknD1dAA6C4WGCQQCUNpAXKP_u_2Wxu6iSMz5WOE8kq-tVGzzbxGeOG2p2Zrjl1u3pYxEx_yIiG-mJUQvsGRXk3xX4DjKTjQOpWKeYkmkzSo0_oX0t5f1TjpzymucCE5l_GPkltp0FO6eD8edsG7c_TTN0lgE8FnDDYfQhw6gpeH03Hw0vWuVc_-KqAF6CR9GGD8CcFTCWHb96j8V9cUn-ZMQIQBDONq7LNfey-2aNSP9eSps8CCT3Gmo3X09DD7ujwQG2jsu4MlpFjVzTDvWwTU2HaeVayqejv334Ex_eAd6fsAi0T9wNP5ExQVTC1F8Kudynayxlw2gWeMy28Lw7Lh2b3PabwgRmcsNNQ__TTdZsXq_OyWrheP4yukA6DMQGIujed-3_wrksaHRGw_1oKObfGFtG21Gp3lQahnlFKJD5r9GJIS3sUULPHtkrt8AKpF5pYUBB3jWvFkaBokBR9uLVuw7bR5hZGXutih2d6_NPTFGocH5GmOkT7DFFEmYYUYVWl1ylBQj0kVB4HVoDlyxZm0mkN2iWSufdLaT2IiKBto3eaZCbG7JA__xWTBxC7neNfaCFtgVLUNyp0QaPFsSqA0MnRo2Ar3fHBd_jvHe-DJyYKYi15nvZ3x3NY_0onA_trHTntw1XJZoxQRaEetgzLlHXCpvmU2t4GasCQyqtuOt3ntrQu64K6LuiUhpPb5c1U_bnS9fu2Mn88sLm-yWPSnmH3lxewRcVRdDXIHFZuvTJAH0Vu9hziNcFhPEnzqrjz1n2gVggB76_5nvT0PguFFQftnzUpqmR56rTt-T5WUaElTTNSDGKGl-uETCeAJ92D1ZnzCWWhRDS20tXu2OeWz3eCcD4ufd5kWLO86B4etyjlEVlDFW4X59pA_4m7phvylOtdXezhFQvo6tt-2kTbzZTd7BTbIgrA1US-1ctZ_bfTMNg0HLiLJTI-DYgfrMFUtkb37ScVuYla3Hskhj8a7gM2dPzpvd62jwFkuB41o1KaoTKIDf7JlnSEY3EH9z_JWalOyNclofrNZ_9AhHH-XVYDG_ia_fe3sCLX7dl_YaiecZ2fMrNx7Sd_lDnkOI2TbpeQ01pVzKIpMvRH-eGjbfPk6qaRZui0YV6hJpt55_D5_YWgtzcHGywKUb-32cObvFdOtgKKjlKkUsxLl8sunqX4g71idPwDonW_RTkIK9AL63PCTjSHsgsB6oMsnECFyEIY5llWg-tMrk3Bu99Gxi5gG7oICeOe_dFnHqjzM54sHUhf31dTk9rSZiArAW-7AlapSRLccIleYJ6BKnel9QV58gQitQFXiwCpPun20Hp3hHXIMzArllg7R37FCz3DVb-GziU2jWZS0ZOXc4fsGqVV6_fH56NsLHLEL_3CNzSXKnnigDqsJMxxhk6oo4leqO7A5-YQgU8dwwz9cvJ8HTF_oo-ToppWnkVIMZ7HFv5AxscSAk1teriKpWk3x-NcT3YdYn6iznkzbEJHbj4-KtuJ-10ThXKRqStkU24SHZm0q61YeAlZV8eLcKbm86sF8tUjYZ4jzLqq2ZMrKSILS72iE31ufbmNWd7pD9qELd-E6c9TuZSq2FxPkXxKPEqTEgpe355ZjAz63ELLnSc5SRCATOlnMUrLujhppgqXfghDVSN-7nvxdZhHebDhDm9_QeHGRPfzfO655u8-fNNt73BEh1SI7dzusyjACTbvBLQ7PxIvaloaFXmJLIgSipcRGiIRjlJB44rhxv_Q9s8nDHt88vNqq2U1CEgAo4lFdETp9QESXeF4knKokiljchq9-3z9fffNYCK8Fk2A8240OattaIgrVQsEdvUaaBwfhl-1K7rywNM9pgOXJPp4jc1tzJiE2ZGyNBiNQl9mUJ31NBWKQN6MtVJpWweKUqU0kdBU6Gmc6ua0cpunVbyE2HQkc8HoaPfBbH13UNdwTe7oE447OpTOMb7R8h5yWDsptVHKJFo9b_XzL30OVCqF8JvgtZJzYNKoIGIJL6_QG2ODOLPodZmRUZmHwoCaY4hzWqlS65VSNLBD80_rzWLdUUGtK1zhg1epk0QhWpGoCHL2HsIxfbdDH9HvOFS9YuUqe8HCzb5kRuo71MwEjOL6XaaDiyXTLb6JGDfN14ARa2StS2Iq-ZJ0zpjQXVUO-q1dwpfJXkBtaqzh4bKGn4w8QJmDOvc6Pey0130axv82LsdArK2ilia_UPeLa1gZSg0iYU3LAUafWd3h3Adh88UixcFu3QzkB9Fpb9LzqiMjJ3RqRGVXrQrUb5w7qovJYgIonkOZUi_vRCVKk2BPtykIAPThJkgpxLjW9OLliCXxb5Nc1rxGiVZB4ebjcbSdW-6_1_7wvA18KpbkyD55j0uVo_FCQkFC_IFL6ojhJ6PulcPLFTT1R1TVeJ4QZWfL6pnvF4Yox0Hr_9D0wc2MSOPjkJT6qMPsjFRwnA_VBTmXmGu7bwNRarbcEu4g0BCRpWv9eeXvFLzMtsJz17F1LFZq_uzHiQ4kz5ZdU7fV7l7aIdH6f_IKRDX79eQaec2RD7osCZTcaA5OSTUyMZsmPiJnNyIyXt0viBttITeqVuhTDvfix5FOCBK3ujq9G8px_X1IdxLoKI8nWLadw4Lu-Mdb_Q-ylmrlnC6WUXIdbEdBroB5gLc_uEaKd8Xwy38bidUd_Csw7NYfZfN0qY5a_JEo0aNbM3NdHvvKuP3oWdt88lF4XQUn7oEs1WzjB7HP-Ix-lVcpKBeiTualbytuQeXDPW3yMuJ4OzoSYxQzEehplY4NsI_t8_2zc3wgXcejHFy8ql-ihu1q_m5NSCYDJxFT5JzA13Hx8lSp30rv9RrqS7whFI9g6VCvaYg0GTBXglDA2OQMUh6DTv8PEYWPPOb5GptemQI5HC7ELB6goz4BRgPc5Wc8vcQrFRHFbV7hCEe7Uw84O3oWb1bA0mE2s8S2n6rq3hwW0hiXsMA&cid=CAASEuRo1y1nB4jKIi8LjPNb5BV2Lw&rfl=2%2Chttps%253A%252F%252Fhealth.kapook.com%242%2Chttps%253A%252F%252Fhealth.kapook.com%252F%240
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdbd23c52fb995fe9d664142f6352b24847b7c0afb3ab4fc17719e7584e66920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30176
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F52C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKDCSBWetEZr5RNQH05sVTRSkaLkUCJD6mmqcD8W2Hmz2vK3aZ3cuC2IWTJJFGatAXj2jiv7ivYRd_NaJnTEIuohaJ8iHf-xERlKgJcG-OXTvJV44
Requested by
Host: 05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
URL: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F52C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
URL: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:44:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F52C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
URL: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:44:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F52C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
URL: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 08:54:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3043
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 08:54:10 GMT
l
www.google.com/ads/measurement/ Frame F52C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSW1hatejUv7sd9zLag_Hdr7xJG3rHhaAFVbGKjTEWK6RNLzygTHkU27g3PFu-q_AsYNc9-U0crEs9kwD99765jDpAs3g
Requested by
Host: 05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
URL: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3600 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a82c0a139a5f702d6487500b4c076d9971df1fc465307c81af7a1e2059cd6c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4319
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FB1A 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJsGDAeXJWwHsN6xiiEn1EQGcRyWtfxLadn4wRQkvcoslZHJpP23lVtl5KuE00c3ZWsU_8jlVdUyrK_ysjVrqIAU-1ZZeN4lWC9t1I-H2thn-Y8G7fTfux03b5ZCmJY5UAhl306d8VTtRrXyrJs2Q-_70bpiJUcnV4osliTwThqAck_-sipZDoirGW80-ja2nTk9WLLABbcBEodUe8NJfcu8LbT8U4DtpeGng-0z50PkCh_skQuXBnAogs6RbLwW3OJnUqLh8lq9GH9rf8CiXFhs3u5cQ5QetSgjNGc-J41d3LtTlLX5HgGpG4FfCNEBA6HNs19YrQ-0bj6yo8d0XI-pshHVkwHcv5o1Z4RPwHLTFHFYGWmJ97StdYYKcj5_QflHfdk1JWdpBIm587Q0pN-tkIx9Sasotem8x6wNeM1V1J1EkBlk664aFJdkkjEr-oLok6Bm0UMUZKVkpCIDVE42_j3TcCeAdPwqCfSVsiCr7ZudG4sY12CANOcsGLFmXDduA6gAgNZBhhCQ_YS7unsvtmTbDu4n_Jw-AXQda64P7bfoayHez7sLIHyO87MltF3ZByz-fy4BZtliebqqj2enmJ8hL4WKIyQjSqmddW1gFguXRKOEkEW1xWi3yeKsnckAISQuPKjFt4JIs024eQg5AGsqfA_osLGkW5orFSBAoDiZTbTTM8zotG67mQ4J_m40_jBMlWzr1Alvn3njatItDjqAgJc1mAb0qbw9Gqh0xVjDUPBhZHxYDRdCJa8qEMmo-OMua7PjQ55iZLwVUPrGjIt-6uWGDScLq5l_lFlooM0ZI0SJs-Q0q0DOy5eSgFQHYVs_lHwcOfv0uAb3LoM3zUOG9B07C9lMmIEbO_HsCBmlhpwEZyzwfxz5zrk3mAfuNcuqAjGvLLvsmU9C4ba3pd7DqpQJoPBSaqQ0OxGHdHqpX5h_YmZX5WBlEGtQm4dV2T6JEdC_mRTv-Rp2lQPIK6KQWVG-gpxh-Sk8WNoPIn46DLEIUuyUCogauOTSP1R6n5HYcbk3tCmPkqLKQe5DV0qZsIwgBhmM-dZf1LZnrcX5ZaDgR7JRCUPQwd40P5Ej4RqUd6ezPyKzaL-gzwqYfhbht8_gTGz49mo5xSduhx93RF6rmcVry3-eDde9dAJODVDPJZ8o6RHyukI0NcicpZ7LYWK7ApHPxXIiwoKHKCJpoASwZhAUaz8--VsRifay2yt6yFQ9I4LE8UtT7kMp12qEJ3RVvpn0yiLS6einok-7Rg&sai=AMfl-YRR0QFxqxLUMF7X2wyJOfZKt-Cbcr_PAPqHO9U3QIO4AZQrK_SPoIufDP2O5Hy_ORVVbWW3SQh1vifR29vV5wXw1O-MHr4GFGu5p9c8oY5t_tBfAQm6SwvCoNz-ds1IQkU4&sig=Cg0ArKJSzOYEjjsAvvMEEAE&uach_m=[UACH]&pr=8:BB0D7E6172DDEEDC&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=442&vt=11&dtpt=271&dett=3&cstd=165&cisv=r20211207.77249&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 9143 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS7BYeS1HGa6Umn1cVO_gWUd1u1ElbJbOB9jTzSqLEK-L65bkrdPcGnwui4GCGkZ-GzoI2OAyRl_UZGOSlSMgTTOwBk4id7aIUnsF-NWtrTEQdQuGeby7g1gtxVCwl-TMqDbWlHRjR1t1vmGsmRTiFIe9QX9NUtDNXYU8C_SGJZymHsk73AfVF_ck9P5UICAb9t1Z8KzHDRxEeOE8qQ2jwWHg8AEXf3eNGJ8bHUdH9iz0qoIzhmMfMo44kT8plg5sgHtVrWsPDdKPDBjjYWD5dL6-HLWDfAK6n9dYp4Ntwu55sSTtzmw&sig=Cg0ArKJSzKnLNuoSSM8qEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs.min.js
code.createjs.com/1.0.0/ Frame 9143 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:59:53 GMT
728x90.js
i.kapook.com/gorralit/kapookmarket1/728x90/ Frame 9143 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/728x90.js?1593426663539
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
5c3cce8b8b874c74b9689d26608f7ca173bbf1982a809be6ee9670ebb9c38824
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
last-modified
Mon, 29 Jun 2020 12:11:54 GMT
etag
"5ef9da8a-658c"
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
25996
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9143 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Dec 2021 09:44:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3600 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 27 Dec 2021 09:44:53 GMT
rum
dsum-sec.casalemedia.com/ Frame B57A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIN4GV2g5ixlbc-knrpX1kc&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIN4GV2g5ixlbc-knrpX1kc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYg4HwvAEwAQ&v=APEucNVXpdWnTNkiOfHErJOcNNVuN7zr6a79j-9LlLgz_-YCox0fH95j-5sx_2OKgUL2Twgpy_jvAvkIWjvD4RIt4JFBKNSZBiXCbrZUY9Q4bk2WTFOPISV2NVMjxL2CLagDoyPIoUgyrVVvPrNPCkx2h9P7ugZZLOM6aEHX-DeKxM1CWjwg-fg
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 27 Dec 2021 09:44:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIN4GV2g5ixlbc-knrpX1kc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B57A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YcmLFTkXu3avWCJj23WvqwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIN4GV2g5ixlbc-knrpX1kc&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIN4GV2g5ixlbc-knrpX1kc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYg4HwvAEwAQ&v=APEucNVXpdWnTNkiOfHErJOcNNVuN7zr6a79j-9LlLgz_-YCox0fH95j-5sx_2OKgUL2Twgpy_jvAvkIWjvD4RIt4JFBKNSZBiXCbrZUY9Q4bk2WTFOPISV2NVMjxL2CLagDoyPIoUgyrVVvPrNPCkx2h9P7ugZZLOM6aEHX-DeKxM1CWjwg-fg
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 27 Dec 2021 09:44:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIN4GV2g5ixlbc-knrpX1kc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B57A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKcVJZfkGC5fqRbMeLgTsW4&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKcVJZfkGC5fqRbMeLgTsW4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYg4HwvAEwAQ&v=APEucNVXpdWnTNkiOfHErJOcNNVuN7zr6a79j-9LlLgz_-YCox0fH95j-5sx_2OKgUL2Twgpy_jvAvkIWjvD4RIt4JFBKNSZBiXCbrZUY9Q4bk2WTFOPISV2NVMjxL2CLagDoyPIoUgyrVVvPrNPCkx2h9P7ugZZLOM6aEHX-DeKxM1CWjwg-fg
Protocol
HTTP/1.1
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:53 GMT
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
409ba403-ca34-403c-a0ae-3e65b9f039c9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKcVJZfkGC5fqRbMeLgTsW4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B57A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAwNzk5MjI2NzkzODA1OTIzMQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAwNzk5MjI2NzkzODA1OTIzMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYg4HwvAEwAQ&v=APEucNVXpdWnTNkiOfHErJOcNNVuN7zr6a79j-9LlLgz_-YCox0fH95j-5sx_2OKgUL2Twgpy_jvAvkIWjvD4RIt4JFBKNSZBiXCbrZUY9Q4bk2WTFOPISV2NVMjxL2CLagDoyPIoUgyrVVvPrNPCkx2h9P7ugZZLOM6aEHX-DeKxM1CWjwg-fg
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Dec 2021 09:44:53 GMT
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5e30a1b5-b0ec-4899-9bbc-f493898f3b15
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAwNzk5MjI2NzkzODA1OTIzMQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame F52C 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
Origin
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
758
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Dec 2021 09:32:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame F52C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdwF2vyo-394jTK_HEb5V-WzbBhlNiKrFyy_tQsMbCw0KBNFFzdKm6ZRFv68Yv__AteRvlwEDt6J8imlkjLUfRvkvchcCaUJ0eiKdT9ObMb1G4oEtSOYIht-qCyThHYQomwEAj9FsobtsrefB-Psi8EthWsw&dbm_d=AKAmf-DHX8fzN6zW9CSAdUwNxFLtKQLAz3MSSDULAjcIrhBhV3erhb1HyYlLl644x_Oh4naey14GUwKLMwkxk6posJXbsClaauiEpuXzVU9hc_OLeWMjVDbbr2nBcg7HNIq0m-61ubbWUnOcvknD1dAA6C4WGCQQCUNpAXKP_u_2Wxu6iSMz5WOE8kq-tVGzzbxGeOG2p2Zrjl1u3pYxEx_yIiG-mJUQvsGRXk3xX4DjKTjQOpWKeYkmkzSo0_oX0t5f1TjpzymucCE5l_GPkltp0FO6eD8edsG7c_TTN0lgE8FnDDYfQhw6gpeH03Hw0vWuVc_-KqAF6CR9GGD8CcFTCWHb96j8V9cUn-ZMQIQBDONq7LNfey-2aNSP9eSps8CCT3Gmo3X09DD7ujwQG2jsu4MlpFjVzTDvWwTU2HaeVayqejv334Ex_eAd6fsAi0T9wNP5ExQVTC1F8Kudynayxlw2gWeMy28Lw7Lh2b3PabwgRmcsNNQ__TTdZsXq_OyWrheP4yukA6DMQGIujed-3_wrksaHRGw_1oKObfGFtG21Gp3lQahnlFKJD5r9GJIS3sUULPHtkrt8AKpF5pYUBB3jWvFkaBokBR9uLVuw7bR5hZGXutih2d6_NPTFGocH5GmOkT7DFFEmYYUYVWl1ylBQj0kVB4HVoDlyxZm0mkN2iWSufdLaT2IiKBto3eaZCbG7JA__xWTBxC7neNfaCFtgVLUNyp0QaPFsSqA0MnRo2Ar3fHBd_jvHe-DJyYKYi15nvZ3x3NY_0onA_trHTntw1XJZoxQRaEetgzLlHXCpvmU2t4GasCQyqtuOt3ntrQu64K6LuiUhpPb5c1U_bnS9fu2Mn88sLm-yWPSnmH3lxewRcVRdDXIHFZuvTJAH0Vu9hziNcFhPEnzqrjz1n2gVggB76_5nvT0PguFFQftnzUpqmR56rTt-T5WUaElTTNSDGKGl-uETCeAJ92D1ZnzCWWhRDS20tXu2OeWz3eCcD4ufd5kWLO86B4etyjlEVlDFW4X59pA_4m7phvylOtdXezhFQvo6tt-2kTbzZTd7BTbIgrA1US-1ctZ_bfTMNg0HLiLJTI-DYgfrMFUtkb37ScVuYla3Hskhj8a7gM2dPzpvd62jwFkuB41o1KaoTKIDf7JlnSEY3EH9z_JWalOyNclofrNZ_9AhHH-XVYDG_ia_fe3sCLX7dl_YaiecZ2fMrNx7Sd_lDnkOI2TbpeQ01pVzKIpMvRH-eGjbfPk6qaRZui0YV6hJpt55_D5_YWgtzcHGywKUb-32cObvFdOtgKKjlKkUsxLl8sunqX4g71idPwDonW_RTkIK9AL63PCTjSHsgsB6oMsnECFyEIY5llWg-tMrk3Bu99Gxi5gG7oICeOe_dFnHqjzM54sHUhf31dTk9rSZiArAW-7AlapSRLccIleYJ6BKnel9QV58gQitQFXiwCpPun20Hp3hHXIMzArllg7R37FCz3DVb-GziU2jWZS0ZOXc4fsGqVV6_fH56NsLHLEL_3CNzSXKnnigDqsJMxxhk6oo4leqO7A5-YQgU8dwwz9cvJ8HTF_oo-ToppWnkVIMZ7HFv5AxscSAk1teriKpWk3x-NcT3YdYn6iznkzbEJHbj4-KtuJ-10ThXKRqStkU24SHZm0q61YeAlZV8eLcKbm86sF8tUjYZ4jzLqq2ZMrKSILS72iE31ufbmNWd7pD9qELd-E6c9TuZSq2FxPkXxKPEqTEgpe355ZjAz63ELLnSc5SRCATOlnMUrLujhppgqXfghDVSN-7nvxdZhHebDhDm9_QeHGRPfzfO655u8-fNNt73BEh1SI7dzusyjACTbvBLQ7PxIvaloaFXmJLIgSipcRGiIRjlJB44rhxv_Q9s8nDHt88vNqq2U1CEgAo4lFdETp9QESXeF4knKokiljchq9-3z9fffNYCK8Fk2A8240OattaIgrVQsEdvUaaBwfhl-1K7rywNM9pgOXJPp4jc1tzJiE2ZGyNBiNQl9mUJ31NBWKQN6MtVJpWweKUqU0kdBU6Gmc6ua0cpunVbyE2HQkc8HoaPfBbH13UNdwTe7oE447OpTOMb7R8h5yWDsptVHKJFo9b_XzL30OVCqF8JvgtZJzYNKoIGIJL6_QG2ODOLPodZmRUZmHwoCaY4hzWqlS65VSNLBD80_rzWLdUUGtK1zhg1epk0QhWpGoCHL2HsIxfbdDH9HvOFS9YuUqe8HCzb5kRuo71MwEjOL6XaaDiyXTLb6JGDfN14ARa2StS2Iq-ZJ0zpjQXVUO-q1dwpfJXkBtaqzh4bKGn4w8QJmDOvc6Pey0130axv82LsdArK2ilia_UPeLa1gZSg0iYU3LAUafWd3h3Adh88UixcFu3QzkB9Fpb9LzqiMjJ3RqRGVXrQrUb5w7qovJYgIonkOZUi_vRCVKk2BPtykIAPThJkgpxLjW9OLliCXxb5Nc1rxGiVZB4ebjcbSdW-6_1_7wvA18KpbkyD55j0uVo_FCQkFC_IFL6ojhJ6PulcPLFTT1R1TVeJ4QZWfL6pnvF4Yox0Hr_9D0wc2MSOPjkJT6qMPsjFRwnA_VBTmXmGu7bwNRarbcEu4g0BCRpWv9eeXvFLzMtsJz17F1LFZq_uzHiQ4kz5ZdU7fV7l7aIdH6f_IKRDX79eQaec2RD7osCZTcaA5OSTUyMZsmPiJnNyIyXt0viBttITeqVuhTDvfix5FOCBK3ujq9G8px_X1IdxLoKI8nWLadw4Lu-Mdb_Q-ylmrlnC6WUXIdbEdBroB5gLc_uEaKd8Xwy38bidUd_Csw7NYfZfN0qY5a_JEo0aNbM3NdHvvKuP3oWdt88lF4XQUn7oEs1WzjB7HP-Ix-lVcpKBeiTualbytuQeXDPW3yMuJ4OzoSYxQzEehplY4NsI_t8_2zc3wgXcejHFy8ql-ihu1q_m5NSCYDJxFT5JzA13Hx8lSp30rv9RrqS7whFI9g6VCvaYg0GTBXglDA2OQMUh6DTv8PEYWPPOb5GptemQI5HC7ELB6goz4BRgPc5Wc8vcQrFRHFbV7hCEe7Uw84O3oWb1bA0mE2s8S2n6rq3hwW0hiXsMA&cid=CAASEuRo1y1nB4jKIi8LjPNb5BV2Lw&rfl=2%2Chttps%253A%252F%252Fhealth.kapook.com%242%2Chttps%253A%252F%252Fhealth.kapook.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:41:49 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame F52C 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdwF2vyo-394jTK_HEb5V-WzbBhlNiKrFyy_tQsMbCw0KBNFFzdKm6ZRFv68Yv__AteRvlwEDt6J8imlkjLUfRvkvchcCaUJ0eiKdT9ObMb1G4oEtSOYIht-qCyThHYQomwEAj9FsobtsrefB-Psi8EthWsw&dbm_d=AKAmf-DHX8fzN6zW9CSAdUwNxFLtKQLAz3MSSDULAjcIrhBhV3erhb1HyYlLl644x_Oh4naey14GUwKLMwkxk6posJXbsClaauiEpuXzVU9hc_OLeWMjVDbbr2nBcg7HNIq0m-61ubbWUnOcvknD1dAA6C4WGCQQCUNpAXKP_u_2Wxu6iSMz5WOE8kq-tVGzzbxGeOG2p2Zrjl1u3pYxEx_yIiG-mJUQvsGRXk3xX4DjKTjQOpWKeYkmkzSo0_oX0t5f1TjpzymucCE5l_GPkltp0FO6eD8edsG7c_TTN0lgE8FnDDYfQhw6gpeH03Hw0vWuVc_-KqAF6CR9GGD8CcFTCWHb96j8V9cUn-ZMQIQBDONq7LNfey-2aNSP9eSps8CCT3Gmo3X09DD7ujwQG2jsu4MlpFjVzTDvWwTU2HaeVayqejv334Ex_eAd6fsAi0T9wNP5ExQVTC1F8Kudynayxlw2gWeMy28Lw7Lh2b3PabwgRmcsNNQ__TTdZsXq_OyWrheP4yukA6DMQGIujed-3_wrksaHRGw_1oKObfGFtG21Gp3lQahnlFKJD5r9GJIS3sUULPHtkrt8AKpF5pYUBB3jWvFkaBokBR9uLVuw7bR5hZGXutih2d6_NPTFGocH5GmOkT7DFFEmYYUYVWl1ylBQj0kVB4HVoDlyxZm0mkN2iWSufdLaT2IiKBto3eaZCbG7JA__xWTBxC7neNfaCFtgVLUNyp0QaPFsSqA0MnRo2Ar3fHBd_jvHe-DJyYKYi15nvZ3x3NY_0onA_trHTntw1XJZoxQRaEetgzLlHXCpvmU2t4GasCQyqtuOt3ntrQu64K6LuiUhpPb5c1U_bnS9fu2Mn88sLm-yWPSnmH3lxewRcVRdDXIHFZuvTJAH0Vu9hziNcFhPEnzqrjz1n2gVggB76_5nvT0PguFFQftnzUpqmR56rTt-T5WUaElTTNSDGKGl-uETCeAJ92D1ZnzCWWhRDS20tXu2OeWz3eCcD4ufd5kWLO86B4etyjlEVlDFW4X59pA_4m7phvylOtdXezhFQvo6tt-2kTbzZTd7BTbIgrA1US-1ctZ_bfTMNg0HLiLJTI-DYgfrMFUtkb37ScVuYla3Hskhj8a7gM2dPzpvd62jwFkuB41o1KaoTKIDf7JlnSEY3EH9z_JWalOyNclofrNZ_9AhHH-XVYDG_ia_fe3sCLX7dl_YaiecZ2fMrNx7Sd_lDnkOI2TbpeQ01pVzKIpMvRH-eGjbfPk6qaRZui0YV6hJpt55_D5_YWgtzcHGywKUb-32cObvFdOtgKKjlKkUsxLl8sunqX4g71idPwDonW_RTkIK9AL63PCTjSHsgsB6oMsnECFyEIY5llWg-tMrk3Bu99Gxi5gG7oICeOe_dFnHqjzM54sHUhf31dTk9rSZiArAW-7AlapSRLccIleYJ6BKnel9QV58gQitQFXiwCpPun20Hp3hHXIMzArllg7R37FCz3DVb-GziU2jWZS0ZOXc4fsGqVV6_fH56NsLHLEL_3CNzSXKnnigDqsJMxxhk6oo4leqO7A5-YQgU8dwwz9cvJ8HTF_oo-ToppWnkVIMZ7HFv5AxscSAk1teriKpWk3x-NcT3YdYn6iznkzbEJHbj4-KtuJ-10ThXKRqStkU24SHZm0q61YeAlZV8eLcKbm86sF8tUjYZ4jzLqq2ZMrKSILS72iE31ufbmNWd7pD9qELd-E6c9TuZSq2FxPkXxKPEqTEgpe355ZjAz63ELLnSc5SRCATOlnMUrLujhppgqXfghDVSN-7nvxdZhHebDhDm9_QeHGRPfzfO655u8-fNNt73BEh1SI7dzusyjACTbvBLQ7PxIvaloaFXmJLIgSipcRGiIRjlJB44rhxv_Q9s8nDHt88vNqq2U1CEgAo4lFdETp9QESXeF4knKokiljchq9-3z9fffNYCK8Fk2A8240OattaIgrVQsEdvUaaBwfhl-1K7rywNM9pgOXJPp4jc1tzJiE2ZGyNBiNQl9mUJ31NBWKQN6MtVJpWweKUqU0kdBU6Gmc6ua0cpunVbyE2HQkc8HoaPfBbH13UNdwTe7oE447OpTOMb7R8h5yWDsptVHKJFo9b_XzL30OVCqF8JvgtZJzYNKoIGIJL6_QG2ODOLPodZmRUZmHwoCaY4hzWqlS65VSNLBD80_rzWLdUUGtK1zhg1epk0QhWpGoCHL2HsIxfbdDH9HvOFS9YuUqe8HCzb5kRuo71MwEjOL6XaaDiyXTLb6JGDfN14ARa2StS2Iq-ZJ0zpjQXVUO-q1dwpfJXkBtaqzh4bKGn4w8QJmDOvc6Pey0130axv82LsdArK2ilia_UPeLa1gZSg0iYU3LAUafWd3h3Adh88UixcFu3QzkB9Fpb9LzqiMjJ3RqRGVXrQrUb5w7qovJYgIonkOZUi_vRCVKk2BPtykIAPThJkgpxLjW9OLliCXxb5Nc1rxGiVZB4ebjcbSdW-6_1_7wvA18KpbkyD55j0uVo_FCQkFC_IFL6ojhJ6PulcPLFTT1R1TVeJ4QZWfL6pnvF4Yox0Hr_9D0wc2MSOPjkJT6qMPsjFRwnA_VBTmXmGu7bwNRarbcEu4g0BCRpWv9eeXvFLzMtsJz17F1LFZq_uzHiQ4kz5ZdU7fV7l7aIdH6f_IKRDX79eQaec2RD7osCZTcaA5OSTUyMZsmPiJnNyIyXt0viBttITeqVuhTDvfix5FOCBK3ujq9G8px_X1IdxLoKI8nWLadw4Lu-Mdb_Q-ylmrlnC6WUXIdbEdBroB5gLc_uEaKd8Xwy38bidUd_Csw7NYfZfN0qY5a_JEo0aNbM3NdHvvKuP3oWdt88lF4XQUn7oEs1WzjB7HP-Ix-lVcpKBeiTualbytuQeXDPW3yMuJ4OzoSYxQzEehplY4NsI_t8_2zc3wgXcejHFy8ql-ihu1q_m5NSCYDJxFT5JzA13Hx8lSp30rv9RrqS7whFI9g6VCvaYg0GTBXglDA2OQMUh6DTv8PEYWPPOb5GptemQI5HC7ELB6goz4BRgPc5Wc8vcQrFRHFbV7hCEe7Uw84O3oWb1bA0mE2s8S2n6rq3hwW0hiXsMA&cid=CAASEuRo1y1nB4jKIi8LjPNb5BV2Lw&rfl=2%2Chttps%253A%252F%252Fhealth.kapook.com%242%2Chttps%253A%252F%252Fhealth.kapook.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
cafe
etag
14328493792227503680
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 09:44:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8567 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3053776919855962&rc=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E177 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1764987535653635&rc=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame EA17 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1192596233980482&rc=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 91A1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 15:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
152207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 15:28:06 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 9B39 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 15:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
152207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 15:28:06 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 634E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 15:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
152207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 15:28:06 GMT
399299.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399299.js?json=1&async=1&cs=utf-8&rand=0.2673274261234413&num=1&as=2333851%3A825864&nodupes=1&callback=callback2508316080233943
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
149e9bd34f85ad002264809c5582f3c011980007dfe6ecb03860f2ef6e051b49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 74C8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 15:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
152207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 15:28:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F52C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
URL: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 12:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Dec 2022 12:54:57 GMT
index.html
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		102 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dca8f22b67d4249d434fc54ff8b73fa101103d1c10d88ab2a78be82ec8536ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:53 GMT
expires
Tue, 27 Dec 2022 09:44:53 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame F52C 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfq3huwtfFPS9sOzlBPd_c_tG02fEUIDRyF9AVbDkIqkeHXWMZn3jia8qu7GIl-FuksCLGE8Na_fitMOTVankdX-m30ddMD4E_4paH-ElGgYwy_ioAIDXbJ63zTltGBSHreAgh_Ijkd-OOrWPJFtRE0O-BFMTdMf0COPZhZzyhNVnsahR8tKrQxZ2DmkUnIxCtVAsxPnR0eYMnhiTW3773kTBHXXa4khpqb-J_V1e_8No-A54mVt5kf2nxi0WmeBAYSDL2H_y3gmgg7vGfHuHIXO_uv4tNIM_xMifhVx3PWpIh04_B4RUeE2n3WlksdQEysYYhLZwCTQMW4Dc6Ubwe2RByBUJ97Jl8sDR2CPh2qd99Gf8A9-5jyfc4noxTIzlZ_NYa7ELmeIGfhi1rfN16qYrHDlbo5Ea0lL9XPWdv6RZuFUs3BXJV_twiyyOhZZILyq8VL1OtVTZJ5eLVbJ4tBnLLVhqqCU02jaCZCyBIU-02p_cVmH5UocX83_X-lOUclrzaJEV7X0rUVo7dvEi4_bAzCHXKJtttZwPkauy-8EBd8-m2sPzyB3BekgghRyC6ze1KWAqGnxTLSSQswe9kpEAUSKH5wU3T4rN-YNJyd-HRc8fFDWY-6da7a3kqWj4LwdvpJwJnO1skMb0Ij5a63vpRkc4sVZq-TVqnC9We0E-ZxMLTouYTb1mUVfuSv0MplFMFH79OhYq_sB0j08uRBvEMkKdNWnuPwgzgEBIth65UPfZOa0BTu1jOSTvC5m6d768dafU29_h9-llTfS2JZvJmWgj-IIuE4R7xz63TehTn3n0DmcNDDO77taXemzY2OMUXe8mBDS0XO9QcYJjdWhbuDZoHG9uY23Otdu9ivGDGOWprUoMXGjNojBgnUMF75MDqUhqmFOo215DPKxF-vergJ8_303mSrQteCbxRnLYlIBDLjStnsFBjD6P-URLlU5VMHobRbVYw9KsNFyVXoyP1_LxegED1xMDPbDuOlOGPuhpPtucj5jbiPQeDrbb0RzdV_im1UKtARIdtM-xFbIl4QNy-gVI_mw6TvrrQfeFfq03rp8sIHPbsO3leQjy3aY5SFnUOiRsRjU-jfEOdoXfB5QHXKaaEe1CMSVbCZdOBEe8w99JDGlS5vj9GJIO-XO_g558kn7G6fA46FMUcqEg173RlvQ&sai=AMfl-YQhZ-iIyq9mtxeMzbaJgbkdNHWdjlASj2KxSfI7707vvuhzRbWAYDRhnxPbxhiC9IZWmVqAGSmYewQVstI394t-tR3njFd8KWPxh0nWQhFtvdptxBzUoYADrLcf9HCmDe7X7CU_YnL-86FK9y_P1OB5M5mRHw&sig=Cg0ArKJSzCYMWiQhIRLfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=69&cbvp=1&cstd=64&cisv=r20211207.52451&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 27 Dec 2021 09:44:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CCC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkSXOFIvJYen8HKCT7_UPkr6fqA8AAAAAOAHgBAI&bg=!zc6lzorNAAZKWFskSlg7ACkAdvg8WqjsNPNRO7xZxHwyVkMLHkBpeLX2_n-csyL8M1HHwmqSkIoLIAIAAADwUgAAABRoAQcKAGcKDVoIQTpKYnPYj2BzJnEs1QVH63ggoSmN2uRljdMAp4OszC5QtR39EXg0ziqKHXHh3TCLnZycSDzuxozxehwf83sgyxH729dHXmu3tWd8JEUZPfyFPekk8bfBzn5ybKg5zvgRttfpmQLUeFzo1BnVnRA4uGnQuXo0Se8D3fiBPssPkVn3ZX-W4zlBIg9CxHkldIiOBrJ1N_SC8ToUQQ_r_TaQ1HZCcSFzRXReGjcw2B5-7_mgdzdtzkuPU6Ln0u1cyIEeryHrkBD0Og8-r1QBIg4iEkRUshaJMwwwLvOAgSxFP82uH8f5UKEBNDH3MX4qK9J-WNzLvlzhgv5sIu0ljzM8oEwJUeHVsVHgC91upUdgMPRzRoPvVMssYYHYavHBLaXLxAzw30YuK8GNytxGq7zYaQN-FRv5UVBVIA_dT6GWhAQ7-NKvygwE0k14_FRUdZbxnWJ2FJO4soM7Zdvc62RGV7jDJTTd7YRBXO5EUb-Nqa9pop2U6YwdSHki-564O2mOdPUOC8Vepduf88PRnWHMpI5HxnSDGRcrYyyvFxjR9dA34AKwD6WZxK51xc_01MP0kPaT7QixuCIEOKyqCIwfCv2zjnCBDmiq915BCQxJ5JNC5Q2kYXsBLfhx5O67SsGWqMazTEX2IGxhkeiMm3sXYo89rbzW9OxG0Rph3uC-C9iEAKOcMSfeQt9114Ix0MoRySpnwPXnFhoiMqdhMcZRwYkMFdSWpqwT1xmuYCWRIm8IPApkQkiJ2td-YrmtpmjJ0YWvbzYmWSec4u-v6oLRzoEc50tkR6dWS8Vwtdckt8Xsk7yJuwVXTkeL_oFK6CC56mWTmMxHFORNOXHBRqW2btQ2vqXMI2l8R-gOBE4eZlGHKXHKnn1dRep9joNLuUJ4Npv_o3MlusmP2j5gkE0SudAmYj0oamDMe-V8oyh2GaZSO6o9_N03CI1mJt4mMYWR33ddNTBUrYLGg_9LYeuC0SBavr29wSKz9C_qn163PKZUNsUWN10rVm5sZ00eKtl53YwAm5NvNI1KEoZgogA-mivtLE9_yLRc5ZutVTMjWi5smf2m00wKL7-JZ412RgAVK7amvefMEvQqag
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 72CB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 27 Dec 2021 09:32:15 GMT
expires
Tue, 27 Dec 2022 09:32:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
758
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookieSync.png
pix.cookiepix.com/ Frame FFAE 		0
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame D34C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 26 Dec 2021 15:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64456
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Dec 2021 15:50:37 GMT
399300.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399300.js?json=1&async=1&cs=utf-8&rand=0.8563428806233495&num=1&as=2339333%3A2337298&callback=callback771721538809873
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
cbcb7c952861979daaa0566adb07600f78de797136649fd6a4663da7dc2c1e25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2146995.jpg
cdn.th.giraff.io/cdn/images/380x200/95/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/95/2146995.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b2f3980ef5f158b25dc3ec7bb266737b9321efe8cc18fdac73623f0c656afe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
cf-cache-status
HIT
age
354399
cf-polished
degrade=85, origSize=55630, status=webp_bigger
access-control-max-age
1728000
content-length
26626
last-modified
Thu, 23 Dec 2021 07:18:06 GMT
server
cloudflare
etag
"61c422ae-d94e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 07:18:13 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419ce5f8974dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
2151171.jpg
cdn.th.giraff.io/cdn/images/380x200/71/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/71/2151171.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3adfb6900afd57b4d5626a4ea7619629dfcd57734ce9481debaf7555c97bde07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
cf-cache-status
HIT
age
164383
cf-polished
degrade=85, origSize=49971, status=webp_bigger
access-control-max-age
1728000
content-length
22557
last-modified
Sat, 25 Dec 2021 12:05:06 GMT
server
cloudflare
etag
"61c708f2-c333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 24 Jan 2022 12:05:09 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419ce5f8994dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
view
googleads4.g.doubleclick.net/pcs/ Frame F52C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfq3huwtfFPS9sOzlBPd_c_tG02fEUIDRyF9AVbDkIqkeHXWMZn3jia8qu7GIl-FuksCLGE8Na_fitMOTVankdX-m30ddMD4E_4paH-ElGgYwy_ioAIDXbJ63zTltGBSHreAgh_Ijkd-OOrWPJFtRE0O-BFMTdMf0COPZhZzyhNVnsahR8tKrQxZ2DmkUnIxCtVAsxPnR0eYMnhiTW3773kTBHXXa4khpqb-J_V1e_8No-A54mVt5kf2nxi0WmeBAYSDL2H_y3gmgg7vGfHuHIXO_uv4tNIM_xMifhVx3PWpIh04_B4RUeE2n3WlksdQEysYYhLZwCTQMW4Dc6Ubwe2RByBUJ97Jl8sDR2CPh2qd99Gf8A9-5jyfc4noxTIzlZ_NYa7ELmeIGfhi1rfN16qYrHDlbo5Ea0lL9XPWdv6RZuFUs3BXJV_twiyyOhZZILyq8VL1OtVTZJ5eLVbJ4tBnLLVhqqCU02jaCZCyBIU-02p_cVmH5UocX83_X-lOUclrzaJEV7X0rUVo7dvEi4_bAzCHXKJtttZwPkauy-8EBd8-m2sPzyB3BekgghRyC6ze1KWAqGnxTLSSQswe9kpEAUSKH5wU3T4rN-YNJyd-HRc8fFDWY-6da7a3kqWj4LwdvpJwJnO1skMb0Ij5a63vpRkc4sVZq-TVqnC9We0E-ZxMLTouYTb1mUVfuSv0MplFMFH79OhYq_sB0j08uRBvEMkKdNWnuPwgzgEBIth65UPfZOa0BTu1jOSTvC5m6d768dafU29_h9-llTfS2JZvJmWgj-IIuE4R7xz63TehTn3n0DmcNDDO77taXemzY2OMUXe8mBDS0XO9QcYJjdWhbuDZoHG9uY23Otdu9ivGDGOWprUoMXGjNojBgnUMF75MDqUhqmFOo215DPKxF-vergJ8_303mSrQteCbxRnLYlIBDLjStnsFBjD6P-URLlU5VMHobRbVYw9KsNFyVXoyP1_LxegED1xMDPbDuOlOGPuhpPtucj5jbiPQeDrbb0RzdV_im1UKtARIdtM-xFbIl4QNy-gVI_mw6TvrrQfeFfq03rp8sIHPbsO3leQjy3aY5SFnUOiRsRjU-jfEOdoXfB5QHXKaaEe1CMSVbCZdOBEe8w99JDGlS5vj9GJIO-XO_g558kn7G6fA46FMUcqEg173RlvQ&sai=AMfl-YQhZ-iIyq9mtxeMzbaJgbkdNHWdjlASj2KxSfI7707vvuhzRbWAYDRhnxPbxhiC9IZWmVqAGSmYewQVstI394t-tR3njFd8KWPxh0nWQhFtvdptxBzUoYADrLcf9HCmDe7X7CU_YnL-86FK9y_P1OB5M5mRHw&sig=Cg0ArKJSzCYMWiQhIRLfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=353&vt=11&dtpt=284&dett=3&cstd=64&cisv=r20211207.52451&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 72CB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 15:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
152207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 15:28:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D34C 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67ff08c7f2e19a6f5b50c207840f7ff67a9dd07c248e754566df824f95d5fcae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4539
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BB4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3053776919855962&bg=!urmluf3NAAZKWFskSlg7ACkAdvg8WmUxBu4_NQbg36sgQAQtZISpAsPlRzuKD73cmmJAHGxgFXlCLgIAAAEYUgAAACFoAQeZAtZRd3kMtBBPi3ZfGcKySEOtSyf7HauKYVxe9dlDgHXnQXTW46X--4AI_uExn7bx2CLYJAfl-WPHn0qkYkqiO62WvlTe05c3oxPm3Z3oKq8OEH2KPLLcJpcT4oTgT4BL5NHUYrLW5XjivOVJs8HmtUDkj-UnNViL8w7Fu6Li24TlOn4U-EZwvn2ULi_3V2ZhSZVhlJLMT0_Lto7LdWopNXrakT-5csb_IU9GsT3wofn3_LQJ1B1ZcZpoFI_Cv6BPpvufLdiGTem74x6KQW5RlGgTw1zDA0rByD7o_7aoH-7x7FwptQs8cRcGcKTe3JRqnpCiawdWPLW9S0ncVft523qB5CXa0f7Eo2GXk3coR6tPhFnnDxKbvLjfKx1bBIu7l771EOGloaS5vvDX1IhFx0MMpg7n75q0ySNOVMRuNmt1ZdREp_hqaXUnxVg7o4yhPw1NfrDH-B2Kma38sCmlLxhMJ3xBEOon2vAXrclsKIIzlEtysF94ktBl0E3S35_OtVku9b6jyGNQES2TOjTV0Di4Huu3R5bUfu30xNWZDpDdPsWoLMPGIqiQF1v_wBPE80HgD-hV29oCQU9xn0GjzEf8FMDad-0xn5S4QWdHV2OMIdTtQJK0ax9EI95aWrkBhnC8_wCp-Mll5qB-7yGOLev3otMyufLsWWaQWfi-LEoXq7_VQ5-mDKjgjzENm3l_W5H7NWK8U-K96JEREz4vwWbtApdJPfUhIBLMlh4DKiVkllL8X4lZeH3JKNyTS8ISehO3DLwVZ6eAjitxfLy3ZcdXCe_k4YIsldcoC-q6Rjdg8WpcrTQkyCkPrnZCofGBZWIbaPJy-RN5fcqn1-mMRZcbZW8jHoaBx8kEjiYdysVfRxHtqETZSg0WMUdUuWpJjY9iFfN0Md6DDeJ3cGwEEW56-WRSOW_hDZAD1Ff8CrNCbH76ZB3TLTnD_PcB67JvMf4tnldhaXM
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0E89 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156743&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame A09B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1764987535653635&bg=!OzilOHzNAAZKWFskSlg7ACkAdvg8WgocIxFDT71KpepoAKxDOtu3ejip5x5xDMK_leUp5IT946GcbQIAAAEjUgAAAChoAQcKAMZHPEXvTVAbxNCkoD2fUrqh-xDzhG6NyHpTKJTd8ei4TguS-dDZBnMtzT1P2iprPZIwP6KEjgnJzR7basv11dd9hjR7ibYy37CDKWdULlzHSCw9AYexe92rkEMBkbSOsxPnmvP34slsrq3hXYE3R05b3YbFPxF4-1as-gIwlU_ndUJ3pUCVrw4zRyA0AfJ0IT0G_cQsDR0a6jcx3VCEylbcDaa7obCqTxCa58Im6Xe_Kwbrmx8i8BaWarf9BxYx9qN1kq-GzzSZAtHTFsr9WZcwuhedKvxuxTDN7qxbYkon51Gap4vNDsz40oh3dj6kNpwWV09D9ogWJ0CFvMhzYyl0EvknMqbn-shd4Zk5zNqnpAMKNJlzHvgv-eB0IVc8zNBrwecmn5ksZbBVqPHlshHLGLlS5HEJhtlG8xZ9Hj8_7VYlnlhD9j9dkputwPPRwp5vz02YNzyIe3qXt5FhXK0Gtq9pV-uFAS3fS244EhJmVoVW4Zb6T6NERGY8Eg6TNpxdXRXFIpqPB3DW-mr02kxdkicDP8yY7ACYTupxdOwi1oYpqOJCS6_ZWzXbpvgi484qQbmZFY9cGzUPkRwRFlCRDjn_i40XhkYtjKyZa_x0841KA-mYOq5XXLpKybPgHyYIBtTK9Q5LOh0t1OV-3qK9lVqO3BJ-Wol1p6bTMHDnxXDBE8lphy0ARr3EP36jEqPaRiKjm_GJoLbEBJ0fT2FVvw8-PGCCQdIEXUiQW_GIkpSzf25Pyd6EymO3VSeixDulh3Adkq6WfflD8mJVCDsjH8rHSGTLUV7oXU-G2Abam8DAOzeMYfuyjm9eMTkxsTwJTS_XYX7qNNOtaVJHOgUaTxajh4I3oKc9fANd4qwRxSQcHDkddroUJzIJdh_e54Lvwhe8MoR9K-1hr5_Y0puRwOf2pH9UZ8C5yJLP_8i-SfHyq0zfn0jEI-7fhlnyD7o9mcvRsNA9lQ35r26npCM0F3IC_yPJh2ytxfHV4U4d9fHeRM33jufvoFqTXCFgxS4-Vnmb_I0MbCH81sZ3agSWSBHT2S34_8rqQWF2MmF6gobcb94pHTUsVg81lWyw7VMNpTWPkYv3devWJ2uoCyCtuwJTD2Lxo4dYslP0Px2KDhmKfMhK3TzqR_Sf6DgyD50lHRiviB1WrUtIyeeyforkSxII8IftUI_nG8MSs9wsnm9u-43GO5aC1GH6Xicg4KK5JntUB2s9Hg1j
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D34C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 27 Dec 2021 09:44:53 GMT
399302.js
a.th.giraff.io/data/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399302.js?json=1&async=1&cs=utf-8&rand=0.6064953479213027&num=2&as=2333851%3A825864%3A2333852&nodupes=1&callback=callback5183068491162894
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
949c6914915173257f9c5577d309cba426b296bdda5a2be2c4341e1cb961ff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AAB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1192596233980482&bg=!c3ClcDTNAAZKWFskSlg7ACkAdvg8WseyG9n-KgfTBLXAUQkCM56G_Z0cwmRB_RHLI8Th9sMj4YIwnAIAAAEGUgAAACloAQeZAtG9pIX42Zr5WFMYrUeceWDf3h5euztJ8xYJdIUN_12tTNWL-BbSeecmvQF7POIyDcNmT5cB2bjXbB-bkhR9Ma5UmPOJcpcjn0ZAuX5gKjl_Tinbf4pTzFRM5NorjDdhUL0DS-y-nv29SV3xOiH72fFm_YXzLE2YqcNLy0xGhVTxaJd_1fVecH4F16dFJHYrSoJuan6AV3P5_qzRrUs6AhgOEjNCtYy80gmdwRUAjJKzSy9Eoq380uw0PNvHH4CDLiGWuOwjN0TdGmjD9Q7E0rUf0tb4qcYnDia6R9_NOlB4jj-gSxWVy2ro2KxgswOus79n0lNGj0At3DoHZq1oVQujhZPobJGAMLOXxHwlA-Yw0kg1HLJdJSKcQJ0csqc25ka5qybgnv8s33gGKxCwADv2qL7X7KSGwzimZzchDcECCh-3JzYEdt0p_GaF8gBaWuzC81_pXMVZhlYvaNoC546BeZeqe13wAeWQ-8CEOs4OJy6V7uuaEEZ1qKbEH3kLKjEQHGYzywlcz0t1TnCFKN-1So8T5DjB3gBg4oEJ3Kdgbix-NMdA-3TQl6KVXWUEZz40tv_Rue0c_4mhzMMDy13I_A8dU-q1JV9fdxtOdwEzFMOscmMSrgkei_olGStL8SkeYHd0c4CLANJrvbcx-zCepKKKWKFYDZxIfSQSfKuXHcMYY7djpyVjqWGbsPwqLHXFNyUMYOqcx6GEX832o0QIYaibkKyG71-KOabFdLF-OaZ9ggAvjedw_LGbC5I6FaZj--ojb3ZjFYp8NZ8ixWvKsI2oMCnYN9thzjlgH_twxUgh_CuriuGeGkjuxHm-YwHWOTyrlOK7JT7w14qo8zTytDYvx_eirQKk87aO48E34q6m0UQLqkFPX2NOi5LhC99OdM9PpMUmo0MPOXnAr3c8zb1wxc8FFpd7iqkWrFxG2MJjioDuN9BNg13rom4bOXsU
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 72CB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3rOPFYvJYc2mA_Xa7_UP7dG1mAsAAAAAOAHgBAI&bg=!enmleT3NAAZKWFskSlg7ACkAdvg8WvTUISRe0fq3uvTZLKaozLnkK-Vwsl2FRagTCRFesbeyn9xUIQIAAABhUgAAAAloAQeZAx9wWNuVxXmaQK_aM6uo-zHUza5ngETRPvdNEUGf3-5vrihSVoLeU4A9Qr1bpIZetn45aAgO1NAz2CjzGyPUuC7Fp8aRRs0riqrJzEGGvLbcxyBMNhUY764Ma72nPI04X7NKZyo9pcU4sgJzRcvlaVrzVfbvM5yGI0oEF264IAJUySCWV6m2X78elpkXYGyW2LOZbWbG3id7P5HZJ6jTTmm23OFZH-nt3KH7_Ce9T8QoV_yHCg7OtjosbX_P7F6byFgQCU2o6S0_OwhlMv32n5MhID2IW7LaMWZrZr8pQy22opdOgMXxLw-jB00Wuf521QinVom2wmglKVnhFPLtNK5cO0GAsc6GEpQd-vDbje5Li09sTK1FqExQ_LnwbEs7299tk_rinxg78lvPGLC2eRhANwdNivUWjzJH2TSyFS0bKsRaf3FIXbOVmD-r_mMxJoRVjwOnXXE9evYxRLjp3RvafskGxjdgl_Xnj5tGrgwx1RfXQ9RiK2CmmmijZwkHZi4U17d5BGVdpFxh7LhElj10ghfmuC0skFC1fbpGFHAmJheQe_vzlOkGfvMx_v0YyvPv7knRzdGkAtswBPY89-KVloAbfSaW-IvewFWUAbESXMNdrR0xS5leGMbvQGR-zinPBl0E7sjcPJoUAebcHhccSoN-CN8EEp8oOtwLy-uDBhlBxBuSc_yeeh102742dDRWCoPq8mrxIV6MGewkzIne29TXAFuirPxh85FWh_V-RDquqyUtJjJDVOBgECMKfYE9EKgxsh3FlHdFX6_rY-hazhhb6QqjwR4GVpi1DA8Kzb1TRzPhBq0Q7ESlk4r-wP96QPq-vsj5_Id0iK7noDtEp5xBYKba4lWrKZymH-aDtM_55DwD26p4dWMv9EHgx7JRGQWpXRN2SvRdvXvmt4enO1OIEiwfOKucTvaBjVdRG8l2CUMCUT7sSDpf6Uuzyxml6Nq6AMD3JvlpObuKjf-ifoCBUHYNVIu0zR9HyudklXNUH_mui5AFQGZALPPeq0ZDh_fKEAuJbeXx87sro1hQapxTB7upJdFQzgqWIAMe
Requested by
Host: 05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
URL: https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 8C22 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 15:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
152207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 15:28:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FB1A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyvvH0dY8yvn60WNNEIu413SNvrM_C5y6OvfhFLNZc1bAxN11QGCdkflp-W6xV9SPoHdO7FwF6SOsP3a74aNxTS5pkgbgkASDI-ND21vsZQa_ZoAt9&sig=Cg0ArKJSzH3l93qBi25qEAE&id=lidar2&mcvt=1000&p=369,315,619,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3467923295&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640598292141&rpt=574&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BB4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD4EJ0CuTcfSw9jsk8dCkdGgFjiTGxmWBu6UVQMSE4GVsq2HWl3OzWB7stsGgNPCVML83O_6ciDzpViPg95j7WHb6j4cyyZtXqKIWp5UyHm25hSUsE&sig=Cg0ArKJSzKwKHDyyKZsqEAE&id=lidar2&mcvt=1015&p=979,1069,1229,1369&mtos=0,1015,1015,1015,1015&tos=0,1015,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=0.88&app=0&itpl=19&adk=2532747384&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640598292108&rpt=640&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8AAB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVtVbvH3__qJRdv6Ve1ZtIAB7P4ctJQXnUV08utUWKNF7x2Zq6um2tXPTAa8OUg-P6sCEY_Z_ZRUS7ab5avcP5bP2osB4amPp0xl0N-DxwWfXf_XlZ&sig=Cg0ArKJSzLiOoaW-yDj3EAE&id=lidar2&mcvt=1005&p=651,1069,901,1369&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2321400244&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640598292101&rpt=656&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
399303.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399303.js?json=1&async=1&cs=utf-8&rand=0.06222840869514923&num=1&as=2339333%3A2337298%3A2338360&callback=callback8732313966588356
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
88d92542e5ecd41c5fdefc7a0ea66b7123693b0bdfa3d903d8269b48a2c42f72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2146993.jpg
cdn.th.giraff.io/cdn/images/380x200/93/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/93/2146993.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb07e9e5639b5445c77e099a1f37571940ada0fb74d1ebaf4096b5c57483b109

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
cf-cache-status
HIT
age
354399
cf-polished
degrade=85, origSize=49946, status=webp_bigger
access-control-max-age
1728000
content-length
23441
last-modified
Thu, 23 Dec 2021 07:18:06 GMT
server
cloudflare
etag
"61c422ae-c31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 22 Jan 2022 07:18:13 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419ce85c404dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
2152511.jpg
cdn.th.giraff.io/cdn/images/380x200/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/11/2152511.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511f66a6f6bdeb8820fc0bae3f192fdae260cebd0891d040c987efd99ef61614

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
cf-cache-status
HIT
age
92439
cf-polished
qual=85, origFmt=jpeg, origSize=32863
access-control-max-age
1728000
content-disposition
inline; filename="2152511.webp"
content-length
13210
last-modified
Sun, 26 Dec 2021 08:04:05 GMT
server
cloudflare
etag
"61c821f5-805f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 25 Jan 2022 08:04:14 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419ce85c424dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
1455929.jpg
cdn.th.giraff.io/cdn/images/380x200/29/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/29/1455929.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404f42ae279dcffa3ef65f687d411673a95cce468e6c549e7074ed3da19d6fed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:53 GMT
cf-cache-status
HIT
age
548978
cf-polished
qual=85, origFmt=jpeg, origSize=31949
access-control-max-age
1728000
content-disposition
inline; filename="1455929.webp"
content-length
13396
last-modified
Wed, 24 Nov 2021 08:15:26 GMT
server
cloudflare
etag
"619df49e-7ccd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 01:15:14 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419ce85c444dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
399305.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399305.js?json=1&async=1&cs=utf-8&rand=0.6507521051874909&num=1&as=2333851%3A825864%3A2333852%3A2333850%3A865480&nodupes=1&callback=callback5631307509899051
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.249.95 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
94b12a097338de3246f688d75309a4b200d48e26df4ab22483911bef2032f81e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
truncated
/ Frame F52C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
839e3b9daf0228054a56817e726a0658f7c19756234abaa5a0b97ea8a277ae20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FFAE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f6674f9a2dcdaae3d615af0f9617b573b7beddb88ee24a07df938d3e5eb28cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9143 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
138d03a43264439bdfccf902aecdaee7fe839f8f65e072bdf8e45e0e8ecc5b0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/Bitmap1.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-40fd"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9143 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlr_JtPbrT2DpgXVlUpYmeNtgOQaMSdgM86Q7R9eujo4ZzPmhlvN0o5R3EP-aXtczJX7bAqTdklYdEdAf0p1AIglvoDEQw62KwGY-L88h3psni_uTrrAc_hIRjqw4E1dieDiMZzYkAekhlh7QQDE1qHgsakGr4SHNLFlam16olQT661i-XCbARReDWZrhBfVGiiXyLqIVmfos1mZ_mVatkWyJ0IPv4e9BZvkODVB0CuslBYTIAc5tM_GkmkKCa9eaTIPS4RQAj9zyZ_cSyJ9Y5Qi458z14CzkkRgW-YPYQ-hqOFmIx5ISH&sig=Cg0ArKJSzE4CbdaGnSWuEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 27 Dec 2021 09:44:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FB1A 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f818d37ba66a957b10e4f3dd7c5c9189ceaa99937475de3d7e97614b6962e4fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Dec 2021 09:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4449
x-xss-protection
0
was.svg
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		972 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/was.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0862513e7c847a6487e4ff4a2a0d1feb58e0a36a5f672ea5b21cf3631cfc27c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 23:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383621
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
561
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Dec 2022 23:11:13 GMT
warum_1.svg
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		1 KB
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/warum_1.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42e4a17bf23eb75c1ff0f5483f9e75e9218dbe95493507d18e4490c4528bf4b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 09:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
615
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 09:09:23 GMT
subline_1.svg
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/subline_1.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e65d25932a866d804988826780a17df320341cad0ebc8d3343dcc377d898ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 09:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1692
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 09:09:23 GMT
subline_2.svg
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/subline_2.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e65d25932a866d804988826780a17df320341cad0ebc8d3343dcc377d898ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 09:56:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344890
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1692
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 09:56:44 GMT
sub_subline_1.svg
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/sub_subline_1.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02b98b8a11e5d0d8b323dce4836da64eaa7f29d389bee5869533f77a9307c126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 09:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1320
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 09:09:23 GMT
background_300x250_cropped.png
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/background_300x250_cropped.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f846924cbc653b38c5c49593ed92ecb1a7f970260d0555e118abad34a9d7baa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 26 Dec 2021 23:09:26 GMT
x-content-type-options
nosniff
age
38128
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11766
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 26 Dec 2022 23:09:26 GMT
wie.svg
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		1 KB
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/wie.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b172170d3693be36ef9e26b114b5d832025ec166f82d6cbc35503ed7a95540c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 16:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
667
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Dec 2022 16:52:23 GMT
wer.svg
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		712 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/wer.svg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ddf78616045a229cd5f4b5039b748f07ab4a549f0ec0da4603d430c58e7f6bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 09:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261331
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
442
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 09:09:23 GMT
background_300x250.png
s0.2mdn.net/sadbundle/16295760157796596315/ Frame D34C 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16295760157796596315/background_300x250.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0f9c8984cd6d2bc35b1a68644f350c4daa6f3e3b8a4b3db0cd98f8760722fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16295760157796596315/index.html?e=69&leftOffset=0&topOffset=0&c=ficEKN7EJ0&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 09:09:22 GMT
x-content-type-options
nosniff
age
261332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47606
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 11:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 09:09:22 GMT
JP_Logo.png
s0.2mdn.net/sadbundle/9968920053668752910/ Frame 3600 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9968920053668752910/JP_Logo.png
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a282f20f977d4b93f4600c886b7a894eb310a017be4a1c729b4c313993b1c3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9968920053668752910/index.html?e=69&leftOffset=0&topOffset=0&c=CWmnKkk5oM&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 23:01:19 GMT
x-content-type-options
nosniff
age
297815
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7858
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:07:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Dec 2022 23:01:19 GMT
1image_hor_800x400_03.jpg_1637765016113_1image_hor_800x400_03.jpg
s0.2mdn.net/dynamic/2/10901433/images.ullapopken.de/cms/alle/ads/ Frame 3600 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10901433/images.ullapopken.de/cms/alle/ads/1image_hor_800x400_03.jpg_1637765016113_1image_hor_800x400_03.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b097c625dd5f10b0e4a4fe8c714e7ed4922039bafeaa8414e95dd310b5296de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9968920053668752910/index.html?e=69&leftOffset=0&topOffset=0&c=CWmnKkk5oM&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 21:18:59 GMT
x-content-type-options
nosniff
age
303955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94507
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 14:43:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 21:18:59 GMT
1image_vert_300x600_03.jpg_1639479787064_1image_vert_300x600_03.jpg
s0.2mdn.net/dynamic/2/10901433/images.ullapopken.de/cms/alle/ads/ Frame 3600 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10901433/images.ullapopken.de/cms/alle/ads/1image_vert_300x600_03.jpg_1639479787064_1image_vert_300x600_03.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c240f4861a84bffe7f357f4044490eb53177de8cd286f66006bbf5c33e6850b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9968920053668752910/index.html?e=69&leftOffset=0&topOffset=0&c=CWmnKkk5oM&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 14:32:13 GMT
x-content-type-options
nosniff
age
501161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56856
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 11:03:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 14:32:13 GMT
1image_square_350x350_03.jpg_1637765016113_1image_square_350x350_03.jpg
s0.2mdn.net/dynamic/2/10901433/images.ullapopken.de/cms/alle/ads/ Frame 3600 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10901433/images.ullapopken.de/cms/alle/ads/1image_square_350x350_03.jpg_1637765016113_1image_square_350x350_03.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2e42642ecd44ab01fde95f4b9af933cb31292f53f821d678d8342156a1f5d8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9968920053668752910/index.html?e=69&leftOffset=0&topOffset=0&c=CWmnKkk5oM&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 21:18:59 GMT
x-content-type-options
nosniff
age
303955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45654
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 14:43:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 21:18:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FB1A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 27 Dec 2021 09:44:54 GMT
2154476.jpg
cdn.th.giraff.io/cdn/images/380x200/76/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/76/2154476.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b49ae570e5156432e6d8cb4d85fa6a760118fc3231544745837680ca13c8dc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
cf-cache-status
HIT
age
2375
cf-polished
qual=85, origFmt=jpeg, origSize=28040
access-control-max-age
1728000
content-disposition
inline; filename="2154476.webp"
content-length
11534
last-modified
Mon, 27 Dec 2021 09:05:07 GMT
server
cloudflare
etag
"61c981c3-6d88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 26 Jan 2022 09:05:19 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419cea8fce4dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
1455884.jpg
cdn.th.giraff.io/cdn/images/380x200/84/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/84/1455884.jpg
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd292048cc9b293927a7e04df5028ed692f97e3dc5d664a1e979083fb63ee3ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
cf-cache-status
HIT
age
1158278
cf-polished
degrade=85, origSize=45628, status=webp_bigger
access-control-max-age
1728000
content-length
20118
last-modified
Wed, 24 Nov 2021 14:20:13 GMT
server
cloudflare
etag
"619e4a1d-b23c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jan 2022 00:00:16 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6c419cea8fcf4dbe-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
v2_kapookcom
data.th.giraff.io/hit/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/hit/v2_kapookcom?u=https%3A%2F%2Fhealth.kapook.com%2Fview63418.html&tag=pv_rv&tag=pv_ae&tag=ws_rv_1&tag=ws_ae_1&tag=ws_rv_2&tag=ws_ae_2&tag=ws_rv_3&tag=ws_ae_3&tag=ws_ae_4&tag=ws_rv_4&ht=2616&rand=0.5368849711972155
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
101.32.249.128 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://health.kapook.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
wl
t.pubmatic.com/ 		17 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=156743
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://health.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:54 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://health.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
button.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/button.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1f17"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:54 GMT
customer.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/customer.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-26c0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:54 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame D774 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 25 Dec 2021 15:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
152208
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Dec 2022 15:28:06 GMT
free.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/free.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1815"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:54 GMT
m1.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m1.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-4630"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:54 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F52C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswQM6xdic6GN8rdMZkp5HFuqHvdDzqciUW2tP-cX24APo1ws4R1sr0qChYulboH21aiF-9wzMfOPdz2NORlBM6Y_zdtAHSEJ0lZ0nW&sai=AMfl-YSXvPhgtQ4pOpXGvpSdLo1ZA7umuoGmL8_-EcMJVbMzNAP-1CXCITGZuwIC0DTAJ8SODPON4CykfhwTQ9caZZzPCaxLH38V3HtDR80Av48XuK2OPHjNwDO6pwLw&sig=Cg0ArKJSzDAcehF6XBP6EAE&cid=CAASEuRo1y1nB4jKIi8LjPNb5BV2Lw&id=lidar2&mcvt=1002&p=979,1069,1229,1369&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.88&if=1&app=0&itpl=20&adk=1439381921&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640598292915&rpt=1112&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m2.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m2.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:55 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-576"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FB1A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMpzjQHfA2ucb4yhq9ouop53MwRJMH4KnlN8P_kyfk_8xo6O2N7hkSxfNpUoK81N7ktfpvDR-2gnyoQ2fX6kNukE5d30ZqUOs&sig=Cg0ArKJSzL69c5Gf7BWBEAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=0&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640598292141&rpt=1940&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Dec 2021 09:44:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m3.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m3.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:55 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1be7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:55 GMT
m4.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m4.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:55 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1b32"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:55 GMT
money.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/money.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:55 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1af0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:55 GMT
t1.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/t1.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:55 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-142a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:55 GMT
t2.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/t2.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:56 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-19b1"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:56 GMT
t3.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 9143 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/t3.png?1593426663506
Requested by
Host: health.kapook.com
URL: https://health.kapook.com/view63418.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://health.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 09:44:56 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1107"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Mon, 03 Jan 2022 09:44:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.thaibuffer.com
URL
https://img.thaibuffer.com/u/2015/wanchalerm/Health_08_58/Cashew_5.jpg
Domain
img.thaibuffer.com
URL
https://img.thaibuffer.com/u/2015/wanchalerm/Health_08_58/Cashew_4.jpg
Domain
pix.cookiepix.com
URL
https://pix.cookiepix.com/cookieSync.png?1640598293

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| $ function| jQuery object| PWT object| googletag object| slot1 object| interstitialSlot function| fbq function| _fbq string| WDMObject function| cpe string| GoogleAnalyticsObject function| ga function| skin2vdo function| close_skin string| page string| current_cat object| bluebillywig object| FB function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key function| cpeclient function| triggerEventOnJQueryObject function| triggerEventOnParentById function| setAttributeOnParentById function| bbExecuteJavascript function| onYouTubeIframeAPIReady function| webpackJsonpBbSkin function| setImmediate function| clearImmediate function| Swiper object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| ggeac object| google_js_reporting_queue object| tmpHead function| head number| CONTENT_ID string| SUBDOMAIN function| GET_CATEID number| contentType string| mytheme object| myarr function| getYoutubeID object| list_oembed2 number| total number| count_box number| varCounter number| interval_id function| varName object| __s object| instgrm function| getCookie string| dmpUserMaping_id object| innityDataLayer string| url_stag string| url_ctag function| loadCss function| cb string| template string| template_new string| template_compound string| template_compound_new string| template_compound_new_z2 string| template_compound_new_z3 number| cp_count function| tag_singe string| url_get_tag_info function| setsticky function| setrelative function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| lazyLoadInstance function| cpeAsyncInit object| lazySizes object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_16211 function| processGoogleToken object| googleToken object| googleIMState object| google_tag_manager object| google_optimize object| innitytagmgr boolean| bG56d8ee121c51b14f6e964404 object| _innityq function| cpeapp boolean| bG5f47736a47e7049801000002 object| _innity_wtl object| _innityoq object| V object| _iampt number| dz undefined| google_measure_js_timing object| google_reactive_ads_global_state object| closure_lm_86012 object| skrollr object| _data object| file_dependency object| file_dependency_extend function| lead string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc string| _norec undefined| stat_frm string| truehitsurl object| ga1 number| VisitorT number| onSeconds string| p_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page number| __thflag string| udf string| arg string| _narg string| rf string| truehitsurl_top string| th_rand object| truehits_div undefined| th_img undefined| th_link object| angular number| google_unique_id object| s undefined| menuStatus undefined| menuslide undefined| loginStatus undefined| loginslide undefined| loginnow undefined| loginnows undefined| jQuery191009557656105230894_1640598290415 boolean| giraffDebugInit object| giraff function| grf_change_article function| grf_run_widget function| cbGeo650862430 object| closure_lm_849971 object| msgData string| domain string| prefix_url object| app function| jsonp_callback function| clip_callback function| article_callback function| photo_callback function| parseURL function| whenerr function| varidateemail function| market_edit_button string| base_dir string| base_tpl string| member_logout string| member_login undefined| _grf_9523081742157442 undefined| VK undefined| ODKL string| u object| dp object| ampInaboxIframes object| ampInaboxPendingMessages function| callback776814357624382 function| callback784677183778554 function| callback7063650689941026 function| callback2508316080233943 function| callback771721538809873 function| callback5183068491162894 function| callback8732313966588356 function| callback5631307509899051

101 Cookies

Domain/Path Name / Value
health.kapook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.kapook.com/ Name: pbjs-pubCommonId
Value: 5a8566b8-34fe-407c-9031-00e58534cb6d
health.kapook.com/ Name: uuid
Value: DE5E8FC8-6F64-4AEE-A2A9-64363C6CD89C
.kapook.com/ Name: _ga
Value: GA1.2.1043213445.1640598291
.kapook.com/ Name: _gid
Value: GA1.2.1326059944.1640598291
.kapook.com/ Name: _fbp
Value: fb.1.1640598290946.731012111
health.kapook.com/ Name: cto_bidid
Value: cELurV80ZURJTm10S1lLd3lYVmdtMTBiSGxzUzVUJTJCZVFzOVVyZzJYeXdIcXZQdGI1VXhEOFZMTSUyQkplSyUyQkslMkIyVVZHT25rbTB3TmNwZ0RSeDdXdGklMkYyRzhwc0ElM0QlM0Q
health.kapook.com/ Name: cto_bundle
Value: QVbHil9BNmNnZjhZMHBPZXI4UyUyQnJmZDEwQ3VFWUhQdCUyRjFlbGlSOHdUMzdPREoyc0dvQkY5TnYlMkJtcGZxJTJGdUhSV1QyRlNyY0clMkJDM2V3amRlSEZFSDM3cWdnTEsyY2h5S1MxMWM1TllvZFdtNnJ4OXBOTEd3JTJCNE5nOW5RWVhFeGQ2T1VicQ
.kapook.com/ Name: _gat
Value: 1
.health.kapook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
.delivery.adnuntius.com/ Name: usi
Value: yyq8!7d0e8654727e1cfa7ab8f5723ea2a642
.delivery.adnuntius.com/ Name: sessionId
Value: 5d34cb58675497a26a3779c82c677ae0
.truehits.in.th/ Name: ck3rdparty
Value: 1
.kapook.com/ Name: _cbclose
Value: 1
.kapook.com/ Name: _cbclose53935
Value: 1
.kapook.com/ Name: _uid53935
Value: 384A2926.1
.kapook.com/ Name: _ctout53935
Value: 1
health.kapook.com/ Name: verify
Value: test
.truehits.in.th/ Name: truehitsid
Value: booWfs5f
health.kapook.com/ Name: _grf_vis
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6FA943A8-012F-41DF-84A6-FD240F687AF4
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1641772800%3A201_197_219%7C1640649600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1641772800%3A13_56_71_22_55_166_81_7_3_220_54_21_161_8%7C1641859200%3A35%7C1643155200%3A203%7C1641427200%3A63%7C1641168000%3A15_2_223
.adfarm1.adition.com/ Name: UserID1
Value: 7046316005730613399
.mathtag.com/ Name: uuid
Value: 247f61c9-8b13-4700-8ff2-fb250daebef3
.adform.net/ Name: C
Value: 1
.adnxs.com/ Name: uuid2
Value: 4007992267938059231
.simpli.fi/ Name: suid
Value: A6944F87821947B1BB49BB4397B74640
.onaudience.com/ Name: cookie
Value: 58ee53e899f76d95
.onaudience.com/ Name: done_redirects219
Value: 1
.adform.net/ Name: uid
Value: 9104460859100794455
.de17a.com/ Name: guid2
Value: 1.6806502886808422361
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7046316005730613399
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:ac2961c9-8b13-4b00-b479-10f6ce151738&KRTB&16736-uid:ac2961c9-8b13-4b00-b479-10f6ce151738&KRTB&23019-uid:ac2961c9-8b13-4b00-b479-10f6ce151738&KRTB&23114-uid:ac2961c9-8b13-4b00-b479-10f6ce151738
.adsrvr.org/ Name: TDID
Value: 9373be2f-47c4-4142-b075-2ff4325d5c74
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-9104460859100794455&KRTB&23263-9104460859100794455
.zeotap.com/ Name: zc
Value: cabb4e2f-3e25-43f3-6698-f1fda54dbe50
.zeotap.com/ Name: zsc
Value: %10%D6%3E%7D%EB%24x%7F%E6%7D%2F%CE%F73%80%FFj%AA%D0Q%2Bq%C0P%D9X%28mNuM%5C%9A%EAt%EAG%ACM%9B%D0q%8A%88f%E5%D7%0E%5Ev%9A%06%84%94wi%B5w%EA%1D%0F%90%ED%1FlnY%D986%C1%E58%1B%F9%9Fm%ED+%CB%DE%BD%99
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YcmLEwABBZ0vgwAF
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~22bl
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi0ub__8cmkOhAFGAUgASgCMgsIwvuzrIjKpDoQBTgB
.quantserve.com/ Name: d
Value: EOIBCwGHJfijAA
.quantserve.com/ Name: mc
Value: 61c98b13-b768f-95445-d4816
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6806502886808422361
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4007992267938059231
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YcmLEwABBZ0vgwAF&KRTB&22978-YcmLEwABBZ0vgwAF&KRTB&23194-YcmLEwABBZ0vgwAF&KRTB&23209-YcmLEwABBZ0vgwAF
.bidr.io/ Name: bito
Value: AACahk7DkxYAAD9sv82YbQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-9373be2f-47c4-4142-b075-2ff4325d5c74&KRTB&22918-9373be2f-47c4-4142-b075-2ff4325d5c74&KRTB&23031-9373be2f-47c4-4142-b075-2ff4325d5c74
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-MW9q7z88OOUqPD7gPzgk7zJqPeMqOj3uNmjU6XC6&KRTB&19420-MW9q7z88OOUqPD7gPzgk7zJqPeMqOj3uNmjU6XC6&KRTB&22979-MW9q7z88OOUqPD7gPzgk7zJqPeMqOj3uNmjU6XC6
.bidswitch.net/ Name: tuuid
Value: 55d6a8b8-5b26-4d25-8617-47a0bc7ba20d
.bidswitch.net/ Name: c
Value: 1640598291
.bidswitch.net/ Name: tuuid_lu
Value: 1640598291
.rqtrk.eu/ Name: browser_id
Value: 1:53e8ce59-b850-4563-972c-5892eda791a9
.kapook.com/ Name: ka_iid
Value: TqoruDwzBZ6cuiSFPj8eq9
.kapook.com/ Name: ka_sid
Value: VPQ3yjQMuwkNDtvGPZ1iDq
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-55d6a8b8-5b26-4d25-8617-47a0bc7ba20d
.doubleclick.net/ Name: IDE
Value: AHWqTUkbPe7PXSINlwTUbm3M-kYMmMkuN-WhOREhYfdn5A5lOdXcaKonKAoCuEllClk
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOj1atFnBzZsfLqGqKrmHic&KRTB&16514-CAESEOj1atFnBzZsfLqGqKrmHic&KRTB&23025-CAESEOj1atFnBzZsfLqGqKrmHic
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.innity.com/ Name: iUUID
Value: d9006bf1af8db163b28decfd7f7d0c81
.kapook.com/ Name: iUUID
Value: d9006bf1af8db163b28decfd7f7d0c81
.kapook.com/ Name: innity.dmp.143.sess
Value: 1.1640598291965.1640598291965.1640598291965
.kapook.com/ Name: innity.dmp.143.sess.id
Value: 207372294.143.1640598291965
.kapook.com/ Name: innity.dmp.cks.innity
Value: 1
.vk.com/ Name: remixlang
Value: 6
.turn.com/ Name: uid
Value: 3132789014598353078
.th.giraff.io/ Name: gid
Value: rBYAEWHJixSQWkECaMQzAg==
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3132789014598353078
.pubmatic.com/ Name: PugT
Value: 1640598292
avd.innity.com/ Name: geo
Value: EU%3BGermany%3BDE%3B%3B%3B
health.kapook.com/ Name: _grf_uid
Value: 942483595
health.kapook.com/ Name: _grf_cm
Value: 1
.rubiconproject.com/ Name: rsid
Value: 1|XoTpdAZC/OrCXi+t2tt8Mx7c5rJaP5uXhxptHvrzPAh1r4P5O2ziQ6qdYLyMi4/FKQattD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZqNCxgmzGqqEKVXU66THvScWV7/AA==
.pubmatic.com/ Name: pp
Value: 156743
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.rubiconproject.com/ Name: khaos
Value: KXOHV40J-W-FA0X
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2BQNLGRjMZXz5APvdogVCbaTd6KyMQnat7y9GyzaExIXiGlUplgapnuu2I2JXgkPxcwU9v3Cm//uCAnekPgJibxpTpySnG5S3QD5U7tEfUTQ==
.uuidksinc.net/ Name: jcsuuid
Value: r4SJOGq79OeLrwIeLCnZ
.mathtag.com/ Name: mt_mop
Value: 9:1640598292
health.kapook.com/ Name: _lr_retry_request
Value: true
health.kapook.com/ Name: _lr_env_src_ats
Value: false
health.kapook.com/ Name: id5_storage
Value: %7B%22created_at%22%3A%222021-12-27T09%3A44%3A52.633082Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
health.kapook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%229373be2f-47c4-4142-b075-2ff4325d5c74%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-11-27T09%3A44%3A52%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBBOLyWECELmMlkNGMwtvKqQd4NagNsEFEgEBAQHcymHTYQAAAAAA_eMAAA&S=AQAAAgDx1SByG98eXl659JyD6q0
.th.giraff.io/ Name: nid
Value: F2r5X2HJixRiah5WA7wtAg==
.adsby.bidtheatre.com/ Name: __kuid
Value: b80a511a-0040-44b9-ada9-0c2dff75518e.409812292
.yieldlab.net/ Name: id
Value: 52086700-df75-418d-96cc-b5c4d8183bf5
.kapook.com/ Name: panoramaId_expiry
Value: 1640684692698
.doubleclick.net/ Name: DSID
Value: NO_DATA
.kapook.com/ Name: __gads
Value: ID=8e9e60030b5ae022:T=1640598291:S=ALNI_MZgyRMgfcYoZZzV_l8-80RY5X8Awg
.casalemedia.com/ Name: CMID
Value: YcmLFTkXu3avWCJj23WvqwAA
.casalemedia.com/ Name: CMPS
Value: 3269
.casalemedia.com/ Name: CMPRO
Value: 1192
.casalemedia.com/ Name: CMST
Value: YcmLFWHJixUA
.casalemedia.com/ Name: CMRUM3
Value: 2d61c98b152760CAESEIN4GV2g5ixlbc-knrpX1kc
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU#h)cVW!]tbPl1M>e)ZlrFUfJ+tGXxoeIlXu0B15(PFo.vET(MCwL>['hQ<:ZXgTOo>*bpRz*qF1`*b^k()qxCX
.pubmatic.com/ Name: SPugT
Value: 1640598293
.a.th.giraff.io/ Name: s
Value: 865481:2333851:825864:2333852:2333850:865480

4 Console Messages

Source Level URL
Text
other warning URL: https://cdn.bluebillywig.com/apps/player/20211213.122749/player.js(Line 25)
Message:
The keyword 'slider-vertical' specified to an 'appearance' property is not standardized. It will be removed in the future.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

05335802ee3b599f795cfe645bf20fff.safeframe.googlesyndication.com
a.giraff.io
a.th.giraff.io
a720579e6a80717fd9c2b7a1a4d8f38d.safeframe.googlesyndication.com
ad.turn.com
ad.yieldlab.net
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
af7e836a5554cbf75658bf9df3082246.safeframe.googlesyndication.com
aktrack.pubmatic.com
api-center.kapook.com
api.dmcdn.net
api.pxl.dailymotion.com
api.rlcdn.com
avd.innity.com
avd.innity.net
beacon-fra2.rubiconproject.com
c1.adform.net
cacheportal.kapook.com
cdd4c39bf83343b0a57879b3c124727d.safeframe.googlesyndication.com
cdn.bluebillywig.com
cdn.jsdelivr.net
cdn.th.giraff.io
cdn.thelead.tech
cm.adform.net
cm.g.doubleclick.net
cms.kapook.com
code.createjs.com
code.th.giraff.io
connect.facebook.net
connect.ok.ru
connect.thelead.tech
csi.gstatic.com
d5p.de17a.com
data.th.giraff.io
delivery.adnuntius.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
gum.criteo.com
hbopenbid.pubmatic.com
health.kapook.com
i.kapook.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.thaibuffer.com
lvs.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
my.kapook.com
pagead2.googlesyndication.com
pebed.dm-event.net
pix.cookiepix.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
pubmatic.mainroll.com
rtb-csync.smartadserver.com
rtb.com.ru
s.uuidksinc.net
s0.2mdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smarttag.rubiconproject.com
spl.zeotap.com
ssl-avd.innity.net
ssp.adriver.ru
stat.media
stats.g.doubleclick.net
stats.mainroll.com
sync-tm.everesttech.net
sync.mathtag.com
t.pubmatic.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
vid.pubmatic.com
vk.com
vpaid.pubmatic.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.kapook.com
x.bidswitch.net
img.thaibuffer.com
pix.cookiepix.com
101.32.249.128
104.109.78.125
104.111.218.85
104.111.224.62
119.81.192.134
13.35.253.128
13.35.253.61
142.250.185.66
142.250.186.162
142.250.74.194
15.197.193.217
151.101.2.49
169.50.137.182
178.250.0.157
178.250.0.163
178.62.202.251
178.79.242.16
18.185.209.98
185.29.134.248
185.33.220.241
185.64.189.110
185.64.189.111
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.82
185.86.138.142
188.65.124.59
188.65.124.90
195.161.16.148
198.47.127.20
2.18.233.180
2.18.234.21
2.19.35.65
2001:4860:4802:32::3
202.183.165.226
203.154.91.10
213.155.156.165
217.20.155.208
23.106.249.95
2600:9000:214f:e400:1d:47ad:2280:93a1
2602:803:c004:200::141
2602:803:c004:200::152
2606:4700:10::6816:1957
2606:4700:10::6816:4f7b
2606:4700::6810:5914
2620:112:f002:bbbb::21
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
27.254.43.241
27.254.43.242
27.254.43.243
27.254.43.248
2a00:1288:80:800::7000
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2006
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9d
2a02:2638:1::13
2a02:26f0:6c00::210:ba1a
2a02:fa8:8806:12::1370
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81e5:face:b00c:0:4420
2a05:d018:d29:3602:5ce0:1e2e:863d:4da1
3.126.56.137
31.220.27.134
34.120.133.55
35.244.174.68
37.157.4.28
37.157.4.29
46.161.36.23
51.210.112.236
51.75.146.161
51.89.21.5
54.77.6.213
63.35.242.195
66.155.71.149
69.173.144.138
69.173.144.139
81.222.128.215
83.222.114.188
85.114.159.118
85.202.161.2
87.240.137.158
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
00fcdea81e1a3414c3d33d869bde8a16a3701e8b3587fcfebf473753daacf14d
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
02727528cd686f9059616eed5d2510eb94d074c07456c7c8bf46b188c34eca85
02b98b8a11e5d0d8b323dce4836da64eaa7f29d389bee5869533f77a9307c126
03fdb437d88cfdd13108407879e64b7d699271c1e0b9494600f91701d150be22
05b0bd352920171fb7cefb5bea7991c3733ab1e673f0e5366a4c593c0e7937c8
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
078485c2ef3f95d9c63732cb9445ba6814ee1b9f2cb6a2f9eaebc85a59227b3f
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0a8e0b01e7137784e1584c6889c2f0fc5fbbd38080956af70aec4d89d739e6c8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
0d0f9c8984cd6d2bc35b1a68644f350c4daa6f3e3b8a4b3db0cd98f8760722fc
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d9f0cf2ac917bd1438ee7ca79f1c6c006e20884bfcab074419478f4d5ced17c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138d03a43264439bdfccf902aecdaee7fe839f8f65e072bdf8e45e0e8ecc5b0c
149e9bd34f85ad002264809c5582f3c011980007dfe6ecb03860f2ef6e051b49
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1869a799ad8fcb8ed4f7ca265940db5656e2d369376e6a7c8ba2d0b041fedd79
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1c240f4861a84bffe7f357f4044490eb53177de8cd286f66006bbf5c33e6850b
1c37b9f272a717c741e9294666fec7c6f3bdfb63ca3544803f4770668047c788
1c48fe07be0bfc19f65b14fe76c920973385e52f7f797ab02abf7710c01f3b43
1cf1f7132ec2b6e9966d683b1fe193d130ae40191ec77e5449f3c3de6cb4456c
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
20bc0b78bc2101c3249cebba7cec22169d5d3aaa382de111a7db4ba807bb88b5
21bc81ba1f16ebcbc9888677d7b8bd02a1807d15d3c9391617c9aa4c00c28026
2257a1847773bc2f2273720e446fb019b71e6c4b2410ab2ff8c2961b7c538a0b
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f
242590be73558b8c7d598891c9616b9ee13c00bf9e79e55e087e986699688e6e
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
2856fd01fd3cbf247af5a144c7fe3101aa736f03f969b8c3a28114ab86a2c350
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2a282f20f977d4b93f4600c886b7a894eb310a017be4a1c729b4c313993b1c3a
2ad1e7c7c3798df3e7f40051b14bef4cc986dd8bfb9cc164f3c13276ee284fc7
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2ddf78616045a229cd5f4b5039b748f07ab4a549f0ec0da4603d430c58e7f6bc
2f54e8a76f78dc7236969087cfef1e06b5ef42fc4f96ab8c5dd29180e36267ec
303b701d48a7993b4176e72cf7e6f990959046b802acf41d0682d7344a40f4a6
32360e3c4b24b30e30f433ee6ae3c9855e028b5ca3723579f64da09c7714a68f
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33ceac8852b43e0afb94ba6646ebda4654e9aba3c178e3d4819e4de6be134c8c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38efc54eb97b294bf9f710239d5922ba7854186c13d9d39571e972fc5e6bc834
3adfb6900afd57b4d5626a4ea7619629dfcd57734ce9481debaf7555c97bde07
3b49ae570e5156432e6d8cb4d85fa6a760118fc3231544745837680ca13c8dc5
3e124e0c85932a70f7c3de5813789f23b47c1e029c84ce046dbbfa05b49ef46f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec6f2043344702a66d4407b13c4e513ae49a41f02b7aa332b1d38468e896843
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404f42ae279dcffa3ef65f687d411673a95cce468e6c549e7074ed3da19d6fed
406b4457b753e6582999535eb520f2e7994a3dacab6b1650fe4c99010f46597a
41f5f41fae57894923b9c02c9b5d619b8492bb1e4ab823a00cfd7dea2e70232c
42e4a17bf23eb75c1ff0f5483f9e75e9218dbe95493507d18e4490c4528bf4b3
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44b1dfba3096651cfa5bf09eabf8e6ae420490fce25bfb4dcf8a46101549f9d7
44ee0d1f2056c9f93ef5d764d71054516ff7be993bdba3c87ed4ad58e6365153
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
45fe03612b8b6aeffdf8add339418381176e660f01684b1abf6b742871b5fcc2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511f66a6f6bdeb8820fc0bae3f192fdae260cebd0891d040c987efd99ef61614
513660a98d5661850bc8aaffa04a3234ea92b817c7b4082ce11421808d8f1cb0
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b
56b0eb52eba4ded7bc6772d855d0f25f19eb0ba9735bc21ea8c68a66db159976
578061f0b58ba4782b67f7ea748aa8e0e8f36c35e4b7d05601751462579502d2
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
5c3cce8b8b874c74b9689d26608f7ca173bbf1982a809be6ee9670ebb9c38824
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d83682d408b8a5341dccb1e99215ef987833d80b13f28c2e19b91e1c4ea3df3
5e65d25932a866d804988826780a17df320341cad0ebc8d3343dcc377d898ae2
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639
61a8c08051254353c1d63a917d8726bf4ec00b058c8c788dbb24dd98005dd59b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632f5cd08bf1e4b618918edafe034f3ce838afe3b8a010b8fd26b08e79e50599
638b569a555e5237e935eaa674fca4ef1317347d53c41171b811759c47534d0e
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
67ff08c7f2e19a6f5b50c207840f7ff67a9dd07c248e754566df824f95d5fcae
6931d085849524d8192d6e42936113cabde1c5a238a0f2fd7a5df65236fe9b54
6b097c625dd5f10b0e4a4fe8c714e7ed4922039bafeaa8414e95dd310b5296de
6dca8f22b67d4249d434fc54ff8b73fa101103d1c10d88ab2a78be82ec8536ff
733945c853d6aaae24fabdf3f5642912bc623f787f65c6ef45269b95d51669aa
748dbfe2db71572c8630493771ecef6bf281f6d536e9eecbff8bc36a11d1286e
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
786c04f75c9e13cec3f0aceccba3e6a87d9e1dff0a905fbf89c32ec104793c88
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d
7f6405da484a5faee7b9844a2abc336caf99a61ceef031b46e6903610937351e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839e3b9daf0228054a56817e726a0658f7c19756234abaa5a0b97ea8a277ae20
84b8e1438b8f489d081d2996d1eaf17818e009e6b93c95a70460b1a476bf4611
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86231dfad56fd7beb3a0640b4bf4ade8310458c8b3d58252ce9a0fcf20cc9578
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
88d92542e5ecd41c5fdefc7a0ea66b7123693b0bdfa3d903d8269b48a2c42f72
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8defc86783fa4e9cbd954bfb8ad2c14583cc5b4cb271b6616a16c7a7491c79ba
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8e8a8560be6ba78a0df4dfd2ea70ad822ff4c77a0a5100a706100c6d856a86da
8f6674f9a2dcdaae3d615af0f9617b573b7beddb88ee24a07df938d3e5eb28cc
8fb6a3fed795d18c97e59795ac6fe8f7d4ad804e2844b9129d562d94b06f04fe
90bd908b0d915e9369a08ed7b18020df49c544c7e254e7284672b5032bad0591
949c6914915173257f9c5577d309cba426b296bdda5a2be2c4341e1cb961ff8a
94b12a097338de3246f688d75309a4b200d48e26df4ab22483911bef2032f81e
966c5f1ce6b98f3b182f5adc3235818c2da9a42ff45e59af74a31ec52734c90a
98c5ae7bea678283d52343d3edb6a3a1a1973140e7cf788c675dee7d8f765aa6
990361213a788f276de016ed7f9f42e96c2a4d91bb97bb59acf026ea9cbf4d56
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
9e0418788b8f67e1013ab645fbdf2546c1c423ca563d9cc0dbf5e080feea4761
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
9f9055f144830dc9e6fb5c5f8a1dfe9f193196bd3370a9acba102200d9a7f3e9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e42642ecd44ab01fde95f4b9af933cb31292f53f821d678d8342156a1f5d8a
a3e8d29300a41ec048a958bbf536d66943e80bb75453389e8b38a2df85d189b9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d6b8573820a1dfaadabd529ebaac42e088fb74bd0ed4f4eea3701d1a7ceb9f
a5888b4c8d8ab024d27ca9f6ada80aab83740f90fa70ce16c163b586a1da6fb2
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82c0a139a5f702d6487500b4c076d9971df1fc465307c81af7a1e2059cd6c0c
a8b6a484da0de071b913f546b352898895311833f876aa13734c0ed1d22371ae
a9b621f415957783fc1b0594efd18ac4940d034e26c9352a775e45a30b08d78f
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b
ab0335a147eedff460c9dcd5fd249b78606c81898e57db7397d1a4bacb962d5e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad4958ed3cb815e2b8b1ff4ae13807cb6c4780403d1c79fd94b2ca56005fbefb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b07a6b6e227ca370462d8114ab23ffadea742bb4c18501f3144bee0b50793886
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b172170d3693be36ef9e26b114b5d832025ec166f82d6cbc35503ed7a95540c7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b
bb07e9e5639b5445c77e099a1f37571940ada0fb74d1ebaf4096b5c57483b109
bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bd14d25fb8b5f98af810efea7049fad966e15e3c4bae892398398cacf2950e19
bd5b0a4ed2a0791f5cc9eb666cf575c6153491ff522e965910e364fde80f8ab0
be6d864177eb46e5f65d3d86c1bbe9e9fbb189a47fcb380a9b76baf1e09bdffa
bea7b487fff4ed5887e53d5ff146cfb342dc144025338e77a92d4105906ea3a2
bf42d056ce8cf3ccacfcfcd4319b5f5d96a9bd63b60a2d0899f30cc209bf60b6
c056864708cb8181e365c3cd4226edba934923d5a1169ba17720837baca0a267
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1b2f3980ef5f158b25dc3ec7bb266737b9321efe8cc18fdac73623f0c656afe
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
c90488a2522bc6ece3758e0a56c788894b50daa67f50d64eeb76315e85ef0d28
cbcb7c952861979daaa0566adb07600f78de797136649fd6a4663da7dc2c1e25
cbef1373bb473c63473d1f582fa31c4ee5d03a9bef057091e74877c814c7089a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0fb9d85f3a15dde211d1cd1f4104b482d961af829dbe756bc9493a166942e10
d0fc07f6eab24b2cb3d3428a8284159524909c8741a8ced0d24e9de23e78d3a1
d1ccfa5f9dd6abf3666f87852807901abe7e1fd2b63c8e3bc4e12d9d48fe0439
d30fef5abee1aa73c4347303f5bf0f0483c70adba058240f8dbee3a16aa53c10
d3b3a603c3c709ff564c8f2e3ea5703116008e997674664f3f341ead54bd6958
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
da36aad67b63ab86318e2f2afe08baebdefa6767b7b7337d7cf86399915217f7
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dd292048cc9b293927a7e04df5028ed692f97e3dc5d664a1e979083fb63ee3ca
dd396cba7949e705825c1cfc7f12946cce49176ee3d7da4ca179aa864674674d
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
e0862513e7c847a6487e4ff4a2a0d1feb58e0a36a5f672ea5b21cf3631cfc27c
e0fe3cf3f4b694a7bc4bb1b11462e00a89eebf156fdb9436f7f01c38fea73e26
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3970967ddb7c833ecc807ef6c36c738ec3d2ad1a8acb2a4f020ad7ac4d9fe89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4547790d6859e087d6d5ca6e23733c88b699374ec77f503de0f1819e50a971f
e66594d52f39cfa57b072f7054cc3cfbb1c53af8979d8b3885c90236b489896d
e6733c9c2e5a3b02f9a30a80822e46bf05ead43eb696a95b711f0f445e57b266
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6
ebd473d7f288cf6fc7cd00a65cece7f14fa649b25b4f47effd1acc7ad5f4c1eb
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4
eecfcca8b3ddd49a6952aead630573434f31185cf4cefc25b959ce7a709a6144
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef447194c4f88706e59e91d4dd03aa925cd6f5d30ae87b863c8fe282153c2fbc
ef83975282d2e87c8806a58221b6408800642fd5cafaaa16f0fb1539c9649ef4
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f22e58c109f7df8402516d01d9280e8aa35f421b99140ee07b944290458cf604
f2af272519bbb10f3df032cdabc2b7e50d6f1c1c2f6f10e38dbbcaefe6b8d134
f46f045bf8e5f684df6f39d485fa5d38195a4ca2cafeb13079eccecb95f9c70a
f4e9f3f764143f70d69af4f0846ba4666fbfd4934b64ab1c7cfbcc47e5e10c9d
f58089bd78c9c0bec016b4f773e16b083c2bd6b23e1241df58c6aedeff3410ed
f6328097b88e89b824f66b7327ac9625e7fdb720231b031c89171303dd5c2fff
f651e0344ed67b104b79c3b8cfb88260a7f5bc6bc9ed9a70737ac09b7bdc7289
f818d37ba66a957b10e4f3dd7c5c9189ceaa99937475de3d7e97614b6962e4fa
f846924cbc653b38c5c49593ed92ecb1a7f970260d0555e118abad34a9d7baa6
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
fafccde9bd3adf87fed817163ec5b848c76140e954290078c593b89b637b2c46
fc856d4345031aa1129a23530aa157b64f231ae829b8e1954a2c80ae14ac9d71
fdbd23c52fb995fe9d664142f6352b24847b7c0afb3ab4fc17719e7584e66920
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914