urlscan.io logo urlscan.io
SecurityTrails logo

hilight.kapook.com Open in urlscan Pro
202.183.165.36  Public Scan

Go To Rescan Add Verdict Report
URL: https://hilight.kapook.com/view/218540
Submission: On November 19 via manual from TH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 14 countries across 60 domains to perform 411 HTTP transactions. The main IP is 202.183.165.36, located in Bangkok, Thailand and belongs to CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH. The main domain is hilight.kapook.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 16th 2020. Valid for: 2 years.
This is the only time hilight.kapook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 202.183.165.36 9891 (CSLOX-IDC...)
85 27.254.43.242 9891 (CSLOX-IDC...)
3 2a00:1450:400... 15169 (GOOGLE)
5 202.183.165.228 9891 (CSLOX-IDC...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 143.204.98.52 16509 (AMAZON-02)
1 2 2a03:2880:f21... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 2.18.233.180 16625 (AKAMAI-AS)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 178.79.242.16 22822 (LLNW)
4 2a00:1450:400... 15169 (GOOGLE)
2 203.151.144.224 4618 (INET-TH-A...)
4 2600:9000:215... 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
10 2a00:1450:400... 15169 (GOOGLE)
2 43.134.100.94 132203 (TENCENT-N...)
3 2a03:2880:f11... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
17 143.204.98.111 16509 (AMAZON-02)
35 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 87.240.190.67 47541 (VKONTAKTE...)
1 217.20.155.208 47764 (MAILRU-AS...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 104.111.224.62 16625 (AKAMAI-AS)
1 27.254.43.243 9891 (CSLOX-IDC...)
34 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 85.202.161.1 20473 (AS-CHOOPA)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 188.65.124.59 41690 (DAILYMOTI...)
1 188.65.124.90 41690 (DAILYMOTI...)
3 119.81.216.16 36351 (SOFTLAYER)
5 2607:f8b0:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 198.47.127.19 3257 (GTT-BACKB...)
3 4 37.157.6.251 198622 (ADFORM)
2 2 213.155.156.180 1299 (TWELVE99 ...)
14 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
3 3 151.101.194.49 54113 (FASTLY)
2 3 52.215.68.151 16509 (AMAZON-02)
11 13 142.250.74.194 15169 (GOOGLE)
3 3 185.29.134.248 30419 (MEDIAMATH...)
3 198.47.127.20 3257 (GTT-BACKB...)
1 2 51.79.83.225 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
1 159.122.14.34 36351 (SOFTLAYER)
2 4 15.197.193.217 16509 (AMAZON-02)
3 4 37.252.173.22 29990 (ASN-APPNEX)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 3.126.56.137 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 3 35.156.121.212 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 195.161.16.131 8342 (RTCOMM-AS)
8 23.106.253.167 59253 (LEASEWEB-...)
2 31.220.27.134 39572 (ADVANCEDH...)
1 81.222.128.215 20597 (ELTEL-AS)
1 82.148.14.194 50340 (SELECTEL-MSK)
12 23.37.42.132 16625 (AKAMAI-AS)
1 185.64.190.75 62713 (AS-PUBMATIC)
4 2602:803:c004... 26667 (RUBICONPR...)
4 2602:803:c004... 26667 (RUBICONPR...)
2 27.254.43.241 9891 (CSLOX-IDC...)
21 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 69.173.144.165 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
3 3 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 5 2.18.234.21 16625 (AKAMAI-AS)
1 51.75.146.199 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
1 52.215.102.174 16509 (AMAZON-02)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 142.250.181.226 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
1 185.64.189.226 62713 (AS-PUBMATIC)
411 80
10    202.183.165.36 (Bangkok, Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p162-nasbkkST3.C.csloxinfo.net
hilight.kapook.com
s359.kapook.com
85    27.254.43.242 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
my.kapook.com
www.kapook.com
api-center.kapook.com
i.kapook.com
3    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    202.183.165.228 (Bangkok, Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
PTR: p354-nasbkkST3.C.csloxinfo.net
cdn.thelead.tech
connect.thelead.tech
3    2606:4700:10::6816:4f7b (United States)

ASN13335 (CLOUDFLARENET, US)
code.th.giraff.io
1    143.204.98.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-52.fra50.r.cloudfront.net
pubmatic.mainroll.com
2    2a03:2880:f21c:80e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
vpaid.pubmatic.com
aktrack.pubmatic.com
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    178.79.242.16 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net
api.dmcdn.net
4    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    203.151.144.224 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 224.144.151.203.sta.inet.co.th
lvs.truehits.in.th
4    2600:9000:2156:1200:1d:47ad:2280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.bluebillywig.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
10    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    43.134.100.94 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
data.th.giraff.io
3    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
17    143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net
stats.mainroll.com
35    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
googleads.g.doubleclick.net
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f01c:20e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com
vk.com
1    217.20.155.208 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip208.155.odnoklassniki.ru
connect.ok.ru
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com
ssl-avd.innity.net
avd.innity.net
1    27.254.43.243 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
cacheportal.kapook.com
34    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    85.202.161.1 (Rovigo, Italy)

ASN20473 (AS-CHOOPA, US)
PTR: 85.202.161.1.adnuntius.com
delivery.adnuntius.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    188.65.124.59 (L'Haÿ-les-Roses, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed2.dm.gg
pebed.dm-event.net
1    188.65.124.90 (L'Haÿ-les-Roses, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
api.pxl.dailymotion.com
3    119.81.216.16 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com
avd.innity.com
5    2607:f8b0:4005:80a::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
adservice.google.de
8    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
7a4b54d052e77aee9c6d2a1cfefa2a6e.safeframe.googlesyndication.com
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
8e0ab5ebbb37c1d093bdd9d464d1c135.safeframe.googlesyndication.com
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
4    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    213.155.156.180 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
14    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    52.215.68.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-68-151.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
13    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh
pixel.onaudience.com
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loada.exelator.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    35.156.121.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-121-212.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    195.161.16.131 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
a.giraff.io
8    23.106.253.167 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
a.th.giraff.io
2    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru
ssp.adriver.ru
1    82.148.14.194 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel24.imcmdb.net
stat.media
12    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
eus.rubiconproject.com
1    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
4    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
smarttag.rubiconproject.com
4    2602:803:c004:200::152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
2    27.254.43.241 (Thailand)

ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH)
cms.kapook.com
21    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    51.75.146.199 (France)

ASN16276 (OVH, FR)
PTR: p12.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    52.215.102.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
6    2606:4700:10::ac43:1ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.th.giraff.io
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:64::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5e6nsy.c.2mdn.net
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
ade.googlesyndication.com
1    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
Apex Domain
Subdomains		 Transfer
98 kapook.com
hilight.kapook.com
my.kapook.com
www.kapook.com
cacheportal.kapook.com
api-center.kapook.com
cms.kapook.com
i.kapook.com
s359.kapook.com
2 MB
64 googlesyndication.com
pagead2.googlesyndication.com
88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
7a4b54d052e77aee9c6d2a1cfefa2a6e.safeframe.googlesyndication.com
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
8e0ab5ebbb37c1d093bdd9d464d1c135.safeframe.googlesyndication.com
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
323 KB
50 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
889 KB
29 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
vpaid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com Failed
simage4.pubmatic.com
t.pubmatic.com
202 KB
27 rubiconproject.com
ads.rubiconproject.com
smarttag.rubiconproject.com
eus.rubiconproject.com
beacon-fra2.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
88 KB
20 giraff.io
code.th.giraff.io
data.th.giraff.io
a.giraff.io
a.th.giraff.io
cdn.th.giraff.io
149 KB
18 mainroll.com
pubmatic.mainroll.com
stats.mainroll.com
31 KB
13 google.com
adservice.google.com
www.google.com
6 KB
10 googletagservices.com
www.googletagservices.com
354 KB
8 gstatic.com
csi.gstatic.com
www.gstatic.com
13 KB
8 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r4---sn-4g5e6nsy.c.2mdn.net
472 KB
5 casalemedia.com
dsum-sec.casalemedia.com
4 KB
5 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
2 KB
5 google.de
www.google.de
adservice.google.de
2 KB
5 facebook.com
www.facebook.com
graph.facebook.com
2 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
5 thelead.tech
cdn.thelead.tech
connect.thelead.tech
13 KB
5 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
211 KB
4 adnxs.com
ib.adnxs.com
4 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 adform.net
c1.adform.net
2 KB
4 bluebillywig.com
cdn.bluebillywig.com
365 KB
4 google-analytics.com
www.google-analytics.com
55 KB
4 facebook.net
connect.facebook.net
198 KB
3 createjs.com
code.createjs.com
188 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 everesttech.net
sync-tm.everesttech.net
857 B
3 innity.com
avd.innity.com
2 KB
3 innity.net
ssl-avd.innity.net
avd.innity.net
13 KB
2 rlcdn.com
id.rlcdn.com
api.rlcdn.com
330 B
2 uuidksinc.net
s.uuidksinc.net
482 B
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 de17a.com
d5p.de17a.com
637 B
2 truehits.in.th
lvs.truehits.in.th
9 KB
2 dmcdn.net
api.dmcdn.net
20 KB
2 jsdelivr.net
cdn.jsdelivr.net
9 KB
2 instagram.com
www.instagram.com
5 KB
1 crwdcntrl.net
id.crwdcntrl.net
339 B
1 id5-sync.com
id5-sync.com
536 B
1 googleadservices.com
partner.googleadservices.com
414 B
1 stat.media
stat.media
265 B
1 adriver.ru
ssp.adriver.ru
201 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 turn.com
ad.turn.com
518 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 rfihub.com
p.rfihub.com
779 B
1 quantserve.com
pixel.quantserve.com
541 B
1 simpli.fi
um.simpli.fi
618 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 google.co.uk
adservice.google.co.uk
792 B
1 dailymotion.com
api.pxl.dailymotion.com
1 KB
1 dm-event.net
pebed.dm-event.net
363 B
1 adnuntius.com
delivery.adnuntius.com
2 KB
1 ok.ru
connect.ok.ru
2 KB
1 vk.com
vk.com
479 B
0 cookiepix.com Failed
pix.cookiepix.com Failed
411 60
Domain Requested by
53 my.kapook.com hilight.kapook.com
my.kapook.com
34 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
hilight.kapook.com
tpc.googlesyndication.com
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
32 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
hilight.kapook.com
smarttag.rubiconproject.com
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
s0.2mdn.net
27 i.kapook.com securepubads.g.doubleclick.net
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
hilight.kapook.com
21 tpc.googlesyndication.com 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
tpc.googlesyndication.com
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
s0.2mdn.net
17 stats.mainroll.com hilight.kapook.com
13 cm.g.doubleclick.net 11 redirects hilight.kapook.com
googleads.g.doubleclick.net
10 www.googletagservices.com hilight.kapook.com
securepubads.g.doubleclick.net
88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
9 hilight.kapook.com hilight.kapook.com
8 eus.rubiconproject.com smarttag.rubiconproject.com
eus.rubiconproject.com
8 a.th.giraff.io code.th.giraff.io
8 simage2.pubmatic.com ads.pubmatic.com
7 www.google.com hilight.kapook.com
tpc.googlesyndication.com
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
6 cdn.th.giraff.io hilight.kapook.com
6 image2.pubmatic.com ads.pubmatic.com
6 adservice.google.com s0.2mdn.net
securepubads.g.doubleclick.net
6 s0.2mdn.net cdn.bluebillywig.com
s0.2mdn.net
hilight.kapook.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 csi.gstatic.com imasdk.googleapis.com
securepubads.g.doubleclick.net
5 ads.pubmatic.com hilight.kapook.com
ads.pubmatic.com
vpaid.pubmatic.com
4 pixel.rubiconproject.com hilight.kapook.com
4 adservice.google.de securepubads.g.doubleclick.net
4 beacon-fra2.rubiconproject.com hilight.kapook.com
4 smarttag.rubiconproject.com ads.rubiconproject.com
4 ads.rubiconproject.com securepubads.g.doubleclick.net
4 connect.thelead.tech cdn.thelead.tech
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 match.adsrvr.org 2 redirects hilight.kapook.com
ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 cdn.bluebillywig.com pubmatic.mainroll.com
cdn.bluebillywig.com
client
4 www.google-analytics.com hilight.kapook.com
www.google-analytics.com
4 connect.facebook.net hilight.kapook.com
connect.facebook.net
3 code.createjs.com securepubads.g.doubleclick.net
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
3 token.rubiconproject.com 3 redirects
3 www.gstatic.com 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 sync.mathtag.com 3 redirects
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 avd.innity.com avd.innity.net
hilight.kapook.com
3 www.facebook.com hilight.kapook.com
connect.facebook.net
3 www.kapook.com hilight.kapook.com
3 code.th.giraff.io hilight.kapook.com
3 fonts.googleapis.com hilight.kapook.com
88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
my.kapook.com
2 googleads4.g.doubleclick.net hilight.kapook.com
2 googleads.g.doubleclick.net eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
hilight.kapook.com
2 eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cms.kapook.com hilight.kapook.com
2 api-center.kapook.com my.kapook.com
2 s.uuidksinc.net hilight.kapook.com
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 vpaid.pubmatic.com imasdk.googleapis.com
2 avd.innity.net ssl-avd.innity.net
hilight.kapook.com
2 imasdk.googleapis.com s0.2mdn.net
2 graph.facebook.com code.th.giraff.io
my.kapook.com
2 data.th.giraff.io code.th.giraff.io
2 mug.criteo.com hilight.kapook.com
2 gum.criteo.com 1 redirects
2 lvs.truehits.in.th hilight.kapook.com
2 api.dmcdn.net hilight.kapook.com
api.dmcdn.net
2 cdn.jsdelivr.net hilight.kapook.com
2 www.instagram.com 1 redirects hilight.kapook.com
1 s359.kapook.com
1 t.pubmatic.com ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ade.googlesyndication.com hilight.kapook.com
1 r4---sn-4g5e6nsy.c.2mdn.net hilight.kapook.com
1 gcdn.2mdn.net 1 redirects
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 ads.yahoo.com hilight.kapook.com
1 id.rlcdn.com hilight.kapook.com
1 8e0ab5ebbb37c1d093bdd9d464d1c135.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 7a4b54d052e77aee9c6d2a1cfefa2a6e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 partner.googleadservices.com securepubads.g.doubleclick.net
1 aktrack.pubmatic.com hilight.kapook.com
1 vid.pubmatic.com vpaid.pubmatic.com
1 stat.media hilight.kapook.com
1 ssp.adriver.ru hilight.kapook.com
1 a.giraff.io code.th.giraff.io
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 adservice.google.co.uk securepubads.g.doubleclick.net
1 api.pxl.dailymotion.com api.dmcdn.net
1 pebed.dm-event.net api.dmcdn.net
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 delivery.adnuntius.com ads.pubmatic.com
1 www.google.de hilight.kapook.com
1 cacheportal.kapook.com my.kapook.com
1 ssl-avd.innity.net my.kapook.com
1 connect.ok.ru code.th.giraff.io
1 vk.com code.th.giraff.io
1 stats.g.doubleclick.net www.google-analytics.com
1 pubmatic.mainroll.com hilight.kapook.com
1 cdn.thelead.tech hilight.kapook.com
0 pix.cookiepix.com Failed hilight.kapook.com
411 112
Subject Issuer Validity Valid
*.kapook.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-16 -
2022-10-18		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
cdn.thelead.tech
R3		 2021-09-26 -
2021-12-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-25 -
2022-10-24		 a year crt.sh
*.mainroll.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-28 -
2021-11-26		 3 months crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2021-11-10 -
2022-02-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
lvs.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2021-09-15 -
2022-10-14		 a year crt.sh
*.bluebillywig.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
th.giraff.io
R3		 2021-09-24 -
2021-12-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.ok.ru
GeoTrust RSA CA 2018		 2021-02-18 -
2022-03-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
ads.adnuntius.delivery
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2021-10-15 -
2022-01-13		 3 months crt.sh
api.pxl.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2021-10-30 -
2022-01-28		 3 months crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-11 -
2021-12-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-11-03 -
2022-02-02		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
giraff.io
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
uuidksinc.net
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
stat.media
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
connect.thelead.tech
R3		 2021-09-26 -
2021-12-25		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh

This page contains 47 frames:

Primary Page: https://hilight.kapook.com/view/218540
Frame ID: CBBD0766E94B9D6E2DE7E48B5A28245D
Requests: 176 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: C369DFB1B4B3D1795AF17EA96DD9C167
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dba942a7ad1d8%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff29c90c49adfa24%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Frame ID: 351EF62DD3300B95BB50C0F919263ED8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 12A486B475AC48367CFCA5B9184ABAE4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BE0AA284277DA558B20F880DBE0A11F7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: E78C1E0AE0D50730648EF1056F4320EB
Requests: 5 HTTP requests in this frame

Frame: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5EE153FD0F5DA50D669BCF52671B77F0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 055BAD032F77EEBEFDE36A283EDF725F
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8E49A997B6AD98414446CC390CEA2ED2
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BE2716F7-30AE-4399-BC2F-169452666759
Frame ID: 2D9FEE0D3B069182BED779890CBCD90F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7718769723744663221
Frame ID: 088DD0C2D9FC8ADDABC9BA9085BE7912
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8A0317B51CE9ADFDF548B34DDE87E631
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7032132301425997964
Frame ID: 13E169800B0A64111D981EE8416069FC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZcnEgAFnq6JKABR&gdpr=0&gdpr_consent=&_test=YZcnEgAFnq6JKABR
Frame ID: A4628FEF3F0B60C74B9E38EA604FA0A4
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 20229BEC8116EFB53917585A6B3D9CCC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYntlsZ29Imk4379aJfz0iph2YiwNSlkICOE3KqgvUtT2bJr5yCqgkQrlAh3tFrmg8ThhL7Su9-HUl7_uWizXvFqHQ8orlB8SgmwvohqwOiO_-E4BRV00y9XVOiPkeqzbeD8Pq3v-T3vwF9kI49utciR0u6wNJI5qbbd_dTGw8bsXuZOrb4OKgYL6OiUzRA3m47aWx3i0eM1F4Zarthub7ZoV09u0WDTirhCrTF-qgbTEE4nKXofobzNdthusThmQH8B8oOQxVzyDENY6wALjhtPDD8n34APctKDenDXdQmK5WB6djWDBJId7ff_-2D0plUYnqrvLbBwhKD6Ih0yNJmBTWCM9v&sai=AMfl-YSTKXu1qZ-vDZZhyrR5_YlvIMDvTusqmHhgXGZkonJsPvst8yJO4HHKyCR6V60IUqFLPxO-OGFzO7MpCq7SHVCulH8-zX2JXsaPiv3rfIzDbkPxTowUMlrEPEePsTU&sig=Cg0ArKJSzLWXn_iedRUPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6B9DFAF095AC637E4BC49272C2E2A1DB
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWHdApLEWD2g3KcUxK9KiO2HcVbDRBgbm7J4-1S2dpSgviyLjo8PtnYHwCPIyln0eX85HV5Lxt8BYbOZLv7v0qwXsPfAE52fn3W_VBQIP7kFUs_NFRyOmG84tZR78CKBQ2SocY3QhdNsdU8x61sAfRDoPFCQcaxTKy6O8996kBSiBY0prXjYJujYIosZc1LE1Os04bM0A2OObVlVn1hiqPGZf_FV9uudmXfhWc-0ykOOMasR4e2QHOWuPgCJHO8HOb7XFuyuNBWt7JzNDFfb-56MEb_0UkKEGNOlrNna4uLhRkmGSoO80GFAqf0seuKnk8k0bFnKW2498&sai=AMfl-YSZrXjliTytgwQuUV2uk047UclQAwwv9cfzOrK1qyBhmi1d8vVIxcuUtQJ-yGmI06XNg5nIMwXp8U-17q_vyDaO4Gu0imn_PtFNkm53BNUwkLbeztAwLyfyL3K6YTk&sig=Cg0ArKJSzOD5Mi76D5DGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 017FA179B72F13B16EAF1C1FB2EED502
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwJ3B4ySyT-UEJ-S6L5NBgIDnyHRerqbJfmEaWWFHhPt7Kz3J8aW8AWTxlbaJ2ope8uTGfQ8SPHzrn6o4V7Vp5k34aYQEYzEUBWuJYcljKqPUwGW7ID33avOr5urfOXU6hg3n12ev59eBSNih_OjNbKiT077gsDupbZ-8dSBzN03JSQRP_ZCGM9vZNU5ifNAtl6eN9LFLWvCyeXRPCie2OWTvAn0QJ6VlWRK-TLnZLv7_Az-luddWuO2o4HW-LQYi7xJCyBC92dhAU4sb37z9D2fFJIOpKZbYGg4ecmVNDFqp4gsHH-6M_cfBodU-ag0YRmqo&sai=AMfl-YSu3kwbtdwlp-qkpdjY7OSqc0AL50dnO62v_Lb7aiY8z8qfjru7ewfsYtbPAuQSkXKFeLa9jHDfVhHBQwQ_YD6UU4v4odgrggSVrvAi0GpH0FBGqVDcwEYDtBOVvGo&sig=Cg0ArKJSzJy7kegOsn2dEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 08449B979B07E31D69E3B7D98328B947
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRgC47rJUxwaa3hAbNDLJxl-qWALK30ag1mXhN7e8Qrzynmxu2ZsVgYMe7IFtBSZQQdlZBd4WkONaO7JwNpi3Osg2SNYEIXHrsbuwuYnGgRHfDgmjPWssaDyynn6TqnMbw3HRUPb5tfjtg0z6HHwbdTK_pmVVAEiPytlG5axuuTIf1hfAo9YtNfHHU9gBlfwqRGCpjTRSonW7WJJuv4cuN4RLUmh1kgqCW7JQh2zPZna_1GY9RQbdY6IS-y4b6op8QjuUa-w69hERHoA4FmmM5cyG1Gh-hceOIzF2_jpMXD6bzLdhhsBjze-Xadg9jdmgPGhAw&sai=AMfl-YSnMBOuN0aHLiBnHRtGTuHrLcC0LxkHU0-A1LnAVm-cvPiwJiUdFVcqBZsUAvHvpX0zHtbBehd93GGu4HirUe5i5y31vieYYVoA9n8AqfFNycSTL4tGIkg1_fnS-QQ&sig=Cg0ArKJSzNGGxUmdHkPpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5C43BEC744DD5CF7E14812A9473D3E94
Requests: 16 HTTP requests in this frame

Frame: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 947BB0C9549C7B2DAD072CB4952FB66A
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 0D7DD0A4B2F016169771A57E373A7D1A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D2E0AD95D2C68FE11CCA9FE535EF0C03
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 06B5D7B79FD6451F7B36846049257FBA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 25C25D35C9E085BABB3CDC2AC553335F
Requests: 2 HTTP requests in this frame

Frame: https://7a4b54d052e77aee9c6d2a1cfefa2a6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 543C302CE28B3F0BA4DFA209C73E2D89
Requests: 1 HTTP requests in this frame

Frame: https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8D813BF869B7B9FDFD0E2F8392382D13
Requests: 1 HTTP requests in this frame

Frame: https://8e0ab5ebbb37c1d093bdd9d464d1c135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 23568378DF80BBF8FB3D3D3CCDF22A34
Requests: 1 HTTP requests in this frame

Frame: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 36EC5B0FF797C37B6FAC3CE3CE955E08
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: 10606DD62E32523DE6F8989188E8F414
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWcv_TvJLNiCKt3eSx_TI_3GioUc3FLlGDVvmVug67gsBAMyOv2oSvPKgomGm9Fm1tn2YJZgyCpUfMK5YfCqXhUNByFnfSvr7LBSF-or-QCQ4u4Rtzn1VRE4WRFOvpfkH8szuWXfRF_JUHcmzbnvlMT60dZjvwuTQULS-fUZMFfKm6s4KeliXJw7jE23nJLR4pAbi69X8zxJqwwzgGJ8YiSItSKY0PqER6ualjvDUx_YDC9KqfpcgxXV3I-oq_FJT-M6sSFhlLxxinKUDZOuUPz3_f_qs7ydih6smQmWOcHYsC2z6LLmCpPo-qyEtRig&sig=Cg0ArKJSzI6ybpTZgskpEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6C51F033219174B0AB98F56F209539FD
Requests: 18 HTTP requests in this frame

Frame: https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 34F9ACBD4F0C5E3E1E05CC036C004D8F
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 558F98AEC0E249818F1536CB3BF070EA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F8261EF39DF6F22E6420521C7C100F3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A4A25C7548B26F9299E66F3EE0733086
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 921B654A90F08527581E670F72C9B3A0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C707D4A0F08ED57B4356FBF20C2A5DE8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8089050B033590A5B96AD8E676B3785D
Requests: 2 HTTP requests in this frame

Frame: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D5AB2C41B2F92B9DDF356F7F7F86BCA7
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhjJsYW4ATAB&v=APEucNWYHWgqmP-akp8xVj-eIcof_w7SGq54D58zqxP7H-cgz3WVFOYH8yGkH2fZ3ib1vXs344AlCS5PHLka3zbEnSstkaqak7LMUJtcomENg8Zj0ZmxSE53EjpX35hcB2tZ4WG5IYSYJEsshhjXkdjJOYRHibppdBpFdjNqIA0FRrUh2J9PUMc
Frame ID: 3E1A419661F2FCF603B0F16F9EB4B4DC
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuemf9FjvqrAARuxcyLaBk5Q-6zf7htxSdR4H6tTL4l4n78n_q1bqtPDbHqr40hymTL64MnPsiM44Sd1VpzY__cisr-lqhlC0AOH587kH7NrO_yeSW-Xd7WQVSK5_XXl_1atwkg117BFMwqR2_Q0dZ528_sf9jAQV_aVcP1N8b-0QTGbEiGCyTUQC3VMpBLrbBt2BiS55ppkd01_XF5ieeNRmvPg7vifHfNyE5rfeEJjpmhL2Gvvt-502jgwzZXkVkLRStXvzcCkGY40VyMAx6nJPfZTeZwQr3FFMMe15v0fhiD6jf-rs-P-apFugwOBb_q8jfFBLl0o2jwaA_MG-pjm88&sig=Cg0ArKJSzFjMvRpDq5ImEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1218F093431A7026122A0C6C480C8DB1
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/10350127/1634641790433/index.html?e=69&leftOffset=0&topOffset=0&c=A8CWq1rKuu&t=1&renderingType=2
Frame ID: 5A3CB0AB7620EEF9EA9F75C3E48807D2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 859CC3676EB8A3233BDA50B0E276FC6C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CB1BE12E26984BC4F15AE096DFD1D037
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 469B524E4276ED6E00680ABD36A3D95F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Frame ID: 76C6CF2C30A2207FADD438ACB0A20AC2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 51EA75814B96854947C9CB9BADF81908
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E14B219D0856A49D8764AB41914B1C80
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

บริษัทประกันภัย แจงปม เบนซชนจักรยานยนต์ สาว 21 เสียชีวิต ชี้เป็นประมาทร่วม

Page Statistics

411
Requests

93 %
HTTPS

37 %
IPv6

60
Domains

112
Subdomains

80
IPs

14
Countries

5424 kB
Transfer

12660 kB
Size

102
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 56
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhilight.kapook.com%2F&domain=hilight.kapook.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=poVUHnw1UXJ0c2FvWkx2UjdGS2xkL0dsR3pTRE9Zb0plMXMxZzJzbnpPTlhIZTU5N05aa3lUNDZicW1lSUtyNWpmZCtBRFd4MWY1aDllK2J5WFdONFFGaE5KZmZkMmtNL0tYK0pRbkltM2xBS1IrMlA1Q25TaUNkZjVVMERiTGNIRVUrYmRvbmI4eXN0SThLNWZkckhaSjYxUnh0TnZmM3lxK1dOeTVRSVl6VDFpeVQ4RkVTdU5kRDIwTDdFbGw4SkJYUHFiU3lGQit3aFBoTElpYklkRTEwL1lQOG9XQXVwY09OeEt2bkF0aE4yRDY2dWRIQTlKdXR5bzM2bzFtWEZuZ0hRfA&cppv=2
Request Chain 132
  • https://c1.adform.net/serving/cookie/match?party=14&cid=BE2716F7-30AE-4399-BC2F-169452666759 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BE2716F7-30AE-4399-BC2F-169452666759
Request Chain 133
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7718769723744663221
Request Chain 135
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7032132301425997964
Request Chain 136
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YZcnEgAFnq6JKABR HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZcnEgAFnq6JKABR&gdpr=0&gdpr_consent=&_test=YZcnEgAFnq6JKABR
Request Chain 137
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCYXpVN0RMazRBQUN0SUptTVN5Zw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vicW9zCuQ5m8LxaUUmZnWQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vicW9zCuQ5m8LxaUUmZnWQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 139
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9abc6197-2712-4400-bcfc-37bf5b4501dc
Request Chain 140
  • https://pixel.onaudience.com/?partner=214&mapped=BE2716F7-30AE-4399-BC2F-169452666759 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0ebbabc8f069676fe2a9e60ff3fc0e78
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkUyNzE2RjctMzBBRS00Mzk5LUJDMkYtMTY5NDUyNjY2NzU5&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkUyNzE2RjctMzBBRS00Mzk5LUJDMkYtMTY5NDUyNjY2NzU5&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPVqgjKbK0cRBBlRnS_TFB0&google_cver=1
Request Chain 144
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:72346197-2712-4b00-98b9-5c699e4a7ee9&gdpr=0&gdpr_consent=
Request Chain 145
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1656506002516051173
Request Chain 146
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fa333b71-86fe-4481-b0c9-a823e9599e2c
Request Chain 147
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2420107947521994681&gdpr=0&gdpr_consent=
Request Chain 149
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BE2716F7-30AE-4399-BC2F-169452666759&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BE2716F7-30AE-4399-BC2F-169452666759&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-M4WMVARE2uVB..CGogfpxxaEu6We6Jo-~A&gdpr=0&gdpr_consent=
Request Chain 150
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0kklp9ZPLaLJSn3yhx0xqdFNLafJSi72gRoJ49kc
Request Chain 151
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559721635898175&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e1b4037d-54e8-471d-8d01-a5d017ab0847&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 153
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4284361552413621268&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 154
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 155
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:382689f1-fcd7-47d5-bb96-5a075f819b08&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 255
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZcnEgAFnq6JKABR
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC9A15iAdT6halFnIlMGvNA&google_cver=1
Request Chain 259
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW5VP6KR-J-E67I&sigv=1&esig=2~1cdc680ad2292178a5fca57fa02e34b65576ca4b
Request Chain 260
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/DxrlCbrLa8qKQ8CQBXWf-w?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8109887745374731003
Request Chain 261
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c1VlA2S1ItSi1FNjdJ
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=72346197-2712-4b00-98b9-5c699e4a7ee9&expires=28
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1&C=1
Request Chain 309
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZcnE94H3Za5DeInNSGw3gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHmdE0BfzW_e3olcoS71UDU&google_cver=1
Request Chain 311
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQyMDEwNzk0NzUyMTk5NDY4MQ%3D%3D
Request Chain 345
  • https://gcdn.2mdn.net/videoplayback/id/ddf4a1e1fec7faff/itag/43/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779089797/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8FC4B6D41426E6D295255C207826568A8BE46955.93D562C28B339B4AC69363F81ABC5FA4F17CAE59/key/ck2/file/file.webm HTTP 302
  • https://r4---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/ddf4a1e1fec7faff/itag/43/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779089797/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05408C22614F3502D9639F4F47C6C1BA24492965.257501AF7D72182711A7AD1CEC44DC2E3AEB9700/key/cms1/cms_redirect/yes/mh/rZ/mip/2a0f:9441:5:0:e5::1/mm/42/mn/sn-4g5e6nsy/ms/onc/mt/1637294885/mv/u/mvi/4/pl/48/file/file.webm

411 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 218540
hilight.kapook.com/view/ 		59 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
42b8ae3f5d6f11558511d533082c60d4b4611a7d82c9116e54d0ecfbdb289541

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
openresty/1.13.6.2
date
Fri, 19 Nov 2021 04:24:23 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
kp-cache-status
EXPIRED
kp-device
desktop
content-encoding
gzip
fontface.css
my.kapook.com/fonts/kittithada_roman/ 		387 B
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/kittithada_roman/fontface.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:48 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-183"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:48 GMT
fontface.css
my.kapook.com/fonts/chatthai/ 		321 B
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/fontface.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:48 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-141"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:48 GMT
css
fonts.googleapis.com/ 		1 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Kanit:700
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ff4ad5f791e76df0cdc0b00c109ef3e2cc952982be33a56cf2a1bb73fa8a229
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 04:24:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 19 Nov 2021 04:24:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Nov 2021 04:24:48 GMT
theme.css
my.kapook.com/css/portal/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/portal/theme.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
990361213a788f276de016ed7f9f42e96c2a4d91bb97bb59acf026ea9cbf4d56
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:48 GMT
content-encoding
gzip
last-modified
Tue, 06 Apr 2021 08:34:59 GMT
etag
W/"606c1d33-2909"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:48 GMT
main.css
my.kapook.com/signin_2017/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2017/css/main.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
303b701d48a7993b4176e72cf7e6f990959046b802acf41d0682d7344a40f4a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:48 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
W/"5c493593-116b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:48 GMT
jquery-1.9.1.min.js
my.kapook.com/jquery/ 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery-1.9.1.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:48 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-169d5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
92629
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:48 GMT
content_template2017.css
my.kapook.com/css-template2017/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css-template2017/content_template2017.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
07d5f877fd8af54f4fb1e1a562af64fdeba316d4b6e69a6d1aa6412c085f61da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:48 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 03:48:52 GMT
etag
W/"606e7d24-38a6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:48 GMT
lead-latest.js
cdn.thelead.tech/lead/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thelead.tech/lead/lead-latest.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.228 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p354-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Tue, 08 Jun 2021 09:22:42 GMT
etag
"60bf36e2-28da"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
must-revalidate, max-age=3600
accept-ranges
bytes
content-length
10458
widget-v2_kapookcom.js
code.th.giraff.io/data/ 		165 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.th.giraff.io/data/widget-v2_kapookcom.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d0638858ecf35cf9f8b25ea9875ae31051eb9c78c48317a5ee57de5ba5f798

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 18 Nov 2021 10:58:57 GMT
server
cloudflare
age
40
etag
W/"619631f1-295e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
6b06abcb9c464e67-FRA
expires
Fri, 19 Nov 2021 04:25:09 GMT
logo-kapook.png
my.kapook.com/img-portal/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-portal/logo-kapook.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-7206"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
twitter.svg
my.kapook.com/review/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/review/svg/twitter.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
632f5cd08bf1e4b618918edafe034f3ce838afe3b8a010b8fd26b08e79e50599
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-43d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1085
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
facebook.svg
my.kapook.com/review/svg/ 		492 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/review/svg/facebook.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
078485c2ef3f95d9c63732cb9445ba6814ee1b9f2cb6a2f9eaebc85a59227b3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-1ec"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
492
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
kapook_outstream_live.js
pubmatic.mainroll.com/a/ 		126 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pubmatic.mainroll.com/a/kapook_outstream_live.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-52.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
08f48429b130365be6ae4966880ebecaaf32bc11d8b9e2f1c6495dd92936d5e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:15 GMT
Content-Encoding
gzip
Age
33
X-Cache
Hit from cloudfront
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-ovp-host
vms-prod-frontend-spot-10-1-17-87
Access-Control-Allow-Origin
*
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
Cache-Control
public,max-age=90
X-Amz-Cf-Pop
FRA50-C1
Content-Length
22420
X-Amz-Cf-Id
A51AGdY9N49RFGM4vaKiXrhaa4iEKEAL5Mcv1wMxpQNM2ZQoJiNP8Q==
Expires
Fri, 19 Nov 2021 04:25:45 GMT
footer2018.css
my.kapook.com/css/portal/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/portal/footer2018.css
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
ad4958ed3cb815e2b8b1ff4ae13807cb6c4780403d1c79fd94b2ca56005fbefb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:48 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 08:20:20 GMT
etag
W/"61790bc4-15ef"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:48 GMT
ic-sv-01.png
my.kapook.com/img-services/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-01.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-b5a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
ic-sv-02.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-02.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-954"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
ic-sv-03.png
my.kapook.com/img-services/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-03.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-988"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
ic-sv-04.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/ic-sv-04.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-8e8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
icon-dailymotion.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-dailymotion.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
41f5f41fae57894923b9c02c9b5d619b8492bb1e4ab823a00cfd7dea2e70232c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2019 04:45:21 GMT
etag
W/"5cdb9961-7be"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
icon-fb.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-fb.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-6f6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
icon-tw.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-tw.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-7c7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
icon-yt.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-yt.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-6bb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
icon-ig.png
my.kapook.com/img-services/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/icon-ig.png
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-84e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
app-store.jpg
www.kapook.com/assets_2017/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kapook.com/assets_2017/images/app-store.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Wed, 25 Mar 2020 07:34:26 GMT
etag
"8fe-5a1a8e5e15276"
content-type
image/jpeg
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
2302
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
google-play.jpg
www.kapook.com/assets_2017/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kapook.com/assets_2017/images/google-play.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Wed, 25 Mar 2020 07:34:26 GMT
etag
"7cf-5a1a8e5e27b57"
content-type
image/jpeg
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
1999
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
swiper.min.js
my.kapook.com/portal_view/js/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/portal_view/js/swiper.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-178a3"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
96419
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
galleryPlugin-loadmore.js
my.kapook.com/portal_view/js/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/portal_view/js/galleryPlugin-loadmore.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
2257a1847773bc2f2273720e446fb019b71e6c4b2410ab2ff8c2961b7c538a0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 19 Sep 2019 11:25:04 GMT
etag
"5d836590-43a9"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
17321
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
head.load.min.js
my.kapook.com/jquery/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/head.load.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-11fa"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
4602
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
jquery.easing.1.3.js
my.kapook.com/js_emocomment/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/js_emocomment/jquery.easing.1.3.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-1fa1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
8097
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
jquery.worldjwplayer.js
my.kapook.com/jquery/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery.worldjwplayer.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
bf42d056ce8cf3ccacfcfcd4319b5f5d96a9bd63b60a2d0899f30cc209bf60b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-fa1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
4001
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
oembed.js
my.kapook.com/jquery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/oembed.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
44b1dfba3096651cfa5bf09eabf8e6ae420490fce25bfb4dcf8a46101549f9d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-841"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
2113
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
run_oembed.js
my.kapook.com/jquery/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/run_oembed.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1869a799ad8fcb8ed4f7ca265940db5656e2d369376e6a7c8ba2d0b041fedd79
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-507"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1287
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Server
2a03:2880:f21c:80e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:10:26 GMT
x-fb-trip-id
1679558926
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-encoding
br
content-length
4843

Redirect headers

date
Fri, 19 Nov 2021 04:24:49 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
ldc
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
0
dmp.js
my.kapook.com/js_tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/js_tag/dmp.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-466"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1126
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
tag.js
my.kapook.com/jquery/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/tag.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
38efc54eb97b294bf9f710239d5922ba7854186c13d9d39571e972fc5e6bc834
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Wed, 17 Nov 2021 04:45:52 GMT
etag
"61948900-8b3"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
2227
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
intersection-observer.js
cdn.jsdelivr.net/npm/intersection-observer@0.7.0/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/intersection-observer@0.7.0/intersection-observer.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2101076
x-jsd-version
0.7.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19132-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"57ad-m3EaUx6495LHE8zS0+QpFP8kqM0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b06abcb7dad5b3e-FRA
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.4.0/dist/lazyload.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2101072
x-jsd-version
12.4.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19142-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1926-ftj+zhhSvu4E/RMH3S02cxSkfWc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6b06abcb7daf5b3e-FRA
lazysizes.min.js
www.kapook.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kapook.com/js/lazysizes.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Wed, 25 Mar 2020 07:45:44 GMT
etag
"1b91-5a1a90e454b08-gzip"
content-type
application/javascript
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3307
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156743/740/ 		327 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f58089bd78c9c0bec016b4f773e16b083c2bd6b23e1241df58c6aedeff3410ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 07:51:06 GMT
server
Apache/2.2.15 (CentOS)
etag
"fe0ad3-51cfc-5ceafec82592e"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=157042
accept-ranges
bytes
content-type
text/javascript
content-length
101313
expires
Sun, 21 Nov 2021 00:02:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
pItaAt+fmCmljxilDwFv1NcXjsMfeHlYtQXdqu/rR6oxM9ld+l0df7jFgNgwMjToUWQ7+y67KHJl+ClooRmknA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 19 Nov 2021 04:24:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
client.min.js
api.dmcdn.net/pxl/cpe/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/pxl/cpe/client.min.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
f901876b0b270e9dec25e18a5b19e44b9a9a207a7eff6d560f7c9e96e117bd2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
age
66952
server-timing
total;dur=17, dc;desc="dc3"
x-amz-request-id
CTV0NH46YS2EW7F2
x-amz-id-2
ErrqQ+/ZeU5gpkUJh2Q9q+Pq0P3qE7ISv1rXaIZAjkaOBvMHc1ZifsznxQQUYegTkuODw3Sx/hM=
last-modified
Tue, 16 Nov 2021 14:22:24 GMT
server
DMS/1.0.42
etag
"b25378b76c8a5345d2ba7bd132594478"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
content-length
737
timing-allow-origin
*
x-llid
d1ba0c951353ca8b282d31fef8cef1aa
expires
Fri, 19 Nov 2021 09:48:57 GMT
sdk.js
connect.facebook.net/th_TH/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d1910a80fa9c415785ff71dd76a7826887136063b70ecf1b3c9e279b53d6da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vLBfz8oxPralicTaWCSjGA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
ucFijkL2mai73WrwfWK7JgjrTKAB929q8ozWnX4MB8eGiXuUnPV9wn/Te/FQQUarMXI8GpzHPsBxSjvS+fJspg==
x-fb-trip-id
686109401
x-fb-content-md5
a3b385a4ff70d7137749b79254a97296
x-frame-options
DENY
date
Fri, 19 Nov 2021 04:24:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"5ee6a8de5cc49ed520efc184a3255d41"
timing-allow-origin
*
expires
Fri, 19 Nov 2021 04:43:59 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2986
date
Fri, 19 Nov 2021 03:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 19 Nov 2021 05:35:03 GMT
arrow-down.svg
my.kapook.com/portal_config_desktop/header/svg/ 		213 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/portal_config_desktop/header/svg/arrow-down.svg
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.kapook.com/css/portal/theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-d5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
213
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
kit55p-webfont.woff2
my.kapook.com/fonts/kittithada_roman/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/kittithada_roman/kit55p-webfont.woff2
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/fonts/kittithada_roman/fontface.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://my.kapook.com/fonts/kittithada_roman/fontface.css
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
"5c492fea-5160"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
20832
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
CSChatThaiUI.woff2
my.kapook.com/fonts/chatthai/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/chatthai/CSChatThaiUI.woff2
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/fonts/chatthai/fontface.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://my.kapook.com/fonts/chatthai/fontface.css
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
"5c492fea-3fb4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
16308
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
a0000034.js
lvs.truehits.in.th/dataa/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs.truehits.in.th/dataa/a0000034.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.151.144.224 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
224.144.151.203.sta.inet.co.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cfcb7b75a5b1b0c3d9f5b29f93355561913f75d826274412810b0e9db55cb7ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 18 Nov 2021 07:02:00 GMT
server
nginx/1.14.0 (Ubuntu)
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
cache-control
max-age=604800
content-type
application/x-javascript
content-length
9086
expires
Fri, 26 Nov 2021 4:24:49 GMT
player.js
cdn.bluebillywig.com/apps/player/20211115.130354/ 		2 MB
329 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/apps/player/20211115.130354/player.js
Requested by
Host: pubmatic.mainroll.com
URL: https://pubmatic.mainroll.com/a/kapook_outstream_live.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1200:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c33a4a602c0a5bd19311d720325fbc3cdc25c66f0d8b36ef74f24eb6cff11c25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 03:56:03 GMT
content-encoding
gzip
age
1727
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
access-control-allow-origin
*
last-modified
Mon, 15 Nov 2021 13:04:58 GMT
server
AmazonS3
etag
W/"5df4b0c963b168748f4f4dbabe5f7b4c"
access-control-allow-methods
PUT, GET, POST
content-type
application/javascript
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
public,max-age=1209600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
HFHqXcXJ6T7r1uIhIuPRJQF6yuI4CTlKDxRSF0Et5hM5l9oXOsGlwQ==
ico-hilight.svg
my.kapook.com/svg-portal/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/svg-portal/ico-hilight.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
47fd2d89da6d57a193dcdfde77680f8b0511740db8df42efe176f7683e835e8b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Wed, 08 May 2019 06:43:54 GMT
etag
"5cd27aaa-3e2c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
15916
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
circle-list.png
my.kapook.com/img-services/ 		989 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/img-services/circle-list.png
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/footer2018.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.kapook.com/css/portal/footer2018.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:44:39 GMT
etag
W/"5c4934a7-3dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
icomoon.woff
my.kapook.com/fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/icomoon.woff?-3adk29
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e0fe3cf3f4b694a7bc4bb1b11462e00a89eebf156fdb9436f7f01c38fea73e26
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://my.kapook.com/css/portal/theme.css
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-11d4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/font-woff
access-control-allow-origin
https://hilight.kapook.com
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
sdk.js
connect.facebook.net/th_TH/ 		291 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/th_TH/sdk.js?hash=19f49740d5e9778e64764d7cce61b3fc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/th_TH/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00086bf343de593bb06048dcad34e5a1d13847bb3e2f06a5394053fbe06e2a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hilight.kapook.com/
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
cXQWea0Sb0AFk8uTjir33Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
84407
x-fb-rlafr
0
x-fb-debug
iCycmQt2PWtX6cWPDNYh9Ge3+LbaXm/BhmgVW/RiRWre+UmW23NtGcJQaxOOf7BQD+jDfdgJPnxuwbaH6r9ryg==
x-fb-trip-id
686109401
x-fb-content-md5
f3a7950b5921ce9b47f7444c7571a4eb
x-frame-options
DENY
date
Fri, 19 Nov 2021 04:24:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"1a4d0587cb82a9062f912c8b3a79476e"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 19 Nov 2022 04:24:00 GMT
162488171107136
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/162488171107136?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e6733c9c2e5a3b02f9a30a80822e46bf05ead43eb696a95b711f0f445e57b266
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88928
x-xss-protection
0
pragma
public
x-fb-debug
eIEoFpJRUImzZknooOW757JETChE97kxjAzxWvLcJgzv8KwFnkxGUcme9+va+5UIIZMuR9GxSaEzOLBAQ8IJvA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 19 Nov 2021 04:24:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
advert.gif
code.th.giraff.io/data/ 		34 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/advert.gif
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
cf-cache-status
HIT
age
1
cf-polished
origFmt=gif, origSize=43
content-disposition
inline; filename="advert.webp"
content-length
34
last-modified
Thu, 21 Oct 2021 12:25:13 GMT
server
cloudflare
etag
"61715c29-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 19 Nov 2021 04:25:48 GMT
cache-control
max-age=60
accept-ranges
bytes
cf-ray
6b06abcbec874e67-FRA
cf-bgj
imgq:85,h2pri
js
www.google-analytics.com/gtm/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TTM3PW3&cid=628602502.1637295889
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f551c1bc340a4c7d04aeb9401c8120959c8e5e674fe53cfc1ecb7e43cf00902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34898
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Nov 2021 04:24:49 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhilight.kapook.com%2F&domain=hilight.kapook.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://hilight.kapook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1598
date
Fri, 19 Nov 2021 04:24:48 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhilight.kapook.com%2F&domain=hilight.kapook.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=poVUHnw1UXJ0c2FvWkx2UjdGS2xkL0dsR3pTRE9Zb0plMXMxZzJzbnpPTlhIZTU5N05aa3lUNDZicW1lSUtyNWpmZCtBRFd4MWY1aDllK2J5WFdONFFGaE5KZmZkMmtNL0tYK0pRbkltM2xBS1IrMlA1Q25TaUNkZjVVME...
355 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=poVUHnw1UXJ0c2FvWkx2UjdGS2xkL0dsR3pTRE9Zb0plMXMxZzJzbnpPTlhIZTU5N05aa3lUNDZicW1lSUtyNWpmZCtBRFd4MWY1aDllK2J5WFdONFFGaE5KZmZkMmtNL0tYK0pRbkltM2xBS1IrMlA1Q25TaUNkZjVVMERiTGNIRVUrYmRvbmI4eXN0SThLNWZkckhaSjYxUnh0TnZmM3lxK1dOeTVRSVl6VDFpeVQ4RkVTdU5kRDIwTDdFbGw4SkJYUHFiU3lGQit3aFBoTElpYklkRTEwL1lQOG9XQXVwY09OeEt2bkF0aE4yRDY2dWRIQTlKdXR5bzM2bzFtWEZuZ0hRfA&cppv=2
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5662ae17afa4eae1c6bab0464e39ae66a43cd7d679a153ecfeacd983d88de975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 19 Nov 2021 04:24:49 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3451
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 19 Nov 2021 04:24:48 GMT
location
https://mug.criteo.com/sid?cpp=poVUHnw1UXJ0c2FvWkx2UjdGS2xkL0dsR3pTRE9Zb0plMXMxZzJzbnpPTlhIZTU5N05aa3lUNDZicW1lSUtyNWpmZCtBRFd4MWY1aDllK2J5WFdONFFGaE5KZmZkMmtNL0tYK0pRbkltM2xBS1IrMlA1Q25TaUNkZjVVMERiTGNIRVUrYmRvbmI4eXN0SThLNWZkckhaSjYxUnh0TnZmM3lxK1dOeTVRSVl6VDFpeVQ4RkVTdU5kRDIwTDdFbGw4SkJYUHFiU3lGQit3aFBoTElpYklkRTEwL1lQOG9XQXVwY09OeEt2bkF0aE4yRDY2dWRIQTlKdXR5bzM2bzFtWEZuZ0hRfA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1925
content-length
509
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
617f957bbfb2c3afadf6114f8a2a161113d66e1362d30837d440a2e321abb327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1048 / 963 of 1000 / last-modified: 1637276723"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26825
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:49 GMT
v2_kapookcom.js
data.th.giraff.io/track/ 		78 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/track/v2_kapookcom.js?r=&u=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&rand=0.5388481625657948&v=1_105_0&vis=1&callback=cbGeo271249508&sp=h
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
43.134.100.94 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
bd98b15ef22d320582f5b55b0a63a0ea2b676d7a873a0e3ad0ae62acf3169c88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=162488171107136&ev=PageView&dl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&rl=&if=false&ts=1637295889323&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637295889322.148445921&it=1637295889259&coo=false&rqm=GET
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 19 Nov 2021 04:24:49 GMT
ima3.js
s0.2mdn.net/instream/html5/ 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/html5/ima3.js
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20211115.130354/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ccb64cb52eff9e8c10713a938a73ec2461b8b1e71acef86c52cd7242c3b0090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 04:24:49 GMT
admanager.js
cdn.bluebillywig.com/apps/player/20211115.130354/components/ 		44 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/apps/player/20211115.130354/components/admanager.js
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/apps/player/20211115.130354/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1200:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d83682d408b8a5341dccb1e99215ef987833d80b13f28c2e19b91e1c4ea3df3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:05:00 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
age
1190
x-cache
Hit from cloudfront
content-length
44
last-modified
Mon, 15 Nov 2021 13:04:58 GMT
server
AmazonS3
etag
"3e5a0ee4658a47e9066d1c307c5ee323"
access-control-allow-methods
PUT, GET, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public,max-age=1209600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
DH75OagB09aPbJbRLWYmtAEaAoFDu_yv_3bCSBCWjMrpqk7sMdYUxQ==
ubuntu.css
cdn.bluebillywig.com/fonts/ 		555 B
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/fonts/ubuntu.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1200:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:17:30 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
age
442
x-cache
Hit from cloudfront
content-length
555
last-modified
Tue, 18 May 2021 09:41:13 GMT
server
AmazonS3
etag
"2a6307abebf25c55ddb0722a4b7ef277"
access-control-allow-methods
PUT, GET, POST
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
TWSsylejY5IpdRCHm3URoeVUkfY2TT0E490JTfV9t81PfNwGnZ8q_Q==
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889422&pp=pubmatic&ev=xst&id=5PY67Lh08SPY&et=Session&cid=0&xu=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&xr=&pt=%5Buntitled%5D&aup=1&aum=1&aul=0&sn=0
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
8V3vIUnmaLjLaDRLVHqEcQzBcSqS_HPLuc-IHUIjfGAcEWHrgeAing==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?vu=8449DF0E%2dF783%2d42D9%2dA52E%2d8B4058D9F797&pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889423&pp=pubmatic&pt=%5Buntitled%5D&pv=6.x&ev=it&id=0&ct=Kapook%20Outstream&pd=&vs=n%2Fa&rs=1600x1200&fs=0&mt=mainroll&du=0&xu=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&xr=&aup=1&aum=1&aul=0&ut=commercial&sn=1
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
ivL6ZNIwayhgn80WmETBDW_AhQ_mrHN0iOVVDIEXxPI29AGiZ468jw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=poVUHnw1UXJ0c2FvWkx2UjdGS2xkL0dsR3pTRE9Zb0plMXMxZzJzbnpPTlhIZTU5N05aa3lUNDZicW1lSUtyNWpmZCtBRFd4MWY1aDllK2J5WFdONFFGaE5KZmZkMmtNL0tYK0pRbkltM2xBS1IrMlA1Q25TaUNkZjVVMERiTGNIRVUrYmRvbmI4eXN0SThLNWZkckhaSjYxUnh0TnZmM3lxK1dOeTVRSVl6VDFpeVQ4RkVTdU5kRDIwTDdFbGw4SkJYUHFiU3lGQit3aFBoTElpYklkRTEwL1lQOG9XQXVwY09OeEt2bkF0aE4yRDY2dWRIQTlKdXR5bzM2bzFtWEZuZ0hRfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1175
date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
vary
Accept-Encoding
ubuntu.woff2
cdn.bluebillywig.com/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bluebillywig.com/fonts/ubuntu.woff2
Requested by
Host: cdn.bluebillywig.com
URL: https://cdn.bluebillywig.com/fonts/ubuntu.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1200:1d:47ad:2280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Request headers

Referer
https://cdn.bluebillywig.com/fonts/ubuntu.css
Origin
https://hilight.kapook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:13:44 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
age
667
x-cache
Hit from cloudfront
content-length
34260
last-modified
Tue, 18 May 2021 09:41:13 GMT
server
AmazonS3
etag
"5b23eeb3a32b30e91682d601535d2a89"
access-control-allow-methods
PUT, GET, POST
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
GAnYIaIB2OhaQr33T7Q_ZSx6HcxCdUmE63YM7jBDJG9d7wxItwVjHA==
collect
www.google-analytics.com/j/ 		4 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1462976491&t=pageview&_s=1&dl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&ul=en-us&de=UTF-8&dt=%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%A9%E0%B8%B1%E0%B8%97%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2%20%E0%B9%81%E0%B8%88%E0%B8%87%E0%B8%9B%E0%B8%A1%20%E0%B9%80%E0%B8%9A%E0%B8%99%E0%B8%8B%E0%B8%8A%E0%B8%99%E0%B8%88%E0%B8%B1%E0%B8%81%E0%B8%A3%E0%B8%A2%E0%B8%B2%E0%B8%99%E0%B8%A2%E0%B8%99%E0%B8%95%E0%B9%8C%20%E0%B8%AA%E0%B8%B2%E0%B8%A7%2021%20%E0%B9%80%E0%B8%AA%E0%B8%B5%E0%B8%A2%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%20%E0%B8%8A%E0%B8%B5%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%A1%E0%B8%B2%E0%B8%97%E0%B8%A3%E0%B9%88%E0%B8%A7%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAAADQAAAAC~&jid=1845283712&gjid=580335333&cid=628602502.1637295889&tid=UA-36103152-15&_gid=132347295.1637295889&_r=1&_slc=1&z=603099116
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1462976491&t=event&ni=1&_s=2&dl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&ul=en-us&de=UTF-8&dt=%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%A9%E0%B8%B1%E0%B8%97%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2%20%E0%B9%81%E0%B8%88%E0%B8%87%E0%B8%9B%E0%B8%A1%20%E0%B9%80%E0%B8%9A%E0%B8%99%E0%B8%8B%E0%B8%8A%E0%B8%99%E0%B8%88%E0%B8%B1%E0%B8%81%E0%B8%A3%E0%B8%A2%E0%B8%B2%E0%B8%99%E0%B8%A2%E0%B8%99%E0%B8%95%E0%B9%8C%20%E0%B8%AA%E0%B8%B2%E0%B8%A7%2021%20%E0%B9%80%E0%B8%AA%E0%B8%B5%E0%B8%A2%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%20%E0%B8%8A%E0%B8%B5%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%A1%E0%B8%B2%E0%B8%97%E0%B8%A3%E0%B9%88%E0%B8%A7%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Screentime&ea=Time%20on%20Screen&el=all-def&ev=1&_u=KGBAAAADQAAAAC~&jid=&gjid=&cid=628602502.1637295889&tid=UA-36103152-15&_gid=132347295.1637295889&z=277311712
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 23:31:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17614
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021111501.js
securepubads.g.doubleclick.net/gpt/ 		345 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118768
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:34:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		136 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hilight.kapook.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8fc532add3314545a52dde94fea2091845a6d1069005f831b7c40923db6f8ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Fri, 19 Nov 2021 04:24:49 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889541&pp=pubmatic&ev=xst&id=M8YYYwXmmUbx&et=View&cid=0&pid=5PY67Lh08SPY&pet=Session&fs=0&xu=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&xr=&pt=%5Buntitled%5D&iet=default&ut=commercial&sn=2
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
nVyOrsBx1XCKuZVmN8Lzh7EJHTTkkTDJ9zd-RpcShNzkDuouXKQuCA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889549&pp=pubmatic&ev=xit&id=kapook_outstream_live&et=~~02~~Unit&cid=0&pid=M8YYYwXmmUbx&pet=View&ap=inarticle&sn=3
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
hdresRJZqTWL9tcDecq0kDaptdi9ZPwpXcHIlrDQVAeyXwZ20cjVeQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889550&pp=pubmatic&ev=xov&id=kapook_outstream_live&et=~~02~~Unit&cid=0&pid=M8YYYwXmmUbx&pet=View&ap=inarticle&sn=4
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
g_XJt6kme7BaqNb8wKHzuywu9hJaHZKY3kEpxCOKVQgeRjisXUwVnQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889561&pp=pubmatic&ev=xit&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&sn=5
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
KQ3JiQ8W66aI3HAuptLd_N500U8i9OSGbDd3TvpJ68t2vQHn9wf-hw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36103152-15&cid=628602502.1637295889&jid=1845283712&gjid=580335333&_gid=132347295.1637295889&_u=KGBAAAACQAAAAC~&z=1825722183
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 19 Nov 2021 04:24:49 GMT
content-type
text/plain
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
graph.facebook.com/ 		232 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&callback=_grf_09881820934671381
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
baff1a934d373bb454702c82431c9c39a0503226583f69c784fe352c6c9da249
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004758908
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
176
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
ijW40ExCBtSL9A4t4G4KVWcr4xgl2szuCwME5xWPXFWhH2/hqWzPEe6MVNnqudzTu4Dk6QCifTfA3G6Vj1w8DQ==
x-fb-trace-id
EWdsqZxltrF
date
Fri, 19 Nov 2021 04:24:49 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AiUceHUBBvL10Rfd7SR87yF
cache-control
no-store
facebook-api-version
v5.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
share.php
vk.com/ 		21 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&index=0
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / KPHP/7.4.109351
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-frontend
front220007
server
kittenx
x-powered-by
KPHP/7.4.109351
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
41
dk
connect.ok.ru/ 		25 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
br
vary
Accept-Encoding
rendered-blocks
WidgetExtLike
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame C369 		580 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Tue, 16 Nov 2021 04:10:30 GMT
expires
Wed, 16 Nov 2022 04:10:30 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
260059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 04:24:49 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889637&pp=pubmatic&ev=xls&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&sdk=GOOGLE_IMA&sn=6
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
rotgpJOWiEg_ixVahF7At0cOJvOwo35xMgqEKU4x3zUKIKrmR3r55A==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
skrollr.min.js
my.kapook.com/jquery/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/skrollr.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
638b569a555e5237e935eaa674fca4ef1317347d53c41171b811759c47534d0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-211b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
8475
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
jquery.fbbutton.js
my.kapook.com/jquery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery.fbbutton.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
ab0335a147eedff460c9dcd5fd249b78606c81898e57db7397d1a4bacb962d5e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Wed, 09 Jun 2021 14:06:01 GMT
etag
"60c0cac9-2714"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
10004
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
main_2020.js
my.kapook.com/angular/app/content_relate/js/ 		779 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/app/content_relate/js/main_2020.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
ebd473d7f288cf6fc7cd00a65cece7f14fa649b25b4f47effd1acc7ad5f4c1eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 14 May 2020 02:53:48 GMT
etag
"5ebcb2bc-30b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
779
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
jquery.tagCenter.js
my.kapook.com/jquery/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/jquery.tagCenter.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
33ceac8852b43e0afb94ba6646ebda4654e9aba3c178e3d4819e4de6be134c8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-2176"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
8566
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
container_56d8ee121c51b14f6e964404.js
ssl-avd.innity.net/143/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/js_tag/dmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:15:51 GMT
Server
nginx/1.18.0
ETag
"5f48bd37-20f7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=503957
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3228
Expires
Thu, 25 Nov 2021 00:24:06 GMT
1
cacheportal.kapook.com/tag/compound/tag/218540/hilight/ 		539 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cacheportal.kapook.com/tag/compound/tag/218540/hilight/1
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.254.43.243 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a4ddcd5757f5558d4903a2552265e2387b184d2e2a13f62d4d30aa8e251b74b2

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
access-control-allow-methods
OPTIONS, HEAD, GET, POST, PUT, DELETE
access-control-allow-credentials
false
kp-cache-status
HIT
content-type
application/json
app.min.js
api.dmcdn.net/pxl/cpe/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/pxl/cpe/app.min.js
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/client.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
DMS/1.0.42 /
Resource Hash
b55bcf7b09c0d7240291d5bbecc7f8fefe5ecff76945f5cef6873b5974b6ae8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
age
66952
server-timing
total;dur=16, dc;desc="dc3"
x-amz-request-id
B5M2VWD5NPZHJJGE
x-amz-id-2
79u90NfRJvpPr4TcOhiz87rs9pl/H1xccnRYjEWUgo+BgxxhBl21PlTqjPvcEESrhzQb7lYR9/s=
last-modified
Tue, 16 Nov 2021 14:22:24 GMT
server
DMS/1.0.42
etag
"b35dcf5123f8e1540de25115010a7dd4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
content-length
18542
timing-allow-origin
*
x-llid
385e75a1b51d8646942f227baabf5f5e
expires
Fri, 19 Nov 2021 09:48:57 GMT
comments.php
www.facebook.com/v2.12/plugins/ Frame 351E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.12/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dba942a7ad1d8%26domain%3Dhilight.kapook.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhilight.kapook.com%252Ff29c90c49adfa24%26relation%3Dparent.parent&container_width=1200&height=100&href=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&locale=th_TH&numposts=5&sdk=joey&version=v2.12&width=1200
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/th_TH/sdk.js?hash=19f49740d5e9778e64764d7cce61b3fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
KT+HgrV2XH3L88CixKsgGv/o5uDaheko2018iml13NU8E7Kok9DPadAtFnefIqMraG7hIsMR+hbxP0cqdolkQw==
content-length
0
date
Fri, 19 Nov 2021 04:24:49 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889704&pp=pubmatic&ev=xiv&id=kapook_outstream_live&et=~~02~~Unit&cid=0&pid=M8YYYwXmmUbx&pet=View&abd=0&ap=inarticle&sn=7
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
pCi_wd0dMzX8uY-Ijneqg0MvyipBFzs0w260VKUHy6yoTgO7ynaIDw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 12A4 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 19 Nov 2021 05:15:21 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36103152-15&cid=628602502.1637295889&jid=1845283712&_u=KGBAAAACQAAAAC~&z=1848730688
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36103152-15&cid=628602502.1637295889&jid=1845283712&_u=KGBAAAACQAAAAC~&z=1848730688
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1_150.jpg
hilight.kapook.com/img_cms2/user/rungtip/2021/accident/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/img_cms2/user/rungtip/2021/accident/1_150.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
45d5e7cfe61e1d658856be3e90a9f57b4e79512497e2c47811cc7a44f430c75d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/218540
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:25 GMT
last-modified
Thu, 18 Nov 2021 14:11:24 GMT
server
openresty/1.13.6.2
etag
"2150073-214ed-5d110bbccdb00"
content-type
image/jpeg
cache-control
private, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
136429
kp-cache-status
HIT
2_141.jpg
hilight.kapook.com/img_cms2/user/rungtip/2021/accident/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/img_cms2/user/rungtip/2021/accident/2_141.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
c2ff7f70b3225dcf12a96550ca4184fefd931e935eb7ea139b427411ce0031a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/218540
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:25 GMT
last-modified
Thu, 18 Nov 2021 14:11:24 GMT
server
openresty/1.13.6.2
etag
"2150074-1f1d5-5d110bbccdb00"
content-type
image/jpeg
cache-control
private, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
127445
kp-cache-status
HIT
3_118.jpg
hilight.kapook.com/img_cms2/user/rungtip/2021/accident/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/img_cms2/user/rungtip/2021/accident/3_118.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
ea51adf4e82e91cf63f6ec6f08054cb7c7d332fc38521b5c057405a3ef4e9de0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/218540
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:25 GMT
last-modified
Thu, 18 Nov 2021 14:11:24 GMT
server
openresty/1.13.6.2
etag
"295016c-290db-5d110bbccdb00"
content-type
image/jpeg
cache-control
private, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
168155
kp-cache-status
HIT
i
delivery.adnuntius.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://delivery.adnuntius.com/i?tzo=-60&format=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.202.161.1 Rovigo, Italy, ASN20473 (AS-CHOOPA, US),
Reverse DNS
85.202.161.1.adnuntius.com
Software
/
Resource Hash
321691b61b4d66024fd0a56b52ace5707942bc2cb24e2b7479f8fd6e6de2ceab

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
content-type
application/json;charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-adn-backend-server-id
fb8e1ff5
x-adn-diagnostic-request-id
9bcbef4cec58ea7bc9b3aadcda713853
content-length
1332
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hilight.kapook.com
date
Fri, 19 Nov 2021 04:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: ssl-avd.innity.net
URL: https://ssl-avd.innity.net/143/container_56d8ee121c51b14f6e964404.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 06:40:46 GMT
Server
nginx/1.20.1
ETag
"61725cee-5149-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1817904
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6407
Expires
Fri, 10 Dec 2021 05:23:13 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2483007
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Fri, 17 Dec 2021 22:08:16 GMT
/
pebed.dm-event.net/ 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.59 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed2.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
5d5cee4ac52b3f494eabac4d
api.pxl.dailymotion.com/players/ 		926 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pxl.dailymotion.com/players/5d5cee4ac52b3f494eabac4d?fields=config
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/pxl/cpe/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
nginx/1.15.6 /
Resource Hash
f651e0344ed67b104b79c3b8cfb88260a7f5bc6bc9ed9a70737ac09b7bdc7289
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Content-Encoding
gzip
Vary
Origin
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Length
444
X-Dm-Lb-Name
icscale-01-01
Expires
Fri, 19 Nov 2021 04:34:49 GMT
Last-Modified
Fri, 12 Jun 2020 13:48:43 GMT
Server
nginx/1.15.6
Access-Control-Max-Age
0
Access-Control-Allow-Methods
POST, DELETE, HEAD, OPTIONS, PUT, GET, PATCH
Content-Type
application/json
Access-Control-Allow-Origin
https://hilight.kapook.com
Access-Control-Expose-Headers
Cache-Control
max-age=600
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, X-HTTP-Method-Override, Content-Type, Accept
X-Proxy-Cache
HIT
/
avd.innity.com/dc/cb/ 		59 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
46b0ab164ea126ec0a84ff9f6f17abc06fc6729f800e1c25cc22e793b98507de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Nov 2021 04:24:50 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
application/javascript
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame C369 		941 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.453&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
63be908d043a6114d7a0899b8089d75366a3293530a42f85988260320f5436c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
578
expires
Fri, 19 Nov 2021 04:24:49 GMT
/
www.facebook.com/tr/ Frame BE0A 		0
86 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://hilight.kapook.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
date
Fri, 19 Nov 2021 04:24:49 GMT
angular.min.js
my.kapook.com/angular/1.3.15/ 		123 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-1ebd5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
125909
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
angular-aria.min.js
my.kapook.com/angular/1.3.15/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular-aria.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-d05"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
3333
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
angular-sanitize.min.js
my.kapook.com/angular/1.3.15/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular-sanitize.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1c37b9f272a717c741e9294666fec7c6f3bdfb63ca3544803f4770668047c788
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-17c0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
6080
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
angular-resource.min.js
my.kapook.com/angular/1.3.15/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/1.3.15/angular-resource.min.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fc856d4345031aa1129a23530aa157b64f231ae829b8e1954a2c80ae14ac9d71
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:24:24 GMT
etag
"5c492fe8-dfe"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
3582
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
fontface.css
my.kapook.com/fonts/display/ 		326 B
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/display/fontface.css
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
bd14d25fb8b5f98af810efea7049fad966e15e3c4bae892398398cacf2950e19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-146"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
relate_th.css
my.kapook.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/css/relate_th.css
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
786c04f75c9e13cec3f0aceccba3e6a87d9e1dff0a905fbf89c32ec104793c88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:25 GMT
etag
W/"5c492fe9-b0e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
headLoadComplete.js
my.kapook.com/jquery/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/jquery/headLoadComplete.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
1cf1f7132ec2b6e9966d683b1fe193d130ae40191ec77e5449f3c3de6cb4456c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
last-modified
Thu, 24 Jan 2019 03:48:34 GMT
etag
"5c493592-646"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1606
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:49 GMT
csi
csi.gstatic.com/ Frame C369 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kw5vp5zc&c=519308075864&slotId=259654037932&fb=ima_html5-lima&sdkv=h.3.489.0&ppt=Blue%20Billywig%20Player&ppv=6.x&mrd=9&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44750822%2C44752052
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame E78C 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df10c6040524c148b213dba8cc1b5585a53e60d58cdc95e90a866dab5bbc3b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18601
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 23:24:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:35:26 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889894&pp=pubmatic&ev=xld&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&sdk=GOOGLE_IMA&sn=8
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
KyKkDAY9EsvYmiGdI-WpTyZPdQ-ssd4kgUsRiHW_MY9UG3hy_e_jjQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889896&pp=pubmatic&ev=xst&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&sdk=GOOGLE_IMA&sn=9
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
kOwDEiatyjhw6VHl0oeRFbtA_qMJvoCe_hCYBbGp6xp64H12oH4Zpg==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889897&pp=pubmatic&ev=xit&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=M8YYYwXmmUbx&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&auc=kapook_outstream_live&lic=kapook_outstream_desktop&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=GOOGLE_IMA&sn=10
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
hTeEmclOgrbTfAY5ZYnah6-B_XGc6agnTvB71U-B6HukUYABr4bJGQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889898&pp=pubmatic&ev=xls&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=M8YYYwXmmUbx&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&auc=kapook_outstream_live&lic=kapook_outstream_desktop&sn=11
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
BNGgWf7Ukzm6PtMOoRC9sAZZDVL3C8RNo-n_lFdCWxOQpKx8qZBsRw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295889899&pp=pubmatic&ev=xld&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=M8YYYwXmmUbx&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sdk=GOOGLE_IMA&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=60&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&auc=kapook_outstream_live&lic=kapook_outstream_desktop&sn=12
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:49 GMT
Via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
DrfdCVpHDjnk8jOFq6GpUPSt__YRQUBbuZObuo2ds8Ns5KzKLIlYsw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame E78C 		152 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.453&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		213 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2353647329389365&correlator=131847392289727&output=ldjh&impl=fifs&eid=31063378%2C31063246&vrg=2021111501&ptt=17&sc=1&sfv=1-0-38&ecs=20211119&iu_parts=16357739%2CBloomblock_Hilight_300x250_ATF_(18)%2CHilight_news_300_2_PC%2Chilight_news_728_pc%2Chilight_news_970_pc%2C1px_hilight_PC_inread%2Cskin_hilight%2Cgallery_desktop_728%2CHilight_inter_mob&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=1x1%7C300x250%2C300x250%7C1x1%7C300x600%2C728x90%7C1x1%2C970x250%7C1x1%2C1x1%2C1x1%7C1500x900%2C728x90%7C1x1%2C1x1&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&prev_scp=pwtsid_pubmatic%3D18e8b58f0a1a7ab%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D1916d32310f561d%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D20e19ef8c35a88%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2117540f8eb85b9%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2215ec35c9fe6ee%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D23d78827d688738%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2453ae26741cd3b%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D2567e40dbcd3de7%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&cookie_enabled=1&bc=31&abxe=1&lmt=1637295889&dt=1637295889930&dlt=1637295888019&idt=1695&frm=20&biw=1600&bih=1200&oid=2&adxs=1069%2C1069%2C436%2C315%2C231%2C100%2C-9%2C-9&adys=471%2C565%2C2180%2C439%2C639%2C301%2C-9%2C-9&adks=3445020646%2C719977154%2C937166789%2C4208516631%2C1060165196%2C1675199816%2C509936929%2C3326566163&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1578%7C300x1578%7C728x-1%7C1138x32%7C798x1568%7C1500x-1%7C0x-1%7C0x-1&msz=300x0%7C300x250%7C728x-1%7C1002x32%7C798x0%7C1500x-1%7C0x-1%7C0x-1&ga_vid=628602502.1637295889&ga_sid=1637295890&ga_hid=1462976491&ga_fc=true&fws=0%2C512%2C0%2C0%2C0%2C512%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0%7C0%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
465099f20f471b460cd64714cf19acb077d5d595581433a55ec85a1afb726d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46612
x-xss-protection
0
google-lineitem-id
5445907630,5446139414,5445910228,5445903754,-2,-2,5410249604,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138319899124,138319434761,138319899841,138319897714,-2,-2,138315487331,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5EE1 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 04:24:49 GMT
expires
Sat, 19 Nov 2022 04:24:49 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2021111501.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
b92e76492322bd18e6bd6349530801a40b3393253125784a1cb1df6e97d37beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:34:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:49 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 055B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56135
expires
Fri, 19 Nov 2021 20:00:24 GMT
date
Fri, 19 Nov 2021 04:24:49 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8E49 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.453&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=56135
expires
Fri, 19 Nov 2021 20:00:24 GMT
date
Fri, 19 Nov 2021 04:24:49 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame E78C 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.453&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 10:00:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96ae-5ceb1b98ba7c4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=56135
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13882
expires
Fri, 19 Nov 2021 20:00:24 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 055B 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62215683&p=156743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
30464051c94e5d8e58c23a199d488299e323daa29c32e4a36dc9e5cc93fcd618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
goggen.php
lvs.truehits.in.th/ 		91 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs.truehits.in.th/goggen.php?hc=a0000034&rand=918105&bv=0&rf=bookmark&web=rz6l7hZKSwGB4sE3dijacA%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=49DF6416.1&fp=d&fv=-&truehitspage=hilight_content&truehitsurl=https%3a//hilight.kapook.com/view/218540
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.151.144.224 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
224.144.151.203.sta.inet.co.th
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
server
nginx/1.14.0 (Ubuntu)
p3p
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type
image/jpeg
match
c1.adform.net/serving/cookie/ Frame 2D9F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=BE2716F7-30AE-4399-BC2F-169452666759
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BE2716F7-30AE-4399-BC2F-169452666759
35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BE2716F7-30AE-4399-BC2F-169452666759
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 19 Nov 2021 04:24:50 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 19 Nov 2021 04:24:50 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=BE2716F7-30AE-4399-BC2F-169452666759
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 088D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7718769723744663221
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7718769723744663221
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 19 Nov 2021 04:24:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug001:0:2430
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7718769723744663221
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 8A03 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Fri, 19 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
565300
Pug
simage2.pubmatic.com/AdServer/ Frame 13E1
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7032132301425997964
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7032132301425997964
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 19 Nov 2021 04:24:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug006:0:349
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 19 Nov 2021 04:24:50 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7032132301425997964
Pug
simage2.pubmatic.com/AdServer/ Frame A462
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZcnEgAFnq6JKABR&gdpr=0&gdpr_consent=&_test=YZcnEgAFnq6JKABR
1 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZcnEgAFnq6JKABR&gdpr=0&gdpr_consent=&_test=YZcnEgAFnq6JKABR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 19 Nov 2021 04:24:50 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug014:0:391
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZcnEgAFnq6JKABR&gdpr=0&gdpr_consent=&_test=YZcnEgAFnq6JKABR
accept-ranges
bytes
date
Fri, 19 Nov 2021 04:24:50 GMT
via
1.1 varnish
x-served-by
cache-fra19155-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1637295890.156319,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 2022
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCYXpVN0RMazRBQUN0SUptTVN5Zw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.68.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-68-151.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Fri, 19 Nov 2021 04:24:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Fri, 19 Nov 2021 04:24:50 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 055B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vicW9zCuQ5m8LxaUUmZnWQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vicW9zCuQ5m8LxaUUmZnWQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=82744
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 20 Nov 2021 03:23:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9abc6197-2712-4400-bcfc-37bf5b4501dc
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9abc6197-2712-4400-bcfc-37bf5b4501dc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9abc6197-2712-4400-bcfc-37bf5b4501dc
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 19 Nov 2021 04:24:49 GMT
/
pixel.onaudience.com/ Frame 055B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=BE2716F7-30AE-4399-BC2F-169452666759
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0ebbabc8f069676fe2a9e60ff3fc0e78
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0ebbabc8f069676fe2a9e60ff3fc0e78
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Server
51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
pikafka-5.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Fri, 19 Nov 2021 04:24:50 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0ebbabc8f069676fe2a9e60ff3fc0e78
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkUyNzE2RjctMzBBRS00Mzk5LUJDMkYtMTY5NDUyNjY2NzU5&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkUyNzE2RjctMzBBRS00Mzk5LUJDMkYtMTY5NDUyNjY2NzU5&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:380
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPVqgjKbK0cRBBlRnS_TFB0&google_cver=1
42 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPVqgjKbK0cRBBlRnS_TFB0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:445
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPVqgjKbK0cRBBlRnS_TFB0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 055B 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 18 Nov 2021 04:24:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:72346197-2712-4b00-98b9-5c699e4a7ee9&gdpr=0&gdpr_consent=
42 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:72346197-2712-4b00-98b9-5c699e4a7ee9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:403
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:72346197-2712-4b00-98b9-5c699e4a7ee9&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 19 Nov 2021 04:24:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1656506002516051173
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1656506002516051173
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:447
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1656506002516051173
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fa333b71-86fe-4481-b0c9-a823e9599e2c
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fa333b71-86fe-4481-b0c9-a823e9599e2c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:427
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fa333b71-86fe-4481-b0c9-a823e9599e2c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2420107947521994681&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2420107947521994681&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:375
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
541de0bb-c0cc-4514-8382-7d358292a12d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2420107947521994681&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
BE2716F7-30AE-4399-BC2F-169452666759
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 055B 		43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BE2716F7-30AE-4399-BC2F-169452666759?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BE2716F7-30AE-4399-BC2F-169452666759&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BE2716F7-30AE-4399-BC2F-169452666759&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-M4WMVARE2uVB..CGogfpxxaEu6We6Jo-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-M4WMVARE2uVB..CGogfpxxaEu6We6Jo-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-M4WMVARE2uVB..CGogfpxxaEu6We6Jo-~A&gdpr=0&gdpr_consent=
date
Fri, 19 Nov 2021 04:24:50 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0kklp9ZPLaLJSn3yhx0xqdFNLafJSi72gRoJ49kc
42 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0kklp9ZPLaLJSn3yhx0xqdFNLafJSi72gRoJ49kc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:512
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0kklp9ZPLaLJSn3yhx0xqdFNLafJSi72gRoJ49kc
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559721635898175&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e1b4037d-54e8-471d-8d01-a5d017ab0847&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e1b4037d-54e8-471d-8d01-a5d017ab0847&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:459
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e1b4037d-54e8-471d-8d01-a5d017ab0847&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 19 Nov 2021 04:24:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 055B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BE2716F7-30AE-4399-BC2F-169452666759&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4284361552413621268&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4284361552413621268&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:486
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4284361552413621268&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 19 Nov 2021 04:24:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:370
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:49 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 055B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:382689f1-fcd7-47d5-bb96-5a075f819b08&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:382689f1-fcd7-47d5-bb96-5a075f819b08&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:426
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:382689f1-fcd7-47d5-bb96-5a075f819b08&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 19 Nov 2021 04:24:50 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
app_t.js
my.kapook.com/angular/app/content_relate/js/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/angular/app/content_relate/js/app_t.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
2f54e8a76f78dc7236969087cfef1e06b5ef42fc4f96ab8c5dd29180e36267ec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
last-modified
Thu, 24 Jan 2019 03:24:25 GMT
etag
"5c492fe9-258d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
9613
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:50 GMT
signin-drt.js
my.kapook.com/signin_2020/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2020/js/signin-drt.js
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/head.load.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
last-modified
Wed, 20 May 2020 08:35:07 GMT
etag
"5ec4ebbb-c3e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
3134
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:50 GMT
/
graph.facebook.com/v2.3/ 		262 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/v2.3/?id=https://hilight.kapook.com/view/218540&fields=og_object{engagement}&access_token=370377049760317|319b3e98932ed33ff3315808c9b53879&callback=jQuery19107618084227284538_1637295889174&_=1637295889175
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
73cbce14c5fd57abf58ec408e249185f14703c2885a37fd469addc2c99c981ad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"ba2b76fddf7e3fb0a258aa4cd9e30c6bdae109a4"
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
cross-origin-resource-policy
cross-origin
x-fb-rev
1004758908
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
185
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
1o1HFb5M6onUUWuX+zMrxCNjtZt2zuStCw4sICd2zKeBCqOjRV/R6pp7tW2b4fXi3Dz1l7NRQaPdsJ0Cp+hKiQ==
x-fb-trace-id
FVIs9CWI/jQ
date
Fri, 19 Nov 2021 04:24:50 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AMLkN6JsN-RKjiW0jkCmKRE
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v5.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
list
a.giraff.io/rtb/match/ 		237 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.giraff.io/rtb/match/list
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.161.16.131 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9cb46df45ab7550f47004e885582a412d0b5008c3d8e5b67bdea86db4aaf450f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hilight.kapook.com
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
399294.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399294.js?json=1&async=1&cs=utf-8&rand=0.29166371569412153&num=1&as=&callback=callback5567399722771675
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
f721bcad48ab572477de1c1b5f547cd92c52beb0afc5cd6681b6d604aecb3b42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
4_95.jpg
hilight.kapook.com/img_cms2/user/rungtip/2021/accident/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/img_cms2/user/rungtip/2021/accident/4_95.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
fc8c790b6a33e61d31a8d3904d28d2c58ad4ad9daf87a18e4d253eb61e96391d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/218540
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:26 GMT
last-modified
Thu, 18 Nov 2021 14:11:24 GMT
server
openresty/1.13.6.2
etag
"295016d-142a8-5d110bbccdb00"
content-type
image/jpeg
cache-control
private, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
82600
kp-cache-status
HIT
5_65.jpg
hilight.kapook.com/img_cms2/user/rungtip/2021/accident/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/img_cms2/user/rungtip/2021/accident/5_65.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
461936dc0a0933f6e2ccb6004a5c9e571303d356c8da26517f3fb2b57e2e0068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/218540
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:26 GMT
last-modified
Thu, 18 Nov 2021 14:11:24 GMT
server
openresty/1.13.6.2
etag
"295016e-1560d-5d110bbccdb00"
content-type
image/jpeg
cache-control
private, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
content-length
87565
kp-cache-status
HIT
1418238997
s.uuidksinc.net/match/246/ 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/246/1418238997
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
sync.cgi
ssp.adriver.ru/cgi-bin/ 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=77&external_id=1418238997
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync.gif
stat.media/counter/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.media/counter/sync.gif?system=directadvert&ext_uid=1418238997
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sm-server1-1.ssel24.imcmdb.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
Server
nginx
Content-Type
image/gif
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
expires
0
1418238997
s.uuidksinc.net/match/618/ 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/618/1418238997
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
my-profile.html
my.kapook.com/signin_2020/templates/ 		1 KB
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/signin_2020/templates/my-profile.html
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/angular/1.3.15/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d3b3a603c3c709ff564c8f2e3ea5703116008e997674664f3f341ead54bd6958
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept
application/json, text/plain, */*
Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 08:52:41 GMT
etag
W/"5ed8b659-4b4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:50 GMT
bulk
connect.thelead.tech/event/ 		77 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/event/bulk
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.228 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p354-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
bdc42aa4a949710671f730141ba5a5b67a8cfac29d8b501646b729c210ca5f21
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
vary
Origin
content-length
77
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
view
securepubads.g.doubleclick.net/pcs/ Frame 6B9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYntlsZ29Imk4379aJfz0iph2YiwNSlkICOE3KqgvUtT2bJr5yCqgkQrlAh3tFrmg8ThhL7Su9-HUl7_uWizXvFqHQ8orlB8SgmwvohqwOiO_-E4BRV00y9XVOiPkeqzbeD8Pq3v-T3vwF9kI49utciR0u6wNJI5qbbd_dTGw8bsXuZOrb4OKgYL6OiUzRA3m47aWx3i0eM1F4Zarthub7ZoV09u0WDTirhCrTF-qgbTEE4nKXofobzNdthusThmQH8B8oOQxVzyDENY6wALjhtPDD8n34APctKDenDXdQmK5WB6djWDBJId7ff_-2D0plUYnqrvLbBwhKD6Ih0yNJmBTWCM9v&sai=AMfl-YSTKXu1qZ-vDZZhyrR5_YlvIMDvTusqmHhgXGZkonJsPvst8yJO4HHKyCR6V60IUqFLPxO-OGFzO7MpCq7SHVCulH8-zX2JXsaPiv3rfIzDbkPxTowUMlrEPEePsTU&sig=Cg0ArKJSzLWXn_iedRUPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame 6B9D 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2351
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Fri, 19 Nov 2021 05:04:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6B9D 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:24:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 017F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWHdApLEWD2g3KcUxK9KiO2HcVbDRBgbm7J4-1S2dpSgviyLjo8PtnYHwCPIyln0eX85HV5Lxt8BYbOZLv7v0qwXsPfAE52fn3W_VBQIP7kFUs_NFRyOmG84tZR78CKBQ2SocY3QhdNsdU8x61sAfRDoPFCQcaxTKy6O8996kBSiBY0prXjYJujYIosZc1LE1Os04bM0A2OObVlVn1hiqPGZf_FV9uudmXfhWc-0ykOOMasR4e2QHOWuPgCJHO8HOb7XFuyuNBWt7JzNDFfb-56MEb_0UkKEGNOlrNna4uLhRkmGSoO80GFAqf0seuKnk8k0bFnKW2498&sai=AMfl-YSZrXjliTytgwQuUV2uk047UclQAwwv9cfzOrK1qyBhmi1d8vVIxcuUtQJ-yGmI06XNg5nIMwXp8U-17q_vyDaO4Gu0imn_PtFNkm53BNUwkLbeztAwLyfyL3K6YTk&sig=Cg0ArKJSzOD5Mi76D5DGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame 017F 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2351
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Fri, 19 Nov 2021 05:04:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 017F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:24:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0844 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwJ3B4ySyT-UEJ-S6L5NBgIDnyHRerqbJfmEaWWFHhPt7Kz3J8aW8AWTxlbaJ2ope8uTGfQ8SPHzrn6o4V7Vp5k34aYQEYzEUBWuJYcljKqPUwGW7ID33avOr5urfOXU6hg3n12ev59eBSNih_OjNbKiT077gsDupbZ-8dSBzN03JSQRP_ZCGM9vZNU5ifNAtl6eN9LFLWvCyeXRPCie2OWTvAn0QJ6VlWRK-TLnZLv7_Az-luddWuO2o4HW-LQYi7xJCyBC92dhAU4sb37z9D2fFJIOpKZbYGg4ecmVNDFqp4gsHH-6M_cfBodU-ag0YRmqo&sai=AMfl-YSu3kwbtdwlp-qkpdjY7OSqc0AL50dnO62v_Lb7aiY8z8qfjru7ewfsYtbPAuQSkXKFeLa9jHDfVhHBQwQ_YD6UU4v4odgrggSVrvAi0GpH0FBGqVDcwEYDtBOVvGo&sig=Cg0ArKJSzJy7kegOsn2dEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame 0844 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2351
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Fri, 19 Nov 2021 05:04:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0844 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:24:50 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame E78C 		27 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=449&vw=798&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+7+6&gdpr=0&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&cb=1637295889954&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-11-19%204:24:50&ranreq=0.1309915431158537&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156743&siteId=670822&adId=2752542&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=0&vw=798.453&placement=5&vtype=1&vpos=1&vplay=1+2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=&gdpr_consent=&schain=&us_privacy=&kadpageurl=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 5C43 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRgC47rJUxwaa3hAbNDLJxl-qWALK30ag1mXhN7e8Qrzynmxu2ZsVgYMe7IFtBSZQQdlZBd4WkONaO7JwNpi3Osg2SNYEIXHrsbuwuYnGgRHfDgmjPWssaDyynn6TqnMbw3HRUPb5tfjtg0z6HHwbdTK_pmVVAEiPytlG5axuuTIf1hfAo9YtNfHHU9gBlfwqRGCpjTRSonW7WJJuv4cuN4RLUmh1kgqCW7JQh2zPZna_1GY9RQbdY6IS-y4b6op8QjuUa-w69hERHoA4FmmM5cyG1Gh-hceOIzF2_jpMXD6bzLdhhsBjze-Xadg9jdmgPGhAw&sai=AMfl-YSnMBOuN0aHLiBnHRtGTuHrLcC0LxkHU0-A1LnAVm-cvPiwJiUdFVcqBZsUAvHvpX0zHtbBehd93GGu4HirUe5i5y31vieYYVoA9n8AqfFNycSTL4tGIkg1_fnS-QQ&sig=Cg0ArKJSzNGGxUmdHkPpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
22392.js
ads.rubiconproject.com/ad/ Frame 5C43 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22392.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2351
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Fri, 19 Nov 2021 05:04:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C43 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:24:50 GMT
container.html
88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 947B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 04:24:49 GMT
expires
Sat, 19 Nov 2022 04:24:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
me
api-center.kapook.com/v1/market/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-center.kapook.com/v1/market/me
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
kuid
Origin
https://hilight.kapook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-type
application/json; charset=UTF-8
content-length
21
vary
Accept-Encoding
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
me
api-center.kapook.com/v1/market/ 		55 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-center.kapook.com/v1/market/me
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/angular/1.3.15/angular.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f

Request headers

Accept
application/json, text/plain, */*
Kuid
Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
access-control-allow-headers
X-Mx-ReqToken,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Custom-Header,Upgrade-Insecure-Requests,, X-Requested-With,Accept,Content-Type,X-Custom-Header,Upgrade-Insecure-Requests,Kuid,Kcuid,Token,Origin
content-length
79
ic_create.svg
my.kapook.com/signin_2017/svg/ 		630 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/signin_2017/svg/ic_create.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-276"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
630
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:50 GMT
ic_settings.svg
my.kapook.com/signin_2017/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/signin_2017/svg/ic_settings.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-476"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
1142
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:50 GMT
sign-out.svg
my.kapook.com/signin_2017/svg/ 		709 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/signin_2017/svg/sign-out.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-2c5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
709
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:50 GMT
switch2.svg
my.kapook.com/portal_config_desktop/header/svg/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.kapook.com/portal_config_desktop/header/svg/switch2.svg
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/css/portal/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.kapook.com/css/portal/theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
last-modified
Thu, 24 Jan 2019 03:48:35 GMT
etag
"5c493593-2f4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
content-length
756
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:50 GMT
1774396-15.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 017F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774396-15.js?&cb=0.37994761399426324&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f1f779cf00fa560698197236fefc380cc09cc19ac832f97341f4acbaefcd492a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1014
Expires
Wed, 17 Sep 1975 21:32:10 GMT
1774394-15.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 6B9D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774394-15.js?&cb=0.6670367631187677&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
92e4092dbacfbf189bb993d6c7a884b97c810676465275dd4cc343d1b28f5766

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1028
Expires
Wed, 17 Sep 1975 21:32:10 GMT
1774398-2.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 0844 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774398-2.js?&cb=0.31735777247206687&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2c4dfa47688b11bbd75dba8e7c3b30416dd39e2de1c842d3330b4fce3ebcfbae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1004
Expires
Wed, 17 Sep 1975 21:32:10 GMT
1774392-57.js
smarttag.rubiconproject.com/a/22392/330930/ Frame 5C43 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22392/330930/1774392-57.js?&cb=0.0741198741267779&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22392.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c89c9fc7bc0bcd36a7b5a9ff75bd3f7a977a184759edc2bb53a4f65770c7c9e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1007
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
avd.innity.com/dc/ 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=143&cuid=ca3a0ecf5539c096035fe7d0381afe36&cb=1637295890545&douid=&sess=166716972.143.1637295890544&dur=0&ref=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&srf=&pk=&pt=%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%A9%E0%B8%B1%E0%B8%97%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B1%E0%B8%99%E0%B8%A0%E0%B8%B1%E0%B8%A2%20%E0%B9%81%E0%B8%88%E0%B8%87%E0%B8%9B%E0%B8%A1%20%E0%B9%80%E0%B8%9A%E0%B8%99%E0%B8%8B%E0%B8%8A%E0%B8%99%E0%B8%88%E0%B8%B1%E0%B8%81%E0%B8%A3%E0%B8%A2%E0%B8%B2%E0%B8%99%E0%B8%A2%E0%B8%99%E0%B8%95%E0%B9%8C%20%E0%B8%AA%E0%B8%B2%E0%B8%A7%2021%20%E0%B9%80%E0%B8%AA%E0%B8%B5%E0%B8%A2%E0%B8%8A%E0%B8%B5%E0%B8%A7%E0%B8%B4%E0%B8%95%20%E0%B8%8A%E0%B8%B5%E0%B9%89%E0%B9%80%E0%B8%9B%E0%B9%87%E0%B8%99%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%A1%E0%B8%B2%E0%B8%97%E0%B8%A3%E0%B9%88%E0%B8%A7%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
Last-Modified
Fri, 19 Nov 2021 04:24:50 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=ca3a0ecf5539c096035fe7d0381afe36&type=cookie&itmcb=1637295890545
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
Last-Modified
Fri, 19 Nov 2021 04:24:50 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
track
aktrack.pubmatic.com/ Frame E78C 		0
0
track
aktrack.pubmatic.com/ Frame C369 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156743&s=670822&a=2752542&ts=1637295889&wa=0&e=96&ier=901
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-length
0
content-type
text/html
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295890581&pp=pubmatic&ev=xpf&id=kapook_outstream_desktop&et=LineItem&cid=0&pid=kapook_outstream_live&pet=~~02~~Unit&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A101%2C%22errorMessage%22%3A%22Invalid%2FEmpty%20VAST%20Response%20from%20PubMatic%20~~02~~%20Server%22%2C%22actualErrorMessage%22%3A%22%3CVAST%20version%3D%5C%222.0%5C%22%3E%3C%2FVAST%3E%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&sn=13
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
io5hR1NfebIyACRz_ggTrOYa3FFMBbbktf044tKU2qzVuryhxgsFUQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295890583&pp=pubmatic&ev=xit&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=M8YYYwXmmUbx&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&auc=kapook_outstream_live&lic=kapook_outstream_desktop&~~00~~p_ap=1&~~00~~p_ib=false&~~00~~p_md=0&~~00~~p_pi=0&~~00~~p_to=0&~~00~~p_ta=1&sdk=&sn=14
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
nNBSJ4TKffOwUPQIg92jMDdJSVupqmvneQ-TlcQU2kqQrrTwgp4CrQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295890584&pp=pubmatic&ev=xpf&id=l7dqwKQlhiy6&et=Creative&cid=0&pid=M8YYYwXmmUbx&pet=View&abd=0&at=generic&ap=inarticle&ar=https%3A%2F%2Fvpaid.pubmatic.com%2F~~00~~s%2Fvideo%2Fv~~00~~tag.html%3F~~00~~type%3D13%26pubId%3D156743%26siteId%3D670822%26~~00~~Id%3D2752542%26v~~00~~Fmt%3D3%26vapi%3D2%26vminl%3D5%26vmaxl%3D60%26vh%3D0%26vw%3D798.453%26placement%3D5%26vtype%3D1%26vpos%3D1%26vplay%3D1%2B2%26vskip%3D0%26vcom%3D0%26vfmt%3D1%2B5%2B6%2B7%26sec%3D1%26gdpr%3D%26gdpr_consent%3D%26schain%3D%26us_privacy%3D%26k~~00~~pageurl%3Dhttps%253A%252F%252Fhilight.kapook.com%252Fview%252F218540&why=~~02~~Error%20901%3A%20An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%20Caused%20by%3A%20Error%3A%20Error%3A%20%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A101%2C%22errorMessage%22%3A%22Invalid%2FEmpty%20VAST%20Response%20from%20PubMatic%20~~02~~%20Server%22%2C%22actualErrorMessage%22%3A%22%3CVAST%20version%3D%5C%222.0%5C%22%3E%3C%2FVAST%3E%22%7D&~~00~~i=PM_VPAID_~~03~~&~~00~~t=VPAID&~~00~~s=PubMatic&~~00~~l=true&~~00~~d=60&auc=kapook_outstream_live&lic=kapook_outstream_desktop&sn=15
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
5DBrb5KHelb50ikStkqTaOgNmPPCec_NFeDJFO9sf950JBo83hHpNQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=bqDP6grbq4if&prid=&ts=1637295890591&pp=pubmatic&ev=xfn&id=M8YYYwXmmUbx&et=View&cid=0&pid=5PY67Lh08SPY&pet=Session&abd=0&fs=0&sn=16
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-111.fra50.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
rRCRkoQx20_ktE1Sv2qEkKhlUYWF33_p0IgTolwbZeiKQpFRgt_xvw==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6B9D 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774394-15.js?&cb=0.6670367631187677&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
8a3b04610b638de417f7fcc5f16dd25402e366cf46579fb0610749660a1aafa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1048 / 26 of 1000 / last-modified: 1637276723"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26816
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:50 GMT
usync.html
eus.rubiconproject.com/ Frame 0D7D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774394-15.js?&cb=0.6670367631187677&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Nov 2021 04:24:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
c05124a9-61c9-4ba8-b97c-34aacc940d56
beacon-fra2.rubiconproject.com/beacon/d/ Frame 6B9D 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/c05124a9-61c9-4ba8-b97c-34aacc940d56?oo=0&accountId=22392&siteId=330930&zoneId=1774394&sizeId=15&e=6A1E40E384DA563B7458E21AF51EC93132C093BBFCBF7C7903D489D8551B0F2FCBEA37B74FB9E68225CA88A8D6564A83172DB22D3B21A9B5FCC6EEF238692D9A105952823B0B1B62B8EFC21D83CF2A4C63AF685AF18256F3EA7A332F0F32A4B935CBE611646138C98FFA74A694F614E4D82D574BB593C59832997889F1DA11D8
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 6B9D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0598f6bd96146e80c02b36de081942587425b10757f98d935aa70a1c760cb32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5C43 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774392-57.js?&cb=0.0741198741267779&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1048 / 850 of 1000 / last-modified: 1637276723"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26822
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:50 GMT
usync.html
eus.rubiconproject.com/ Frame D2E0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774392-57.js?&cb=0.0741198741267779&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_57&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Nov 2021 04:24:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
834bdbe0-225a-40eb-85e4-e7a767739010
beacon-fra2.rubiconproject.com/beacon/d/ Frame 5C43 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/834bdbe0-225a-40eb-85e4-e7a767739010?oo=0&accountId=22392&siteId=330930&zoneId=1774392&sizeId=57&e=6A1E40E384DA563B5A75C119D56F50DD25ADCABE32DA92A780F21F1627F47986A8F89921123D8F24E2CA747742FB9191172DB22D3B21A9B52A314D5F40754816105952823B0B1B62B8EFC21D83CF2A4C63AF685AF18256F3EA7A332F0F32A4B9C49F716F59A6AEA994DEF051553E6CEAD82D574BB593C59832997889F1DA11D8
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 5C43 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a682188b461bbbcf5da4add2ec9ca4ba86d9cbf1c19fae6def913a84f8da0c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0844 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774398-2.js?&cb=0.31735777247206687&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1048 / 322 of 1000 / last-modified: 1637276723"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26822
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:50 GMT
usync.html
eus.rubiconproject.com/ Frame 06B5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774398-2.js?&cb=0.31735777247206687&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=330930_2&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Nov 2021 04:24:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
180b19ac-624b-4d83-9847-c1f2d69fb5bf
beacon-fra2.rubiconproject.com/beacon/d/ Frame 0844 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/180b19ac-624b-4d83-9847-c1f2d69fb5bf?oo=0&accountId=22392&siteId=330930&zoneId=1774398&sizeId=2&e=6A1E40E384DA563B0F9CDA820604D4350829FDBCFDD2B82CB09B5D491816636F50596CBF3CC0B1121A835BF8B27B733E172DB22D3B21A9B5FCC6EEF238692D9A105952823B0B1B62B8EFC21D83CF2A4C63AF685AF18256F3EA7A332F0F32A4B90CE1096DEA0C9A072F681A2D753127BB06ED968E8680843595BCEA9A1A431B34
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 0844 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cfd6be94f5fe5fed376b185db31c537e0ae0eada1c6877ea81312368aea4c8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 017F 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774396-15.js?&cb=0.37994761399426324&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
537f05a68252d9bfd7f05788fdf4f0755f1d7408855be918a5cfdc893050ea14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1048 / 632 of 1000 / last-modified: 1637276782"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26933
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:50 GMT
usync.html
eus.rubiconproject.com/ Frame 25C2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/22392/330930/1774396-15.js?&cb=0.37994761399426324&tk_st=1&rf=https%3A//hilight.kapook.com/view/218540&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=330930_15&rp_secure=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Nov 2021 04:24:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
2c58b008-e981-482d-b3d2-29ce77b0c307
beacon-fra2.rubiconproject.com/beacon/d/ Frame 017F 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/2c58b008-e981-482d-b3d2-29ce77b0c307?oo=0&accountId=22392&siteId=330930&zoneId=1774396&sizeId=15&e=6A1E40E384DA563BC955FAED2D13323CE372F795641EFFA1C39A626B268EB87FB55BFEC0F35E4759424105C3BFD9432C172DB22D3B21A9B5FCC6EEF238692D9A105952823B0B1B62B8EFC21D83CF2A4C63AF685AF18256F3EA7A332F0F32A4B95C89A9B4755CB9167A8E61F182D621E906ED968E8680843595BCEA9A1A431B34
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:50 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 017F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5063b4d545a41e524c13af9e390b6aafdb06f8c1d3167162ef5c9d20f660a54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2021111501.js
securepubads.g.doubleclick.net/gpt/ Frame 6B9D 		345 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118768
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:34:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:50 GMT
thumb_20572_58b668c360712.jpg
cms.kapook.com/uploads/tag/21/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.kapook.com/uploads/tag/21/thumb_20572_58b668c360712.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.241 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
278435d6363e75af1589f34c3a2be4ad950a3fcbeada286ef6a0282436c2ddbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
last-modified
Wed, 01 Mar 2017 06:22:59 GMT
etag
"4a0211-2f06-549a5580976c0"
content-type
image/jpeg
cache-control
max-age=1800, private, must-revalidate
accept-ranges
bytes
content-length
12038
kp-cache-status
MISS, HIT
expires
Fri, 19 Nov 2021 04:54:51 GMT
thumb_5541_56f8facad26aa.jpg
cms.kapook.com/uploads/tag/6/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.kapook.com/uploads/tag/6/thumb_5541_56f8facad26aa.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.241 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
42c56f0c2feff0c1c40ed1ee9f28c3deec7b29edefb43d50502f6a6d48623949

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
last-modified
Mon, 28 Mar 2016 09:35:06 GMT
etag
"4ae0bd-4603-52f18a0bcc680"
content-type
image/jpeg
cache-control
max-age=1800, private, must-revalidate
accept-ranges
bytes
content-length
17923
kp-cache-status
MISS, HIT
expires
Fri, 19 Nov 2021 04:54:51 GMT
usync.js
eus.rubiconproject.com/ Frame 0D7D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e914bfc9c6e45d94cc0e9c1b75a2f7180428f46ecce8e2695731853c9602c6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:00:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79086
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9512
Expires
Sat, 20 Nov 2021 02:22:56 GMT
usync.js
eus.rubiconproject.com/ Frame D2E0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e914bfc9c6e45d94cc0e9c1b75a2f7180428f46ecce8e2695731853c9602c6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:00:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79086
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9512
Expires
Sat, 20 Nov 2021 02:22:56 GMT
pubads_impl_2021111501.js
securepubads.g.doubleclick.net/gpt/ Frame 5C43 		345 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118768
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:34:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:50 GMT
usync.js
eus.rubiconproject.com/ Frame 06B5 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e914bfc9c6e45d94cc0e9c1b75a2f7180428f46ecce8e2695731853c9602c6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:00:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79086
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9512
Expires
Sat, 20 Nov 2021 02:22:56 GMT
pubads_impl_2021111501.js
securepubads.g.doubleclick.net/gpt/ Frame 0844 		345 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118768
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 09:34:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:50 GMT
usync.js
eus.rubiconproject.com/ Frame 25C2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e914bfc9c6e45d94cc0e9c1b75a2f7180428f46ecce8e2695731853c9602c6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:00:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79086
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9512
Expires
Sat, 20 Nov 2021 02:22:56 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame 017F 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 19 Nov 2021 04:24:50 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 6B9D 		248 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=hilight.kapook.com&callback=_gfp_s_&client=16357739&gpid_exp=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
f1259058440967c44906abd94210fd46d4d09da874483152e3495bedf41ebfd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 6B9D 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6B9D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6B9D 		27 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2738726165626683&correlator=3835430497415869&output=ldjh&impl=fif&eid=31063205%2C31063138%2C31060032%2C31062930&vrg=2021111501&ptt=17&sc=1&sfv=1-0-38&ecs=20211119&iu_parts=16357739%2CBloomblock_Hilight_300x250_ATF_(18)&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C336x280%7C300x250&prev_scp=passback%3Dmagnite&cookie=ID%3D404367f25c1adfed-22427affdbcb007e%3AT%3D1637295889%3AS%3DALNI_MbUNE4801XC0LF3pZSE77SKMjphUQ&cdm=hilight.kapook.com&bc=31&abxe=1&lmt=1637295890&dt=1637295890803&dlt=1637295890456&idt=336&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1069&adys=672&adks=3850129567&ucis=up68xuyybxrm&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&top=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=628602502.1637295889&ga_sid=1637295891&ga_hid=1995723841&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
0155a6be45616060c044f3889a174d71a8cbba6bccf0d2bfecb3ef8c3911a601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13788
x-xss-protection
0
google-lineitem-id
5409938773
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138315522807
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7a4b54d052e77aee9c6d2a1cfefa2a6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 543C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7a4b54d052e77aee9c6d2a1cfefa2a6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 04:24:50 GMT
expires
Sat, 19 Nov 2022 04:24:50 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 5C43 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5C43 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5C43 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2584317764332855&correlator=771483194677528&output=ldjh&impl=fif&eid=31062930&vrg=2021111501&ptt=17&sc=1&sfv=1-0-38&ecs=20211119&iu_parts=16357739%2Chilight_news_970_pc&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C1x1&prev_scp=passback%3Dmagnite&cookie=ID%3D404367f25c1adfed-22427affdbcb007e%3AT%3D1637295889%3AS%3DALNI_MbUNE4801XC0LF3pZSE77SKMjphUQ&cdm=hilight.kapook.com&bc=31&abxe=1&lmt=1637295890&dt=1637295890837&dlt=1637295890484&idt=345&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=2&adxs=315&adys=390&adks=1922974829&ucis=tfqwbsc3p3i3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&top=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=628602502.1637295889&ga_sid=1637295891&ga_hid=1274056840&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
7f2e4ff471eeb00fdcfe65903def339eb79d799e649f39d9f3bf2d98caf175df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9674
x-xss-protection
0
google-lineitem-id
5409937915
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138315522582
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D81 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 04:24:50 GMT
expires
Sat, 19 Nov 2022 04:24:50 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 0844 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0844 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0844 		26 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3676277363720707&correlator=2450967875340025&output=ldjh&impl=fif&eid=31062930&vrg=2021111501&ptt=17&sc=1&sfv=1-0-38&ecs=20211119&iu_parts=16357739%2Chilight_news_728_pc&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90&prev_scp=passback%3Dmagnite&cookie=ID%3D404367f25c1adfed-22427affdbcb007e%3AT%3D1637295889%3AS%3DALNI_MbUNE4801XC0LF3pZSE77SKMjphUQ&cdm=hilight.kapook.com&bc=31&abxe=1&lmt=1637295890&dt=1637295890853&dlt=1637295890464&idt=381&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=2704&adks=691421833&ucis=opvn0umv4k91&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&top=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=628602502.1637295889&ga_sid=1637295891&ga_hid=844753734&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
35e8d116088a6759d383a2997d73a401fc6ab313eca6999bfcc4a6d805baf133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13443
x-xss-protection
0
google-lineitem-id
5410249604
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138315487331
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8e0ab5ebbb37c1d093bdd9d464d1c135.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2356 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e0ab5ebbb37c1d093bdd9d464d1c135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 04:24:50 GMT
expires
Sat, 19 Nov 2022 04:24:50 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 017F 		57 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
977f35f75dfb224977b278c01ff5bd8fb73f53fcaec7480681eb779e34177f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22094
x-xss-protection
0
server
cafe
etag
9350601024229784641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 05:21:47 GMT
integrator.js
adservice.google.de/adsid/ Frame 017F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 017F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hilight.kapook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 017F 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3647816196294294&correlator=104842250089046&output=ldjh&impl=fif&eid=31063798%2C31061691%2C31061692%2C31062930&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211119&iu_parts=16357739%2CHilight_news_300_2_PC&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x250%7C336x280&prev_scp=passback%3Dmagnite&cookie=ID%3D404367f25c1adfed-22427affdbcb007e%3AT%3D1637295889%3AS%3DALNI_MbUNE4801XC0LF3pZSE77SKMjphUQ&cdm=hilight.kapook.com&bc=31&abxe=1&lmt=1637295890&dt=1637295890926&dlt=1637295890461&idt=411&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1069&adys=1000&adks=999895451&ucis=sp7oyewizr0v&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&top=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&rumc=3647816196294294&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=628602502.1637295889&ga_sid=1637295891&ga_hid=214168669&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8314f0c861f269e2e5291161165b859d86b07cde4f207c8670836454ef721494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9095
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 36EC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 04:24:50 GMT
expires
Sat, 19 Nov 2022 04:24:50 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 947B 		4 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 04:05:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 19 Nov 2021 04:24:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Nov 2021 04:24:51 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1060 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 04:19:32 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 1060 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 03:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1509
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 03:59:41 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1060 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 04:16:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1060 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:24:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1060 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 04:22:15 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 1060 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 11:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 11:25:57 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 947B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db8deb30d5cecf873a6361b5410aed53a439e46072dcd6af4dc2481e44ea2a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8141
x-xss-protection
0
server
cafe
etag
15959965552278146708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 04:22:18 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 947B 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 03:18:30 GMT
x-content-type-options
nosniff
age
176780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 17 Nov 2022 03:18:30 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 947B 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
URL: https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 14:21:19 GMT
x-content-type-options
nosniff
age
223411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 16 Nov 2022 14:21:19 GMT
tap.php
pixel.rubiconproject.com/ Frame D2E0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZcnEgAFnq6JKABR
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZcnEgAFnq6JKABR
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637295891.981065,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZcnEgAFnq6JKABR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame D2E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC9A15iAdT6halFnIlMGvNA&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC9A15iAdT6halFnIlMGvNA&google_cver=1
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC9A15iAdT6halFnIlMGvNA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame D2E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rubicon
match.adsrvr.org/track/cmf/ Frame D2E0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame D2E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW5VP6KR-J-E67I&sigv=1&esig=2~1cdc680ad2292178a5fca57fa02e34b65576ca4b
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW5VP6KR-J-E67I&sigv=1&esig=2~1cdc680ad2292178a5fca57fa02e34b65576ca4b
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KW5VP6KR-J-E67I&sigv=1&esig=2~1cdc680ad2292178a5fca57fa02e34b65576ca4b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D2E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/DxrlCbrLa8qKQ8CQBXWf-w?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8109887745374731003
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8109887745374731003
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

date
Fri, 19 Nov 2021 04:24:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8109887745374731003
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D2E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c1VlA2S1ItSi1FNjdJ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c1VlA2S1ItSi1FNjdJ
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c1VlA2S1ItSi1FNjdJ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D2E0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=72346197-2712-4b00-98b9-5c699e4a7ee9&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=72346197-2712-4b00-98b9-5c699e4a7ee9&expires=28
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

Date
Fri, 19 Nov 2021 04:24:50 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=72346197-2712-4b00-98b9-5c699e4a7ee9&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 19 Nov 2021 04:24:49 GMT
csi
csi.gstatic.com/ Frame C369 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kw5vp612&c=519308075864&slotId=259654037932&fb=ima_html5-lima&sdkv=h.3.489.0&ppt=Blue%20Billywig%20Player&ppv=6.x&mrd=9&aab=1&itv=1&met.4=err.kw5vp6kf&aec=901
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
399296.js
a.th.giraff.io/data/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399296.js?json=1&async=1&cs=utf-8&rand=0.8880995546392005&num=2&as=&nodupes=1&callback=callback8320386310422054
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
43f52a5e6e725ca87b9453e061f3564454d1da9d6b632431eb66896d2a7d4539

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
view
securepubads.g.doubleclick.net/pcs/ Frame 6B9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfmDc-7nyLHD7vpPZDsvZu-QnJjOUJ13rsTizhJCA4azzhyKWfJRoa6B3gpZ2roqS4kZkZY_wvSpzk5mAxZlD4ARx_apST14n54vv5-BEIRzTFQ0B8fRLeyhyZ7RL8Tx0WfuD5mnSHFozs9aR8EEAmzwdm38XOs6ZKFxJKNE0WoJpRy6NgUcIG5mmXU3KUUo_W5oLucuI4pY9LqmsRmfJ5IAchPhsB4MGo37IULTAmcFI0X4UCrgnME4Gm6DZb8uYnTSqx0V4GmhxQVzDf67BYe9_KkYDXsPzs1WKMbnPdtGxX9ZlKF05Nb3lqFgYXwJNAreQDYQhrYg5roPvsb6piF8rV_6oD-zc&sai=AMfl-YTE3ZHaoV62XyHwjeqz6h07cpcFSX-HpZ5QKberLNXNQGds996yKde35w7J7RRi7C7l20rC4_xEDuxDHHWKoAJ7mnN_FOs296amXcx8kLHAfUyyv5ilbsJKQCw1dnU&sig=Cg0ArKJSzPBnaLpuHVJ0EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Nov 2021 04:24:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6B9D 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65febccb1cfc56bd6a3cc5fa437eb899e774d6415a2165ba2f4edf3195082813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9336
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5C43 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6lWP7CYAIZqtIgK9R2Ykv-cecxNTl-iVf1vNJ9lflUX9hrDp2IBoDsmGB9F0mm4XqJuFYjphoegos5B2GUpcla6N-XpafDLdl32Agc83bd7vrltiQ3m-zNmr_wgF_WxvYDCH6jljdtV-SFXsJd_RMivI078lkNJeeYsdhtfbi7VG82wXrLuEo3-2nbKgTKuxYq_lFkmeroBtQiy69uW2NIgmu0b046KaD5IRBqOApKmTNClukzPRrkbzfui1aDvNtR-ItsOzGKPTyBiWIg-DlRRkvNe_qQwUSM6NtRePhHHZsWajOCsRAkLJ-x04V5xPCN5cEYEY&sai=AMfl-YRfRjYQspFY3m5exNfGY7ZxKkTHTB4xnpfEAM6dD65glqgs7of_c5SF-KGG8_22XABBIJJP8ZzkB111UgZOmnpXVtV8Er8clf9ZmBFEl4CwTFmaf4dvDs69qKXfVoI&sig=Cg0ArKJSzHwoU18YDnO6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Nov 2021 04:24:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5C43 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10c3d6d47481598c6001fc73ad888736c907cdb8e5e2ffb2e8ebb9f0610e1c49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9258
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0844 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqoFi8d20cG5U7QDpW4d-6pURArtxC4ZrKF3v6qyggzJJLeqyNDg71bpugVs9C_UA8PV39XqFKFVVlQaKWBZVcht0Hpas91keLSy3CjDGG6oOs-8-GbpXwm8tutwatIaQerORiMvu48L8I6GE4Edx-UQOSDvlQoKGg6NRX-1UOeVjCVVpPox_cCKr-6-mheMxZjTbC4In9-yTkMjxz2odSvTcLRxpSHaLzpbtuVHNgJhQ9m0akyly5Xa3Pv68_X2xhxGVnteOm1pt1E93PJSLA4GCqH9y1fP22yQyjw3qX7bhcnsrz-Vo0PQRRwUskcUFOadVcHg&sai=AMfl-YTYeQDlg6erip2hZQTOs_Rfn0zZOJ_ChtI8rPWJzL99uNxG211bMVj-wvW8W322vG_P3IjD0G7hR_1r4_GO_Mt2AXIQcpJhwC05Lwugpr0oxERJE4hz9nfWSIVLBf0&sig=Cg0ArKJSzIDyiS8TyMOoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Nov 2021 04:24:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0844 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bacf58b209770d37b89b09e4710b8e560266636d2d4c9a8451fbfa848d807fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9186
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6C51 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWcv_TvJLNiCKt3eSx_TI_3GioUc3FLlGDVvmVug67gsBAMyOv2oSvPKgomGm9Fm1tn2YJZgyCpUfMK5YfCqXhUNByFnfSvr7LBSF-or-QCQ4u4Rtzn1VRE4WRFOvpfkH8szuWXfRF_JUHcmzbnvlMT60dZjvwuTQULS-fUZMFfKm6s4KeliXJw7jE23nJLR4pAbi69X8zxJqwwzgGJ8YiSItSKY0PqER6ualjvDUx_YDC9KqfpcgxXV3I-oq_FJT-M6sSFhlLxxinKUDZOuUPz3_f_qs7ydih6smQmWOcHYsC2z6LLmCpPo-qyEtRig&sig=Cg0ArKJSzI6ybpTZgskpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs.min.js
code.createjs.com/1.0.0/ Frame 6C51 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:39:51 GMT
728x90.js
i.kapook.com/gorralit/kapookmarket1/728x90/ Frame 6C51 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/728x90.js?1593426663539
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
5c3cce8b8b874c74b9689d26608f7ca173bbf1982a809be6ee9670ebb9c38824
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
last-modified
Mon, 29 Jun 2020 12:11:54 GMT
etag
"5ef9da8a-658c"
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
25996
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C51 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:24:51 GMT
container.html
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34F9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 04:24:50 GMT
expires
Sat, 19 Nov 2022 04:24:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6B9D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 19 Nov 2021 04:24:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5C43 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 19 Nov 2021 04:24:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0844 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 19 Nov 2021 04:24:51 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 34F9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
URL: https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 18:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Nov 2022 18:51:14 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 34F9 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
URL: https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:39:51 GMT
970x250.js
i.kapook.com/gorralit/kapookmarket1/970x250/ Frame 34F9 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/970x250.js?1593422211847
Requested by
Host: b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
URL: https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
288f6e8c235a885732fe11fbb164377baa2a8571f7bb7d589cd575e1e1873031
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
last-modified
Mon, 29 Jun 2020 12:01:38 GMT
etag
"5ef9d822-573b"
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
22331
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 34F9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
URL: https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:24:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 34F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNH67dsAG3OLdEHyQdLXFkwqT5gPDfsmGOPYL0SHN78jWNOJz261rV4zMFkyENNFgF9uL_2KwZAJZk8E3XN9aNqRE86TGyvPg7Iu62U51Vd0qgP6fFTZvx6-46T5qwZlQBflI2fiT8KoCxfg7v68_jJUsBkSeb7PqY6GFnLr8YvvUyivrN3DBE09vSkW0uzbqSSNDH-jUjoeaZfGlcd61Z27sqL01UZr5uoe7fbhdfT05gk1BB_S0LY5gfc0gFJ8aWFAlgHHcb8NB-POBWIEys6zCoNVZ_4w-ufIlRbs5Y1ybtQPvqOE4wnRSSh9tyiMo&sig=Cg0ArKJSzNGxF18imyOBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
URL: https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 558F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 18 Nov 2021 21:31:05 GMT
expires
Fri, 18 Nov 2022 21:31:05 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1F82 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bbaa45ca63d2a369ce0752b1606cf67de2d689b320f1111277ed9ce97f29aeac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sZkO/4r6F1CGhj7JMCJtIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 19 Nov 2021 04:24:51 GMT
date
Fri, 19 Nov 2021 04:24:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-sZkO/4r6F1CGhj7JMCJtIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A4A2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 18 Nov 2021 21:31:05 GMT
expires
Fri, 18 Nov 2022 21:31:05 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 921B 		783 B
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d26533b4db9d039646b9f6fca8708bf3fe96e18eb851e38da43aa1a579145b4e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sRJLXNkuCx6bwDRW8T31yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 19 Nov 2021 04:24:51 GMT
date
Fri, 19 Nov 2021 04:24:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-sRJLXNkuCx6bwDRW8T31yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C707 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 18 Nov 2021 21:31:05 GMT
expires
Fri, 18 Nov 2022 21:31:05 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8089 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a36e915e6d259a73087a05d749dcbc1a7333c391af215218e87278f50ae45e2b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QxKO4PyPF+SQMrPcp82qmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 19 Nov 2021 04:24:51 GMT
date
Fri, 19 Nov 2021 04:24:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-QxKO4PyPF+SQMrPcp82qmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 19 Nov 2021 04:24:50 GMT
expires
Sat, 19 Nov 2022 04:24:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111501&jk=2738726165626683&rc=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 921B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111501&jk=2584317764332855&rc=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8089 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111501&jk=3676277363720707&rc=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 558F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
201480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 20:26:51 GMT
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame A4A2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
201480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 20:26:51 GMT
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame C707 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
201480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 20:26:51 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3E1A 		624 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhjJsYW4ATAB&v=APEucNWYHWgqmP-akp8xVj-eIcof_w7SGq54D58zqxP7H-cgz3WVFOYH8yGkH2fZ3ib1vXs344AlCS5PHLka3zbEnSstkaqak7LMUJtcomENg8Zj0ZmxSE53EjpX35hcB2tZ4WG5IYSYJEsshhjXkdjJOYRHibppdBpFdjNqIA0FRrUh2J9PUMc
Requested by
Host: eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
URL: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 19 Nov 2021 04:24:51 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Nov 2021 04:24:51 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D5AB 		73 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5B2MtChr7uUTTMeqToNgraLUMIaSZ2TVGv60wlFZbySmGWysHTABwfnysgWrTPp9E3YYwKe9oOlCmynW8fanO-RCnlGn6IAcNxiFJ1A4TnaAUta-wZZIug2QQWHW9mjyHTSE7yJrKoXxLRRYscwJY5u9-Ag&dbm_d=AKAmf-C0JkRqijq-ZRk5-oIAqtIzw5aKqwf5kv6hJUoWB9LcIQ93oe2fxowvP8HAKSOu1QYNOghG-k1xi9XPGs65aUHQzXhUoOdkVvg0UuB1sRgy2GaNC3DW7-IByhoTRyf5LDbbfCa3goQanc4HnLt-h5zQKBv1Zhry5kyv2PziIzvhVMERE4U408y5VOBJpOa0VZzp1ZXZAAAm4y1lwbiERpaBZS8LdQJU2OnzYKklM8EXs8QpR8ExwP5KVODh8piejqwtVdWkiJkS26duKZ7a13WhR3cyQ7q10u5dE3uj3V6nki68e-gvHPkHeRYdUECbA1dm7-4tuHdJOOwhoTqDhf8maWEZGu4-hpouqnQcVXhnCh1U4b-x_-9IRjRFZOTImmmf3aI2D4_zycIc61XG6Jw5GriFxzC-ajxJ-guRbS4ytObQESaTd1PnAWdA9BgKJVhg7F-gRz9HG057yRaT7rnPN7hOrGS_Y1035U3D5wrubMcadktwU8bp-EwVipHhwiREnN_SCT7Gc_nM5jcXbJLZwBPJDjFEbFs8AdBpYIoTER4nwHDvkKotNCvYclRkCcfRpmQlPBDf3xzhEwlsQ-JBx8P_D6_Ybql8rxaCD5axIqIzzF9MfktVQcVA4sofVVGh0z5iugX07z42ihLW39iNByzFAtEYeF6F_M-UwYWvgFihmVmxUcXjzjisvitmZ5BjWosVFmJNeJtQPi7zUwXu6ePUu9FbP_Xi0uMaVmyorJGTn452xH_fOwG691bhwpIWApnDY639gwnBbf9bP_POq1KNJaWCJbgpSohm8N9N96spkMMlyej6xAYXe1R1FlzlZwvc4sQ0kjANbvtl-dy8e_bIcvdMFWaibWGjrltWiGWUUUv87ZFgUnX9zPQT6JEHbbBLTYMcDLC0DrUBrAjLrwbh6T35DlHADNgejzn0mGUZgdnaNpdNVj-jtt8Iq1o7on2pZlKBtbyCLDEjw8ZKTs4Dah-Lk803CCyC4yMa4BW1f8zhlwnpyMf0ohY8BqqmqlHEFlcjTHpqSxlBpnFf1nevmZ5ZaGmp_C_3PqecH86iuMkZX7rQSqciu8V_Vt1lB8ve2TOnIIPO4kbqgsm4Yc3cHmd-5k4iub74swo_gh2KhKvnAND2O0htxYfwif2A9g-LPGe4EoF3v1oCsXuK6md5UoqombiW_WYYurM_58p3St4pOXM942QaDStnmRUUdroijDkJFNvLoWemKQoUH7ptoJHww_NTVejuqJQgQa0v2ARoqlGvbHh_LoFgof28ujQOPQO3arZ1_UwoG3OGHJPbybELFTjLFbn3Wkj6ndm_etH2RqLZdTAcI8t7hTmlXv6Ox2gLVBI22mkgmi0QxJQyEUqloB2FpAnrDyr9UU1Htd_Za6o6CjTLd1dYwxbi-7Nmn4pM9qqyJtBzhGU1k8-eroQLi6Ybbwx_cxoieIuwRIQVmMlp40wcs-27ykhf20Mjlt2at_puowF4epehmtSauSC7L5jmqN9G6DpG2hi1w2rqn3RhFq0b_jxMvEBFUUZVf_54ioNJW4ZtuUDj6PH78kUjPX2f9hf2Tx_eOf1RcTba097_SnyM_VQ-mSDICzB6D-sJJmQ-Zd8iIhxRD1nSwY5rf36J13HYUm6HR93dlBj1a1PlxMjx7W9lVhXbtuBA5dyqKDiZ5PRLuQhB3K6mm6_3k2c3wO0Ma0MIyXPBK8IjxwII0CCqhVUzMuY92NvREpkyW3N5o0i921EBnHgAn3tjHAvJoseY1FhDlJweXEQi0wF77JEv-PyLImc_NWkAtfD1IgMt3XGUb3nG4bW9dtmrcLnDmc9iMHPLWIo2b1Xhl2lns-byqVUyrKOexIcw8f0u5-KbiyPr8wmFVUzoQZlbz9j8voWv_uCQrcrbi4msZstgNqw-u7xluMw3NTfeNRIoMwZAQWevxHRJb-abLqGVHcs4EoTtGpbVyy3dj4Xp2U8F5JOITKBcqRFFNVKsp279eY32xDFMaHY6GV86NMBV3TobU-nNkxbUR0qJg0sSnDgKdHPvwJbSpH9unCM705byPTWmq0n0vP19ii2sRY3iwpyohNIdoT-CpXi2S4LijiJ06wFlb_E0ew80a-pn5pZuzvUaw4YL7sUORSZM-QL41CgpPL_waLvCeAUtb6PLV3Vo_jRT1tW4BGxbc62MgAUKJiDjO7lz5NcXjdw3yWIc2nyfhXRlvUc43mSKmcEOzIV5K5Iry8lAHyu5dbcdeXfeIK1Do-ApO4C8o7QQJ3YiJ8UpdIjypqfe-2NcPxfHwB2ePPT72P9ZOgpDGMThcKizxngHRtrpyFV03Pr_4fl4Qlvilbf3ihFoWRkA_-WCpiKpCtUtkSnsigCH8Z5LWJUc2p5jUTXUUeREG57GvJZtWBB1QmGYYrkfPGTUSPrkTGvdweDXqhnN68NtpTgGApuYsyx85zEZAMGWmkjznDYUROJz4yTfJiXka0iHqFxMnRZvfpTfrFML65FZJaIKLjfp-uvdNmeJTZ8Kqy0umtMgpA48v0llrnxyCHBvIA7anxYjYCVgFxD34osk7EC1h383I_07EWz6udbR3Sqm3vdOA-6lGfKnXN75s9eWFNAHdyvWN7b6-mXGzz6t5K0EIHsYQAcWIVTYA_IBDb_SMGmJgRPQMGToGoSp26-G947bqvNak6IwSvUMYvG_uOK3M0wMdY1l9sKF8snELvQJQJxByy9bIHiQvhymf_DTL4LTmhDK_bNleDqFqBbYOmubWryMQ3YrqzoYRBx6KavFyNtHqWPAEzsTanKT5v_pWlimnSSD8D_7I9apTTaz3oliKAyw486Xh0R3KElnOEY31TTB6j1x7TQI6BwrJl-KgcpI07NM4O2Bo2F7Ktxc6Yx4fcHxx2MOV-5ZbYgyHaJGCQ-80Slyo_ObpcEbRMoRJmapJHuwdVG_Kzp7Iemg1nuG-k9YZRgU2kMrf9FZdI7CWEycoCP3wCWxZMDHdsKc8-9SudZlQvfglJQGF8BDoTNmV-ythrgBbzpjLDYNpxr2ttEwRP6PKVFMGtkzbFW8igDHh17G8Em_JNeSN4P93_MtkCgoolQCR2HvujI9-AP43zPMNBF_7QzkUUo7FewigoXKI4l7zbzLyjVh3F9v6UtHinZ1AuKMp8rLOh7SuI4HxVRkux7bBk-l-Oq_asX8-Puz46aSiTyRcL4XK7NmjIHsLvaRzjGa3fbNqMuppvIq7zsJjcCnHqVEP_9nU7w7VQwMQorGKNnJi4EHx3wpXEiDehcXfjR6Gj3H99DHJVukqU62Q1SdsQWDBW_muAm2Kzvjh2CWJBRUV2zNQTdG2TJXxt63RQB0CT7vLUO3MGN7rDu5DLABSAnziAqW9hdjoxtdBMFuWfLS_al_u_ZQyXVU4kjV-6vDqZ8mraum8uZi-Mn2ygel4TD_ZaYOp6wZ9phMHwRwmWxn-N6gmP2i9Nx7SwmaUoFHtsB3V3Orw_WsOVhncrdZJAzYe6RFUQvyz_gWwsK2V4cRa4ec3lUWBEttIkXo5iGCH8bFDYKmYacRRvrWDnyzRRKx1UKXzW0Hewo1GY74VrTDrGcBpfb70616NlAnkBdYS_uqo1oACsBBUkiFaRaKs5P25JZphCT2IHlnjAtAxRK007mcwN1RkaXE8TczWhMhWwKOETWO9ZAlWuMvG3Ba0CDt01-efGjiOaJMtePDo9LkOLz6aJRmgb7XHjTPfpId5TGP4qw9KCOt8ttTAuRvbjeAPoM-K1sZIB1a7iwRhN1fnzRE_kzeOipAVMJxMq79Mk-NF3qAkPbwzQVtBEDIHLiNJmByrSwZpvtMcYG7ZMxc13CQHo3ZTyhQs1s4VeqxzVhkv4WNdBm_loTF_cOmG99PDelezpr3mBUXgL7LKJbIeEuEA-Uaaq1w&cid=CAASEuRoHtw0xIK5Wl2kywa_P2dWlw&rfl=2%2Chttps%253A%252F%252Fhilight.kapook.com%242%2Chttps%253A%252F%252Fhilight.kapook.com%252F%240
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3b8e2eae4eb8f3e1b4132f8f7bac7c2aa5582b5d9a41d85983e960a0bc382926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31346
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5AB 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1znhqM4SHtQhO_XM-q20qgwGZmA1bGqTYVBXq5EzOcrYrpbwoddnsB1yoRC29fvFxQ82QuyD6cYgyc24gMCS367idAJpLnho23ECte6vkuIhMX2A
Requested by
Host: eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
URL: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D5AB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
URL: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
528
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 04:16:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D5AB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
URL: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:24:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D5AB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
URL: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 04:22:15 GMT
l
www.google.com/ads/measurement/ Frame D5AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGlNtQvWIZfgHGAuM_p3G3Z6bdSFJlbUblqozGD2U8YTdOAC9axjXcYQS1ftuc3LAcXaHl5FdaQCtI_hkCTBqrWl01zA
Requested by
Host: eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
URL: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 1218 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuemf9FjvqrAARuxcyLaBk5Q-6zf7htxSdR4H6tTL4l4n78n_q1bqtPDbHqr40hymTL64MnPsiM44Sd1VpzY__cisr-lqhlC0AOH587kH7NrO_yeSW-Xd7WQVSK5_XXl_1atwkg117BFMwqR2_Q0dZ528_sf9jAQV_aVcP1N8b-0QTGbEiGCyTUQC3VMpBLrbBt2BiS55ppkd01_XF5ieeNRmvPg7vifHfNyE5rfeEJjpmhL2Gvvt-502jgwzZXkVkLRStXvzcCkGY40VyMAx6nJPfZTeZwQr3FFMMe15v0fhiD6jf-rs-P-apFugwOBb_q8jfFBLl0o2jwaA_MG-pjm88&sig=Cg0ArKJSzFjMvRpDq5ImEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs.min.js
code.createjs.com/1.0.0/ Frame 1218 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:39:51 GMT
300x250.js
i.kapook.com/gorralit/kapookmarket1/300x250/ Frame 1218 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.kapook.com/gorralit/kapookmarket1/300x250/300x250.js?1593430650619
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
last-modified
Mon, 29 Jun 2020 12:17:35 GMT
etag
"5ef9dbdf-65d2"
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
26066
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1218 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 Nov 2021 04:24:51 GMT
rum
dsum-sec.casalemedia.com/ Frame 3E1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhjJsYW4ATAB&v=APEucNWYHWgqmP-akp8xVj-eIcof_w7SGq54D58zqxP7H-cgz3WVFOYH8yGkH2fZ3ib1vXs344AlCS5PHLka3zbEnSstkaqak7LMUJtcomENg8Zj0ZmxSE53EjpX35hcB2tZ4WG5IYSYJEsshhjXkdjJOYRHibppdBpFdjNqIA0FRrUh2J9PUMc
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 19 Nov 2021 04:24:51 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 19 Nov 2021 04:24:51 GMT
rum
dsum-sec.casalemedia.com/ Frame 3E1A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZcnE94H3Za5DeInNSGw3gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhjJsYW4ATAB&v=APEucNWYHWgqmP-akp8xVj-eIcof_w7SGq54D58zqxP7H-cgz3WVFOYH8yGkH2fZ3ib1vXs344AlCS5PHLka3zbEnSstkaqak7LMUJtcomENg8Zj0ZmxSE53EjpX35hcB2tZ4WG5IYSYJEsshhjXkdjJOYRHibppdBpFdjNqIA0FRrUh2J9PUMc
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 19 Nov 2021 04:24:51 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDkdJAfBolp2M5i_g4RMBUE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3E1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHmdE0BfzW_e3olcoS71UDU&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHmdE0BfzW_e3olcoS71UDU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhjJsYW4ATAB&v=APEucNWYHWgqmP-akp8xVj-eIcof_w7SGq54D58zqxP7H-cgz3WVFOYH8yGkH2fZ3ib1vXs344AlCS5PHLka3zbEnSstkaqak7LMUJtcomENg8Zj0ZmxSE53EjpX35hcB2tZ4WG5IYSYJEsshhjXkdjJOYRHibppdBpFdjNqIA0FRrUh2J9PUMc
Protocol
HTTP/1.1
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:51 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
208a020d-416d-4277-9cd6-06834495160d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHmdE0BfzW_e3olcoS71UDU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3E1A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQyMDEwNzk0NzUyMTk5NDY4MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQyMDEwNzk0NzUyMTk5NDY4MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhjJsYW4ATAB&v=APEucNWYHWgqmP-akp8xVj-eIcof_w7SGq54D58zqxP7H-cgz3WVFOYH8yGkH2fZ3ib1vXs344AlCS5PHLka3zbEnSstkaqak7LMUJtcomENg8Zj0ZmxSE53EjpX35hcB2tZ4WG5IYSYJEsshhjXkdjJOYRHibppdBpFdjNqIA0FRrUh2J9PUMc
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Nov 2021 04:24:51 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d1ccc7f5-fe4b-4e04-93fa-3cbfe205ff85
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQyMDEwNzk0NzUyMTk5NDY4MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame D5AB 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
Origin
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 11:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 11:03:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame D5AB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5B2MtChr7uUTTMeqToNgraLUMIaSZ2TVGv60wlFZbySmGWysHTABwfnysgWrTPp9E3YYwKe9oOlCmynW8fanO-RCnlGn6IAcNxiFJ1A4TnaAUta-wZZIug2QQWHW9mjyHTSE7yJrKoXxLRRYscwJY5u9-Ag&dbm_d=AKAmf-C0JkRqijq-ZRk5-oIAqtIzw5aKqwf5kv6hJUoWB9LcIQ93oe2fxowvP8HAKSOu1QYNOghG-k1xi9XPGs65aUHQzXhUoOdkVvg0UuB1sRgy2GaNC3DW7-IByhoTRyf5LDbbfCa3goQanc4HnLt-h5zQKBv1Zhry5kyv2PziIzvhVMERE4U408y5VOBJpOa0VZzp1ZXZAAAm4y1lwbiERpaBZS8LdQJU2OnzYKklM8EXs8QpR8ExwP5KVODh8piejqwtVdWkiJkS26duKZ7a13WhR3cyQ7q10u5dE3uj3V6nki68e-gvHPkHeRYdUECbA1dm7-4tuHdJOOwhoTqDhf8maWEZGu4-hpouqnQcVXhnCh1U4b-x_-9IRjRFZOTImmmf3aI2D4_zycIc61XG6Jw5GriFxzC-ajxJ-guRbS4ytObQESaTd1PnAWdA9BgKJVhg7F-gRz9HG057yRaT7rnPN7hOrGS_Y1035U3D5wrubMcadktwU8bp-EwVipHhwiREnN_SCT7Gc_nM5jcXbJLZwBPJDjFEbFs8AdBpYIoTER4nwHDvkKotNCvYclRkCcfRpmQlPBDf3xzhEwlsQ-JBx8P_D6_Ybql8rxaCD5axIqIzzF9MfktVQcVA4sofVVGh0z5iugX07z42ihLW39iNByzFAtEYeF6F_M-UwYWvgFihmVmxUcXjzjisvitmZ5BjWosVFmJNeJtQPi7zUwXu6ePUu9FbP_Xi0uMaVmyorJGTn452xH_fOwG691bhwpIWApnDY639gwnBbf9bP_POq1KNJaWCJbgpSohm8N9N96spkMMlyej6xAYXe1R1FlzlZwvc4sQ0kjANbvtl-dy8e_bIcvdMFWaibWGjrltWiGWUUUv87ZFgUnX9zPQT6JEHbbBLTYMcDLC0DrUBrAjLrwbh6T35DlHADNgejzn0mGUZgdnaNpdNVj-jtt8Iq1o7on2pZlKBtbyCLDEjw8ZKTs4Dah-Lk803CCyC4yMa4BW1f8zhlwnpyMf0ohY8BqqmqlHEFlcjTHpqSxlBpnFf1nevmZ5ZaGmp_C_3PqecH86iuMkZX7rQSqciu8V_Vt1lB8ve2TOnIIPO4kbqgsm4Yc3cHmd-5k4iub74swo_gh2KhKvnAND2O0htxYfwif2A9g-LPGe4EoF3v1oCsXuK6md5UoqombiW_WYYurM_58p3St4pOXM942QaDStnmRUUdroijDkJFNvLoWemKQoUH7ptoJHww_NTVejuqJQgQa0v2ARoqlGvbHh_LoFgof28ujQOPQO3arZ1_UwoG3OGHJPbybELFTjLFbn3Wkj6ndm_etH2RqLZdTAcI8t7hTmlXv6Ox2gLVBI22mkgmi0QxJQyEUqloB2FpAnrDyr9UU1Htd_Za6o6CjTLd1dYwxbi-7Nmn4pM9qqyJtBzhGU1k8-eroQLi6Ybbwx_cxoieIuwRIQVmMlp40wcs-27ykhf20Mjlt2at_puowF4epehmtSauSC7L5jmqN9G6DpG2hi1w2rqn3RhFq0b_jxMvEBFUUZVf_54ioNJW4ZtuUDj6PH78kUjPX2f9hf2Tx_eOf1RcTba097_SnyM_VQ-mSDICzB6D-sJJmQ-Zd8iIhxRD1nSwY5rf36J13HYUm6HR93dlBj1a1PlxMjx7W9lVhXbtuBA5dyqKDiZ5PRLuQhB3K6mm6_3k2c3wO0Ma0MIyXPBK8IjxwII0CCqhVUzMuY92NvREpkyW3N5o0i921EBnHgAn3tjHAvJoseY1FhDlJweXEQi0wF77JEv-PyLImc_NWkAtfD1IgMt3XGUb3nG4bW9dtmrcLnDmc9iMHPLWIo2b1Xhl2lns-byqVUyrKOexIcw8f0u5-KbiyPr8wmFVUzoQZlbz9j8voWv_uCQrcrbi4msZstgNqw-u7xluMw3NTfeNRIoMwZAQWevxHRJb-abLqGVHcs4EoTtGpbVyy3dj4Xp2U8F5JOITKBcqRFFNVKsp279eY32xDFMaHY6GV86NMBV3TobU-nNkxbUR0qJg0sSnDgKdHPvwJbSpH9unCM705byPTWmq0n0vP19ii2sRY3iwpyohNIdoT-CpXi2S4LijiJ06wFlb_E0ew80a-pn5pZuzvUaw4YL7sUORSZM-QL41CgpPL_waLvCeAUtb6PLV3Vo_jRT1tW4BGxbc62MgAUKJiDjO7lz5NcXjdw3yWIc2nyfhXRlvUc43mSKmcEOzIV5K5Iry8lAHyu5dbcdeXfeIK1Do-ApO4C8o7QQJ3YiJ8UpdIjypqfe-2NcPxfHwB2ePPT72P9ZOgpDGMThcKizxngHRtrpyFV03Pr_4fl4Qlvilbf3ihFoWRkA_-WCpiKpCtUtkSnsigCH8Z5LWJUc2p5jUTXUUeREG57GvJZtWBB1QmGYYrkfPGTUSPrkTGvdweDXqhnN68NtpTgGApuYsyx85zEZAMGWmkjznDYUROJz4yTfJiXka0iHqFxMnRZvfpTfrFML65FZJaIKLjfp-uvdNmeJTZ8Kqy0umtMgpA48v0llrnxyCHBvIA7anxYjYCVgFxD34osk7EC1h383I_07EWz6udbR3Sqm3vdOA-6lGfKnXN75s9eWFNAHdyvWN7b6-mXGzz6t5K0EIHsYQAcWIVTYA_IBDb_SMGmJgRPQMGToGoSp26-G947bqvNak6IwSvUMYvG_uOK3M0wMdY1l9sKF8snELvQJQJxByy9bIHiQvhymf_DTL4LTmhDK_bNleDqFqBbYOmubWryMQ3YrqzoYRBx6KavFyNtHqWPAEzsTanKT5v_pWlimnSSD8D_7I9apTTaz3oliKAyw486Xh0R3KElnOEY31TTB6j1x7TQI6BwrJl-KgcpI07NM4O2Bo2F7Ktxc6Yx4fcHxx2MOV-5ZbYgyHaJGCQ-80Slyo_ObpcEbRMoRJmapJHuwdVG_Kzp7Iemg1nuG-k9YZRgU2kMrf9FZdI7CWEycoCP3wCWxZMDHdsKc8-9SudZlQvfglJQGF8BDoTNmV-ythrgBbzpjLDYNpxr2ttEwRP6PKVFMGtkzbFW8igDHh17G8Em_JNeSN4P93_MtkCgoolQCR2HvujI9-AP43zPMNBF_7QzkUUo7FewigoXKI4l7zbzLyjVh3F9v6UtHinZ1AuKMp8rLOh7SuI4HxVRkux7bBk-l-Oq_asX8-Puz46aSiTyRcL4XK7NmjIHsLvaRzjGa3fbNqMuppvIq7zsJjcCnHqVEP_9nU7w7VQwMQorGKNnJi4EHx3wpXEiDehcXfjR6Gj3H99DHJVukqU62Q1SdsQWDBW_muAm2Kzvjh2CWJBRUV2zNQTdG2TJXxt63RQB0CT7vLUO3MGN7rDu5DLABSAnziAqW9hdjoxtdBMFuWfLS_al_u_ZQyXVU4kjV-6vDqZ8mraum8uZi-Mn2ygel4TD_ZaYOp6wZ9phMHwRwmWxn-N6gmP2i9Nx7SwmaUoFHtsB3V3Orw_WsOVhncrdZJAzYe6RFUQvyz_gWwsK2V4cRa4ec3lUWBEttIkXo5iGCH8bFDYKmYacRRvrWDnyzRRKx1UKXzW0Hewo1GY74VrTDrGcBpfb70616NlAnkBdYS_uqo1oACsBBUkiFaRaKs5P25JZphCT2IHlnjAtAxRK007mcwN1RkaXE8TczWhMhWwKOETWO9ZAlWuMvG3Ba0CDt01-efGjiOaJMtePDo9LkOLz6aJRmgb7XHjTPfpId5TGP4qw9KCOt8ttTAuRvbjeAPoM-K1sZIB1a7iwRhN1fnzRE_kzeOipAVMJxMq79Mk-NF3qAkPbwzQVtBEDIHLiNJmByrSwZpvtMcYG7ZMxc13CQHo3ZTyhQs1s4VeqxzVhkv4WNdBm_loTF_cOmG99PDelezpr3mBUXgL7LKJbIeEuEA-Uaaq1w&cid=CAASEuRoHtw0xIK5Wl2kywa_P2dWlw&rfl=2%2Chttps%253A%252F%252Fhilight.kapook.com%242%2Chttps%253A%252F%252Fhilight.kapook.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:00:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 04:00:06 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame D5AB 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5B2MtChr7uUTTMeqToNgraLUMIaSZ2TVGv60wlFZbySmGWysHTABwfnysgWrTPp9E3YYwKe9oOlCmynW8fanO-RCnlGn6IAcNxiFJ1A4TnaAUta-wZZIug2QQWHW9mjyHTSE7yJrKoXxLRRYscwJY5u9-Ag&dbm_d=AKAmf-C0JkRqijq-ZRk5-oIAqtIzw5aKqwf5kv6hJUoWB9LcIQ93oe2fxowvP8HAKSOu1QYNOghG-k1xi9XPGs65aUHQzXhUoOdkVvg0UuB1sRgy2GaNC3DW7-IByhoTRyf5LDbbfCa3goQanc4HnLt-h5zQKBv1Zhry5kyv2PziIzvhVMERE4U408y5VOBJpOa0VZzp1ZXZAAAm4y1lwbiERpaBZS8LdQJU2OnzYKklM8EXs8QpR8ExwP5KVODh8piejqwtVdWkiJkS26duKZ7a13WhR3cyQ7q10u5dE3uj3V6nki68e-gvHPkHeRYdUECbA1dm7-4tuHdJOOwhoTqDhf8maWEZGu4-hpouqnQcVXhnCh1U4b-x_-9IRjRFZOTImmmf3aI2D4_zycIc61XG6Jw5GriFxzC-ajxJ-guRbS4ytObQESaTd1PnAWdA9BgKJVhg7F-gRz9HG057yRaT7rnPN7hOrGS_Y1035U3D5wrubMcadktwU8bp-EwVipHhwiREnN_SCT7Gc_nM5jcXbJLZwBPJDjFEbFs8AdBpYIoTER4nwHDvkKotNCvYclRkCcfRpmQlPBDf3xzhEwlsQ-JBx8P_D6_Ybql8rxaCD5axIqIzzF9MfktVQcVA4sofVVGh0z5iugX07z42ihLW39iNByzFAtEYeF6F_M-UwYWvgFihmVmxUcXjzjisvitmZ5BjWosVFmJNeJtQPi7zUwXu6ePUu9FbP_Xi0uMaVmyorJGTn452xH_fOwG691bhwpIWApnDY639gwnBbf9bP_POq1KNJaWCJbgpSohm8N9N96spkMMlyej6xAYXe1R1FlzlZwvc4sQ0kjANbvtl-dy8e_bIcvdMFWaibWGjrltWiGWUUUv87ZFgUnX9zPQT6JEHbbBLTYMcDLC0DrUBrAjLrwbh6T35DlHADNgejzn0mGUZgdnaNpdNVj-jtt8Iq1o7on2pZlKBtbyCLDEjw8ZKTs4Dah-Lk803CCyC4yMa4BW1f8zhlwnpyMf0ohY8BqqmqlHEFlcjTHpqSxlBpnFf1nevmZ5ZaGmp_C_3PqecH86iuMkZX7rQSqciu8V_Vt1lB8ve2TOnIIPO4kbqgsm4Yc3cHmd-5k4iub74swo_gh2KhKvnAND2O0htxYfwif2A9g-LPGe4EoF3v1oCsXuK6md5UoqombiW_WYYurM_58p3St4pOXM942QaDStnmRUUdroijDkJFNvLoWemKQoUH7ptoJHww_NTVejuqJQgQa0v2ARoqlGvbHh_LoFgof28ujQOPQO3arZ1_UwoG3OGHJPbybELFTjLFbn3Wkj6ndm_etH2RqLZdTAcI8t7hTmlXv6Ox2gLVBI22mkgmi0QxJQyEUqloB2FpAnrDyr9UU1Htd_Za6o6CjTLd1dYwxbi-7Nmn4pM9qqyJtBzhGU1k8-eroQLi6Ybbwx_cxoieIuwRIQVmMlp40wcs-27ykhf20Mjlt2at_puowF4epehmtSauSC7L5jmqN9G6DpG2hi1w2rqn3RhFq0b_jxMvEBFUUZVf_54ioNJW4ZtuUDj6PH78kUjPX2f9hf2Tx_eOf1RcTba097_SnyM_VQ-mSDICzB6D-sJJmQ-Zd8iIhxRD1nSwY5rf36J13HYUm6HR93dlBj1a1PlxMjx7W9lVhXbtuBA5dyqKDiZ5PRLuQhB3K6mm6_3k2c3wO0Ma0MIyXPBK8IjxwII0CCqhVUzMuY92NvREpkyW3N5o0i921EBnHgAn3tjHAvJoseY1FhDlJweXEQi0wF77JEv-PyLImc_NWkAtfD1IgMt3XGUb3nG4bW9dtmrcLnDmc9iMHPLWIo2b1Xhl2lns-byqVUyrKOexIcw8f0u5-KbiyPr8wmFVUzoQZlbz9j8voWv_uCQrcrbi4msZstgNqw-u7xluMw3NTfeNRIoMwZAQWevxHRJb-abLqGVHcs4EoTtGpbVyy3dj4Xp2U8F5JOITKBcqRFFNVKsp279eY32xDFMaHY6GV86NMBV3TobU-nNkxbUR0qJg0sSnDgKdHPvwJbSpH9unCM705byPTWmq0n0vP19ii2sRY3iwpyohNIdoT-CpXi2S4LijiJ06wFlb_E0ew80a-pn5pZuzvUaw4YL7sUORSZM-QL41CgpPL_waLvCeAUtb6PLV3Vo_jRT1tW4BGxbc62MgAUKJiDjO7lz5NcXjdw3yWIc2nyfhXRlvUc43mSKmcEOzIV5K5Iry8lAHyu5dbcdeXfeIK1Do-ApO4C8o7QQJ3YiJ8UpdIjypqfe-2NcPxfHwB2ePPT72P9ZOgpDGMThcKizxngHRtrpyFV03Pr_4fl4Qlvilbf3ihFoWRkA_-WCpiKpCtUtkSnsigCH8Z5LWJUc2p5jUTXUUeREG57GvJZtWBB1QmGYYrkfPGTUSPrkTGvdweDXqhnN68NtpTgGApuYsyx85zEZAMGWmkjznDYUROJz4yTfJiXka0iHqFxMnRZvfpTfrFML65FZJaIKLjfp-uvdNmeJTZ8Kqy0umtMgpA48v0llrnxyCHBvIA7anxYjYCVgFxD34osk7EC1h383I_07EWz6udbR3Sqm3vdOA-6lGfKnXN75s9eWFNAHdyvWN7b6-mXGzz6t5K0EIHsYQAcWIVTYA_IBDb_SMGmJgRPQMGToGoSp26-G947bqvNak6IwSvUMYvG_uOK3M0wMdY1l9sKF8snELvQJQJxByy9bIHiQvhymf_DTL4LTmhDK_bNleDqFqBbYOmubWryMQ3YrqzoYRBx6KavFyNtHqWPAEzsTanKT5v_pWlimnSSD8D_7I9apTTaz3oliKAyw486Xh0R3KElnOEY31TTB6j1x7TQI6BwrJl-KgcpI07NM4O2Bo2F7Ktxc6Yx4fcHxx2MOV-5ZbYgyHaJGCQ-80Slyo_ObpcEbRMoRJmapJHuwdVG_Kzp7Iemg1nuG-k9YZRgU2kMrf9FZdI7CWEycoCP3wCWxZMDHdsKc8-9SudZlQvfglJQGF8BDoTNmV-ythrgBbzpjLDYNpxr2ttEwRP6PKVFMGtkzbFW8igDHh17G8Em_JNeSN4P93_MtkCgoolQCR2HvujI9-AP43zPMNBF_7QzkUUo7FewigoXKI4l7zbzLyjVh3F9v6UtHinZ1AuKMp8rLOh7SuI4HxVRkux7bBk-l-Oq_asX8-Puz46aSiTyRcL4XK7NmjIHsLvaRzjGa3fbNqMuppvIq7zsJjcCnHqVEP_9nU7w7VQwMQorGKNnJi4EHx3wpXEiDehcXfjR6Gj3H99DHJVukqU62Q1SdsQWDBW_muAm2Kzvjh2CWJBRUV2zNQTdG2TJXxt63RQB0CT7vLUO3MGN7rDu5DLABSAnziAqW9hdjoxtdBMFuWfLS_al_u_ZQyXVU4kjV-6vDqZ8mraum8uZi-Mn2ygel4TD_ZaYOp6wZ9phMHwRwmWxn-N6gmP2i9Nx7SwmaUoFHtsB3V3Orw_WsOVhncrdZJAzYe6RFUQvyz_gWwsK2V4cRa4ec3lUWBEttIkXo5iGCH8bFDYKmYacRRvrWDnyzRRKx1UKXzW0Hewo1GY74VrTDrGcBpfb70616NlAnkBdYS_uqo1oACsBBUkiFaRaKs5P25JZphCT2IHlnjAtAxRK007mcwN1RkaXE8TczWhMhWwKOETWO9ZAlWuMvG3Ba0CDt01-efGjiOaJMtePDo9LkOLz6aJRmgb7XHjTPfpId5TGP4qw9KCOt8ttTAuRvbjeAPoM-K1sZIB1a7iwRhN1fnzRE_kzeOipAVMJxMq79Mk-NF3qAkPbwzQVtBEDIHLiNJmByrSwZpvtMcYG7ZMxc13CQHo3ZTyhQs1s4VeqxzVhkv4WNdBm_loTF_cOmG99PDelezpr3mBUXgL7LKJbIeEuEA-Uaaq1w&cid=CAASEuRoHtw0xIK5Wl2kywa_P2dWlw&rfl=2%2Chttps%253A%252F%252Fhilight.kapook.com%242%2Chttps%253A%252F%252Fhilight.kapook.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9475
x-xss-protection
0
server
cafe
etag
15988442915344899701
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 04:02:57 GMT
621.json
id5-sync.com/g/v2/ 		213 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/621.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.199 , France, ASN16276 (OVH, FR),
Reverse DNS
p12.id5-sync.com
Software
/
Resource Hash
a64e146a49f7a281c1f34f88d5662ecba88fe33b77ad0cc8a161ab98e9a3a9b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://hilight.kapook.com
Date
Fri, 19 Nov 2021 04:24:42 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		63 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c4213c3fa4712b44d6dd366ee17ec80cd0d4d14daf33166d9e790da37e868f86

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache
x-server
10.45.28.71
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		108 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
11d086123159647087409219dd2c223f05a740330e755c3eee4a20bbcdbfea19

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 19 Dec 2021 04:24:51 GMT
399297.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399297.js?json=1&async=1&cs=utf-8&rand=0.6043748079684319&num=1&as=2224265&callback=callback6054334745822045
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
73e474a6433fb8cdacf6bee70c71b865f083fae737a0fa68522594bd831fbe4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2074256.jpg
cdn.th.giraff.io/cdn/images/380x200/56/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/56/2074256.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb82514134b5fdb33ccd125c6de3ce797d2563c8d1640f339e5123f084279287

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
cf-cache-status
HIT
age
93206
cf-polished
degrade=85, origSize=42355, status=webp_bigger
access-control-max-age
1728000
content-length
19372
last-modified
Thu, 18 Nov 2021 02:31:07 GMT
server
cloudflare
etag
"6195baeb-a573"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 18 Dec 2021 02:31:25 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6b06abd9382b05d4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
2016469.jpg
cdn.th.giraff.io/cdn/images/380x200/69/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/69/2016469.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c98371198ed64eaae5dcfb6c384bc6a57aa83c7c15a4177b49c8c19d508501

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
cf-cache-status
HIT
age
156032
cf-polished
qual=85, origFmt=jpeg, origSize=40145
access-control-max-age
1728000
content-disposition
inline; filename="2016469.webp"
content-length
15024
last-modified
Wed, 03 Nov 2021 12:24:28 GMT
server
cloudflare
etag
"61827f7c-9cd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 17 Dec 2021 09:04:18 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6b06abd9382c05d4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
2074257.jpg
cdn.th.giraff.io/cdn/images/380x200/57/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/57/2074257.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f73b1025d0d708e80c7d3c65161f97ce64b667afc92d6484598eb88d1d4b9454

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
cf-cache-status
HIT
age
93207
cf-polished
qual=85, origFmt=jpeg, origSize=27702
access-control-max-age
1728000
content-disposition
inline; filename="2074257.webp"
content-length
11898
last-modified
Thu, 18 Nov 2021 02:31:07 GMT
server
cloudflare
etag
"6195baeb-6c36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 18 Dec 2021 02:31:24 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6b06abd9382d05d4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
logo.svg
code.th.giraff.io/data/ 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/logo.svg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd396cba7949e705825c1cfc7f12946cce49176ee3d7da4ca179aa864674674d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Oct 2021 08:35:10 GMT
server
cloudflare
age
59
etag
W/"6177bdbe-30d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
6b06abd8fff34e67-FRA
expires
Fri, 19 Nov 2021 04:24:52 GMT
index.html
s0.2mdn.net/10350127/1634641790433/ Frame 5A3C 		70 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10350127/1634641790433/index.html?e=69&leftOffset=0&topOffset=0&c=A8CWq1rKuu&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6326eb339107d496ca5463a643a811b068758adac7d4b0f0f4e0b2f61fde72d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
19126
date
Fri, 19 Nov 2021 04:24:51 GMT
expires
Sat, 20 Nov 2021 04:24:51 GMT
cache-control
public, max-age=86400
last-modified
Tue, 19 Oct 2021 11:09:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D5AB 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0NALFHVYL_1n_skcMLuUK4WYCJKvoX0mnWHgp1984OuEfIwB4KVIt0a8lz290kJg54mycgqf65_2bqnfOffXL1Bu_rI64qc0TgwgJSGy-svMjROi6VoEcLck2bVQ9HID_bhtGp6laOOag4D7nTGXeLVhpWRBvslwzpYHLBS9bFgBTTHBkdC66oVEZuVg11LP3PcEGEhCD0A5pFNa06WbgLqYO-tERrpzEVeQZm-5MOn1Gt6YHDVEMz8gbybA3eWcg2ZhgHn4igyRFv_LiBMxdKqkdW66L2p1Eb1c_u-HVY_2fCzBfJ3oTNN8MON8floxbh--78C0hbNEw8cVdYD5XeRgbsN-72OoF6mXP3hwjbgDEp0LKbZ1f_xOTxJYLU6UAkx0AaXKfbyKdFxoptkq2H8lHNzuMYFYbAgvv2uQKOqLtAo6WmgcTRnsPj-hKE_PY9eoxQKyE54RE-M3eZOBuvWJmM7w-1DmaFbutPyYmUBMCsUgQ0mU65xNvo-HVyIOqlb178HeVbKZOWm19ovwupvS4G_HWKgi0CqZQ9faqfxdggzegbQT8KA4AhVYSmegH_-IiyjqkH4wFsLyH1efrRJdwLo5KUrdPRBew_rPOyVGvOLcjg442Ca68iJjU9Y4WoOJdNF6b_SlR3wFZYpYWpIK6KDtVqV6o1I8zEZYfXkmr5XL1YZKRpbLLFbMqlS7Zmv-aeSuj7MvPn7MVTxAHGq3PJub1_3SfA9JDn86ECGwVoR_OJgLD80MDzLHjCwxWT7p8ia_igymaam4AJnl7qqqodzE9Og1POVN2nsoctcf0aXDieVSHHa1x3GdXfv81cLKnwgkAL5jIK0QXL9N9dUX8qliKZj_SiluqwXFujybuGU1peL35g2wqYGVasmmq1ieQPEoFkGGPfQeDkiILBdTy_2agyK2mj_WvJ3AqNXNogd_7OkPuSWN28v1QiX0dteMsulwygLY11PZvn_Ey_LphbSw7cODeKnzNXCcfPXRBSnA1sPp-_opITuDJnj75QRNmhRh1vIKfdQl14jyDI1NH6FNyCBBpXMPeXaBbW2aSbiAAT_dBfTdP5z1d3A_Kc5GU2ry-4OibDeCUiZrfX9SaApsu1wNTPj4-bmGlV0cbITZUyRJVC6WTrzxxowCp-LcLcFt7g_bF0Apu_YewUSHgEHW1sJzs6IDs7slusSF-mRHVjmdSKFovBJnw7QkhRr636LjdBb6HIdZo8y7Dl_2cSDwzGUfJPH6cFTUOUKeJRzK4qS7jwu5NjqhQC8vzf3ansaiS&sai=AMfl-YRI9U2UlQ3808fi4HND0aUV7bgw-NUmGNzO_HLFKOo120urb9o5DdVBoPtjmNcrAdp5FIQwMOEkD2s2c8zb-CI7knmvrH7tIqRbaUlb1VRVwo1u2wtVR6N0dbt7UbX6T9NhhWdBJO4FJcypsCbhEBF12hSRS5p_QiSXx0S6_TxhMrKNHOH6uw&sig=Cg0ArKJSzDElUrjTxpZrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=84&cbvp=1&cstd=80&cisv=r20211111.74484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 19 Nov 2021 04:24:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D5AB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
URL: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 17 Nov 2022 15:31:47 GMT
truncated
/ Frame D5AB 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0aca7971caf502dbd0e4d8093c8c9367b9a986dac102d0ddb223d18d2e68ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 5A3C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10350127/1634641790433/index.html?e=69&leftOffset=0&topOffset=0&c=A8CWq1rKuu&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10350127/1634641790433/index.html?e=69&leftOffset=0&topOffset=0&c=A8CWq1rKuu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 15:50:37 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 859C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 17 Nov 2021 15:43:53 GMT
expires
Thu, 17 Nov 2022 15:43:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
132058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame D5AB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0NALFHVYL_1n_skcMLuUK4WYCJKvoX0mnWHgp1984OuEfIwB4KVIt0a8lz290kJg54mycgqf65_2bqnfOffXL1Bu_rI64qc0TgwgJSGy-svMjROi6VoEcLck2bVQ9HID_bhtGp6laOOag4D7nTGXeLVhpWRBvslwzpYHLBS9bFgBTTHBkdC66oVEZuVg11LP3PcEGEhCD0A5pFNa06WbgLqYO-tERrpzEVeQZm-5MOn1Gt6YHDVEMz8gbybA3eWcg2ZhgHn4igyRFv_LiBMxdKqkdW66L2p1Eb1c_u-HVY_2fCzBfJ3oTNN8MON8floxbh--78C0hbNEw8cVdYD5XeRgbsN-72OoF6mXP3hwjbgDEp0LKbZ1f_xOTxJYLU6UAkx0AaXKfbyKdFxoptkq2H8lHNzuMYFYbAgvv2uQKOqLtAo6WmgcTRnsPj-hKE_PY9eoxQKyE54RE-M3eZOBuvWJmM7w-1DmaFbutPyYmUBMCsUgQ0mU65xNvo-HVyIOqlb178HeVbKZOWm19ovwupvS4G_HWKgi0CqZQ9faqfxdggzegbQT8KA4AhVYSmegH_-IiyjqkH4wFsLyH1efrRJdwLo5KUrdPRBew_rPOyVGvOLcjg442Ca68iJjU9Y4WoOJdNF6b_SlR3wFZYpYWpIK6KDtVqV6o1I8zEZYfXkmr5XL1YZKRpbLLFbMqlS7Zmv-aeSuj7MvPn7MVTxAHGq3PJub1_3SfA9JDn86ECGwVoR_OJgLD80MDzLHjCwxWT7p8ia_igymaam4AJnl7qqqodzE9Og1POVN2nsoctcf0aXDieVSHHa1x3GdXfv81cLKnwgkAL5jIK0QXL9N9dUX8qliKZj_SiluqwXFujybuGU1peL35g2wqYGVasmmq1ieQPEoFkGGPfQeDkiILBdTy_2agyK2mj_WvJ3AqNXNogd_7OkPuSWN28v1QiX0dteMsulwygLY11PZvn_Ey_LphbSw7cODeKnzNXCcfPXRBSnA1sPp-_opITuDJnj75QRNmhRh1vIKfdQl14jyDI1NH6FNyCBBpXMPeXaBbW2aSbiAAT_dBfTdP5z1d3A_Kc5GU2ry-4OibDeCUiZrfX9SaApsu1wNTPj4-bmGlV0cbITZUyRJVC6WTrzxxowCp-LcLcFt7g_bF0Apu_YewUSHgEHW1sJzs6IDs7slusSF-mRHVjmdSKFovBJnw7QkhRr636LjdBb6HIdZo8y7Dl_2cSDwzGUfJPH6cFTUOUKeJRzK4qS7jwu5NjqhQC8vzf3ansaiS&sai=AMfl-YRI9U2UlQ3808fi4HND0aUV7bgw-NUmGNzO_HLFKOo120urb9o5DdVBoPtjmNcrAdp5FIQwMOEkD2s2c8zb-CI7knmvrH7tIqRbaUlb1VRVwo1u2wtVR6N0dbt7UbX6T9NhhWdBJO4FJcypsCbhEBF12hSRS5p_QiSXx0S6_TxhMrKNHOH6uw&sig=Cg0ArKJSzDElUrjTxpZrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=259&vt=11&dtpt=175&dett=3&cstd=80&cisv=r20211111.74484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 017F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzj1tyJm6hKSTSeYk1NRlavIdGx7D4ENx13BbLt4Rg1o2y6VpUKizwqoYR3nIHihTNm7AngzFuoNrdXkZxrQzEe81k1_l2KCq0_EF9vklrqi1Ua-YY1jnOt1MH6rb3hJqYThRh6KNZQ2lhan6hgMLLiXQE1jPNRUhHsL1PaXDTyJUnXrJfCBNc1Rjd6PeH5JqAJmjLI-y1_GOGswu0ZiSkoKo2Z_Efd_WnXw2RX5b4922k8jewplZ4GnjrVUwSPLPiUqKklhW1If9KNvUcdTKWVD54gFQ0_CKHpUxT9MSqhD1siBBTsYBhPMsN1Y03mLpOz-Lee3jo4ntTWw&sai=AMfl-YR7-_7Q-0YmlUh149W_ALm_5SpkJH7HWJ9fO1-n0CtnUKyl1hb3pkNi6-adUiDa6bdKJpuu-tEgHVwfUTKZFY8Koics3D3H_Qnxu0Gb_pWG7MVgBRRXwdB-1ad5DNQ&sig=Cg0ArKJSzBTveCDmPYGaEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Nov 2021 04:24:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 017F 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd09cf357b25450e280234252a2a7f8b1e8f729ee4e4d99e2c061d49e7475bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9223
x-xss-protection
0
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 859C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 21:27:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
25040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 21:27:31 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame D5AB 		57 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
URL: https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
977f35f75dfb224977b278c01ff5bd8fb73f53fcaec7480681eb779e34177f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22094
x-xss-protection
0
server
cafe
etag
9350601024229784641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 05:21:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 017F 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=hilight.kapook.com&doc=complete&pg_h=250&pg_w=300&pg_hs=250&c=1&aa_c=0&av_h=250&av_w=300&av_a=75000&b=0&all_b=0&d=1&all_d=1&ard=1&all_ard=1&dt=d
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C43 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111501&jk=2584317764332855&bg=!WVqlWh7NAAZQLpa_UC47ACkAdvg8WnrH_fefWpJz_TqnVjfNMI1AtX1kggPQsln29H9Y-NXOkj5hMwIAAAFHUgAAABhoAQcKAAz34QcDsdCCLmcVyZKZArzXlCBQScdU2zW82Cm-uE0Mku4OBWgp6Y8BmyYwaUC_XtqlvAHj6KRpJAEtr2UQfD_StycKt2YggWtAB_hG9GIaavUfwQ3Gx-8dS4lvW3QpHlAzDV6v0HuxeQoN611AncW-psqpW3sTsnPdQb85NbYqm03sbAzCrtcFabDwQBTdJND6B8c0Cmgolg9ppxoLfg-eYcmtAPzzM3E4fLyUAKa7aLAVNuV-vV8syrdE8a0AnhZIx5QfI2EkJGYyiIt-J-qXMaG9OrD2BMNjeXZd6SHwI643cbU77otOCzJGHHGpnJavJyahrS1KgyklbaGklGFthXxtKXPt-j1Bz2LPUdOjRP5T2JXgpgZw683-qMN6_Xkt4NoDsL3Ll6BW2JLVcf-TmDXZFUTJR_7tZEPWtgEM1MDtJs8kVYSw9jBQRwB4213Ag4DWXsOIg5yF71lhYnojTahoFatgKtu7tfUigic3TA5QTlVpyS4pzr4OqU7ZZ7fqIQ_DNNg0U6yl4uK6JGDoRZ44XBvCHIZRJUrtGHzUemME6L0kS4mOpGvgae4vYdQmGzdS1VzZW-JFgwVw-4SDiqiRflrZco-NEexpz7JF8BmW1CkyMm9FKuqG9RLbRVptp-budBcE4_j7bdI5rgB2SksIDLoRc5CCmnmkQMSyRzb170JvhXsw-FLw83Y2D3F3M1yJVr2-xpvAvfGAKVRfZbSb_oVqIQdoQ3KqjDaDDlcMr93XA9_q_I_KcB2-ylewuBnCcWONsyIuiazYlzpoctoP_oZBCGcfuS5goKiawTrL6NnxSR8Q6hv1hxDas0b4B3EGJ516ZtsjEi9G7zHcOZYSzV1WWGKF-QVA7KUaOCxhZEsJIgVzdgJxF4TFY6_tUc55lkrp96YG-qA30EcyVa3jlX0VahcjImVzwGoxSFQNldrHGOPJK8qO
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 5A3C 		57 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
977f35f75dfb224977b278c01ff5bd8fb73f53fcaec7480681eb779e34177f23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22094
x-xss-protection
0
server
cafe
etag
9350601024229784641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 05:21:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5A3C 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49345f0372a5f2c59f8c830e15671d838ccaff58c5138f65fd3367c89c92f229
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5185
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 017F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 19 Nov 2021 04:24:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B9D 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111501&jk=2738726165626683&bg=!3t2l3ZnNAAZQLpa_UC47ACkAdvg8Wh5YKtLG94xQtQCYZJyzu8H4_w-JwjYoq3ZavzDL7lvwdnCmYwIAAAFwUgAAABNoAQeZAslxX7XK7PZ74H3c3GJ_jZnBSvoNlq8BYoiDWaJZT7vVGV9uM0HGH1DGA4tyHY1IoiIMkN2h4yfOWJhVznfiobE9kWFUgHiKyR5FknukgaE7kgqm34fZKRNg3mimZ8Xs8CcqWxM1CwP2J9d92BOqHLdtvQ5zM1jsBXdZXeMuwnwCZkD_EZeZorIVpOdfqhNFK3ggc_S_bRG544QVI1x6f7LI_4kW5ZZq6pckBB71im-0Vbtd3TMl_BcihuZuxL164WD0TlKaySgKHR7dJpJ015ogrgGOJelHWRds_aWkQ6XTGavDFS34am_eMVbZH3pwurGNPOuMurrKJeUTyFwZV6zXGQS1Rd7wRlomgfaadyNTqEo-DkmHgGgkF9iKUZwOoV5Nmj9aA-lHtfDY5WvYvWvZ-VG27Tv_jVRjwW429BU0F_N2USWAs2beWPO_I8CKnvANIkZ5ZkUkFO_B4rJjC_o2P7kNAurdDlJGnPP8X1TbyWjTLhyejfBMe2WZ3kZezMvm4IAy7hT0PpQ5nVZuanraXVPFJ9nWgejmro1teakbJmCeeSzA3Yd03L7zM_KnQt_-KRVfRxyMApXAoIbEcuf7gUHmDz6eHLqfRdLiLHucDpLpEfSLEHzPAsdkcPv96kL_7nXD4xdQ2jz5wN3Uj6XERtmVIYIMwZDBkGKdPqAG0rP4X0-csjHofMcm3x-k0xbDDlZ6ZLWIzo84YTDGJKCSy3yKn59lZuh9j_uGFTn8YbdlZs42jsecoKmgsuM4cidtOtAed0T-DrIkoQdL-W04ogwneazoflBmHj6m582ZLIoXlAz44TlqHGB4WAt0srY3JDwAfaTC_Dqk5tLWRYDL_49VFag7AITG_7VpEt_GVR1cIFvfK75WHhe4IJxJtgKqVJ2VKdpouqMHhHEcmKwhVLWva17yGK-oRxubchCVxiRE26QCb4w33A
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prod_studio_01_247_videomodule.js
s0.2mdn.net/879366/ Frame 5A3C 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78b8b9c06e8648b397191402eb4ca35c9a83400e71f2338c84f2ef1393ef32cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10350127/1634641790433/index.html?e=69&leftOffset=0&topOffset=0&c=A8CWq1rKuu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 20:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29985
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5003
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 20:05:06 GMT
399299.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399299.js?json=1&async=1&cs=utf-8&rand=0.37044783178480634&num=1&as=2273322%3A2273323&nodupes=1&callback=callback7834295983569735
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
b18f0ae7e6dbf30d1e2717c998d8a90739617424335e570467cfbff24c369fd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0844 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111501&jk=3676277363720707&bg=!REelRwPNAAZQLpa_UC47ACkAdvg8WuL-wTX2Rxi2H8swMIox3MxFhT9pa167W53nCtYcXYqbm5VwpAIAAAFfUgAAABloAQcKAIsvtH5MuhP3OzhrXDaNiiC2SGjTw2pvIPBBLIGmp6-q_WnjemiCxXHuucGrHStvN9HNeb_FAt7ZZuGFGkHfBqUFkoC84cPb20LuvVnw2yDA99mVxQbVsh_o5M1XI14Yf7CpxMQAyWYet99gl2ZaiC65e9GxfX9hjU-cGG-M-Ys_o2Lf6jHPbBSI32KLmQLPOSE9LKWewP8FdY7j_AzOz-egp-u6C0-WMBA0N0AcDVf5p4kOA7YP_W5jyawnBc93fjNRLin5Kx9bl_Z_N39YpAHzBFsuzRPqQfEuhxwj3RiXHpWP2ZfRz6voq0B07HPceXYe8PQmBUWcHNxK23UqM5qbnsPTXz6zHE1V2rue7CAuaVWsizohu9Ts7F0iQMRIxKx-nS8FLefhiu-lyaeVgJoIgBX42szlXfEwH4nNaFO36j7_q0IwAxAE8h1lavyLTGzyyZsMww83fdJDtfI9kifafeZIQ984ZoBRE0-cbJajXoEJz1w7AxUpysTKxwNCXnTjWYzRiINC7qCFGbW5J0A-89EtqwNA7ObvvkZf9uoB3xkhm8kfbm60WgEk_JsMlMDwyD8iHuDFb4_wHhOZUCsscuRanrVd-XTEIqgy2_7XteVHfFlMn3lCQ_v3-KnqffJBPk9ChVVSRD_t0Pzj7BKP6Cz9I7g6oYmxtmmz6bciye-A5vVfca_lWLRDBCniiJmBNiS3YY21lZru35HwgPylI73sW9wfk4Lk4Grl4qLprkq3r_9WcfuWYkZV1YkeDW9SwVts4imNf0eRHs-poDaYp6vvZasyydz-VwATxtuzHvZU_OsSPQHH5Eda_u7I37GxewC62C7_Vlu1LgkD2dnQ6NihlGqOfj5s1j6VUQN6D7JkynwKxe3gzX9T3ooeYS521DTY0nY7VSTSEWRJLAn2Mav5uo_AgMcFPpnZEU-v9k7J7Z7kFIOLClMfMjuXANwqP8nf_dn1ZUrF-_iaVJ137PeUDokPIXH-MO-3rw7o471Irvya21Qo7Tebwaxf9nLKhZ1AQj7kqbEVtBkXkNBmMeDYJo0xFt39x38JiZJhJOE1qyKmho1bpY8N4tofmdTNqQgVsgBKZXTG81jKfrJTHqgoQ3ruQbyntVhxrTmpdz0TXBq-S3IgVJQX-5c
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5A3C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 19 Nov 2021 04:24:51 GMT
file.webm
r4---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/ddf4a1e1fec7faff/itag/43/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779089797/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame 5A3C
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/ddf4a1e1fec7faff/itag/43/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779089797/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sign...
  • https://r4---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/ddf4a1e1fec7faff/itag/43/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779089797/sparams/acao,ctier,expire,id,ip,ipbits,it...
209 KB
209 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/ddf4a1e1fec7faff/itag/43/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779089797/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05408C22614F3502D9639F4F47C6C1BA24492965.257501AF7D72182711A7AD1CEC44DC2E3AEB9700/key/cms1/cms_redirect/yes/mh/rZ/mip/2a0f:9441:5:0:e5::1/mm/42/mn/sn-4g5e6nsy/ms/onc/mt/1637294885/mv/u/mvi/4/pl/48/file/file.webm
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
HTTP/1.1
Server
2a00:1450:4001:64::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
47cc326b95131fe5a4aa3bbcaa62900bd9d8a8558f5e47e9f6ffa9b4738055d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 19 Nov 2021 04:24:51 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Oct 2021 11:09:57 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Content-Range
bytes 0-213544/213545
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
213545
Expires
Fri, 19 Nov 2021 04:24:51 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/ddf4a1e1fec7faff/itag/43/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3779089797/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/05408C22614F3502D9639F4F47C6C1BA24492965.257501AF7D72182711A7AD1CEC44DC2E3AEB9700/key/cms1/cms_redirect/yes/mh/rZ/mip/2a0f:9441:5:0:e5::1/mm/42/mn/sn-4g5e6nsy/ms/onc/mt/1637294885/mv/u/mvi/4/pl/48/file/file.webm
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame D5AB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kw5vp7fl&chm=1&c=3647816196294294&ctx=2&qqid=CLPL5L_Ko_QCFfHluwgd2xoMhg&met.4=fb.k~lb.82~ol.cj~idt.5d~dt.-62&met.3=735.8o~740.94~374.at~734.br~113.ey_3~112.ex_3~734.f1&met.1=1.kw5vp70o~6.0~7.0~8.0~9.0~10.0~12.2~13.8~14.9~15.c~16.82~17.82~18.82~19.cj~20.cj~21.cj~22.8c~23.8c&met.7=CBsQCBgBMAk4wwNoAnAIeNAagAGkGIgBzi-wAQG4AQM~CCgQBRgBIBUoFTAnOBJoFnAmeMAEgAGUAogB8ASwAQG4AQM~CCgQChgBIBYoFjBAOCpoF3A-eJ73AYAB8vQBiAHdyASwAQG4AQM~CBwQBhgBIBcoFzAzOB1oGHAzeNYCgAEqiAEqsAEBuAED~CB4QChgBIBcoFzAfOAhoGHAfeOAMgAG0CogBnhOwAQG4AQM~CCoQChgBIBcoFzA9OCY~CBwQChgBIBcoFzAgOAloGXAfeLs0gAGPMogBl3SwAQG4AQM~CBsQBhgBIBcoFzAnOBA~CCkQChgBIJQBKJQBMLoBOCZAlAFIlAFQlAFYpwFgmQFopwFwrgF4udgDgAGN1gOIAY_GCrABAbgBAw~CBwQChgBIJUBKJUBMJsBOAdolQFwmwF48BqAAcQYiAHrPrABAbgBAw~CAkQChgBIJcBKJcBMJ0BOAdolwFwnQF4r0yAAYNKiAHuvQGwAQG4AQM~CCkQBRgBIOcBKOcBMPgBOBE~CCIQARgBIOsBKOsBMMICOFhA6wFI-gFQ-gFYjgJg_wFojwJwwgJ4rAKwAQG4AQM~CCcQChgBIJUCKJUCMJ4COAholgJwnAJ4k3mAAed2iAGKxQKwAQG4AQM~CCcQBRgBIN8CKN8CMOcCOAho4AJw5gJ490OAActBiAHqsgGwAQG4AQM~CCIQARgBIJkDKJkDMNQDODpQmgNYqANgmgNoqANw0wN4rAKwAQG4AQM~CCgQChgBIMsDKMsDMNIDOAhoywNw0gN4-q4BgAHOrAGIAb3FA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CB1B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 18 Nov 2021 21:31:05 GMT
expires
Fri, 18 Nov 2022 21:31:05 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 469B 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
890811f2dee35e6df6581edb88d87d010cc01b38f218e6d5e1a65cccec00693e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JRqAEl5nYH2rwihBiLx7Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 19 Nov 2021 04:24:51 GMT
date
Fri, 19 Nov 2021 04:24:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-JRqAEl5nYH2rwihBiLx7Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame 5A3C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kw5vp7g4&c=3647816196294294&ctx=3&qqid=CLPL5L_Ko_QCFfHluwgd2xoMhg&met.9=11.kw5vp7by~12.kw5vp7ex&met.3=113.91~112.91
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 76C6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
201480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 20:26:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 469B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=3647816196294294&rc=
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame CB1B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
201480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 20:26:51 GMT
dc_oe=ChMImdbxv8qj9AIVeeYRCB0t9AjXEAAYACDCkJlMQhMIs8vkv8qj9AIV8eW7CB3bGgyG;met=1;&timestamp=1637295891876;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame D5AB 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImdbxv8qj9AIVeeYRCB0t9AjXEAAYACDCkJlMQhMIs8vkv8qj9AIV8eW7CB3bGgyG;met=1;&timestamp=1637295891876;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 859C 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bs4KKEyeXYdmAC_nMx_APreijuA0AAAAAOAHgBAI&bg=!HxylHFjNAAZQLpa_UC47ACkAdvg8Wplw3F93wwhNw9_VbjySdZaqkvTq2U46n1D0Wl8udi72iRetHQIAAACKUgAAACVoAQcKAAoSWilKoMe6X521mQMLp4NTV_Y9czabiQef836BCtHCxpVxjNdNR9HRe6aoICueuNlk1n5_5foE3L9qemMJ6EbLf0T_wp6jmhG9P5IyOz7pwbq-hzDnEM5K8-GPEDneGdlNIBFvJt6nLoOcft2qA7heyPKbbhtxIWRUjCO3I8cv1WVJF-LBjSg4nc65IrQw85CO7g5coe6qTYtfqdzSU46F7vqwOAutrHvGoEUNKvpocIYBbX34X7vgJRdrtPMKTYUEbbzgX39m-_MhbwjGC3MRkxrZ_zrZ3U5HJF9k7IfnAu2Dt2PWEujhvoD2N4h7O48eg-WtOJW0mQ1O982LT4cM8Fto7ASKIENVMV-XytJG5B5SwJvHoSKERfGgi1hrEETmVZ1N0-k0V-DQ9Iez2Ye6H6mHg5alG2Llcb815L0Nv_VqUrq-NdT0HhW-LUD1vNRUe-gjXzCeEyTXo0teA9G4YbVI0Dm_bopqDZGVBWx953Of71qbzudJVDFH1EjlleVVqEMIzFUmglQCeJnSZeMpoGBKTEMoVRT1wMapxoCofH1JeX0eNs0tVCD7ay9BxQpaRiyK5kmJhZHtCs_mTOjUCkdrJP1SV8AexFwt6wlLajnhu7DXomdkuVM07RWEe43nAx0GQTDXvnWfsZwE15ii1BBv5TI6M5BPv9Wby7AuIbwFxBLIDxDkvA-RzuYA5nyLyBKKF7qI8tCOT9SlaMC2TPQA6YOVKbGQHpvbaRQefMDsyxM7FFAZkBPnt7UgLiji_szMQ4XZ7NfQD9JvDY1ZQX1QlX_DDcclqFjyRIVnXJ9OH6IYFPRUTn4ycZA6x4oK9NaXVsisAlg84GaDBLmGqvjXxiqUNL-I6884vfxdLCEAcUcNKLCIRLTBjlME0LNp2DdK4ha7zxIV66Oe_2S5jN3gp8P0NwWzHQV8qe8JyCOZYc6gUj8OwGKgEIpoDhJgc46a-_jDDdjT_2kCM-CNudQtVegNx8isupHwiba-DeHsDBwxa2W7zHrQG9ObGVj5vFmk1IJ6HP3DB5PczQvevW4y5prTX5M
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
399300.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399300.js?json=1&async=1&cs=utf-8&rand=0.5949201209835424&num=1&as=2224265%3A2231781&callback=callback9603943445397536
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
5ea9a56c380c2d473a725073c08c19c1f187ebeedee13dbae49bd3adf91ce1e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2025364.jpg
cdn.th.giraff.io/cdn/images/380x200/64/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/64/2025364.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0554bac300cb54e43daff0148008e7a6d3f35ec3a0eacae2235bb8da8d1eae57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
cf-cache-status
HIT
age
122426
cf-polished
qual=85, origFmt=jpeg, origSize=42183
access-control-max-age
1728000
content-disposition
inline; filename="2025364.webp"
content-length
19080
last-modified
Wed, 03 Nov 2021 12:58:09 GMT
server
cloudflare
etag
"61828761-a4c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 17 Dec 2021 18:24:25 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6b06abdc9ad805d4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
gen_204
pagead2.googlesyndication.com/pagead/ Frame 017F 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=3647816196294294&bg=!d3SldDDNAAZQLpa_UC47ACkAdvg8WvdnS9YWZHDdU_UYfh1g-wGxUB7iSmjEtCed-WcwtzeWJKKozwIAAAB2UgAAAAtoAQcKAITSbYlAmklLb9dkRPy9n1H7Zo8Y3-uCVW0RDX9oVudMiA66lFhVmXx0Rdqqq3ezJIvMy6S3CQQw8ShU08cJHjn4DxSICCQZ2ULfaWxIB14dJueCjJDnfvFzHvw1ZpAOkS7h_v0pe2tCaKqEhxep_l9rJT4xl3HBWWroYKBShvZDUwaISwSZAr7-d1Lpe8B3y2dImWzBQfNLe5mDUanMIU0wQ9KU0ETJ5yqT8IvtJBBJhDVxnOe5f2UtDO87VVI_8c_kr_WtbthreaeU63giGktO2zBI9PVTnEUqqSRUlRbI9krcaX-4SuiiPwT7DjwMpgpmL8Ewnefo-lumHQj2htp3tiWw76jCf2zIYZl5TQUv9ojwAsA7TASupSovK1gmspQFJKo5RSNHlFNxYBmilmhuuvft6nZQmNKbeiUvMHiNFsoczKT0CJ6XH8Bdx9KS_H1hCoa45I-ZfzpImBJbyeTUoWhibVOjSlTIOyan-ELaY-OfjJRb9A7VtSlXgsBwNnFA_2fM33sHkGv6WlqXx6p-i1Vx9MW6hL5vtE8hF2nvmcbL-fttKTZjzzWFzPRZmiuboBrTcl5bgk441h08V_ybS8UsMx50YCrWmD1JxkFqjMYwfynb-vc-S0LFfqjo-vuJTzifKg6uUxvRGxz9Cxxo_C5VT16QT8PsNQn-ScEYmSA_LKW4iJe0vTSWrGeECrXdRJMP4lGR5s2XO4JcQKz9EhsKu2OgD3BwYY7YTZvu0jJvHLz_X-43Xiu5qnYPTcONxvpmDCMpKUmMUVd8NSUnxxbyJtp9mAsvoYNn7lF6f7aoW8PGJH4nVkABt-wPRBBhUl2oi-ob7O094JRh6UTVLXpAysH8tn4HEL5cNYEorSZK5YnN4doaLhXpJ0_-9blWgnTQSd77wo0m-k_b3ET0fhQOPK8c0-BR6GnICBgK01fBSQKWYfKefEBcssTjHEifNFOmzQsvDCX-IaZ6LKLu2fMgAoO0txZWdFFZxZWrgcAmv6kp3-N2pOpXHmN03NEhbKE8CHrq7IqvyDUxBd0NUB0Vqy_8eI1qNhsuW4uHrog7tQE2zNlpN614p9WS5b22BG6Vg5AlsquEGI0QP8dAcCVqYAM
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6B9D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8s_HQh8jWGm0tKO1IwJb7wL6bAgA3X0CNkOh0uILrue2YlGbj_tSusbUsSOODveusWpy-huT71DJDvlfWW0fwleFHxgbGs_3lIj_sbN7RUfaBaPOC&sig=Cg0ArKJSzIVwwBKv5vydEAE&id=lidar2&mcvt=1001&p=672,1069,922,1369&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3445020646&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637295890456&rpt=548&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 055B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156743&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 5C43 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8-ELqEm4JwIQ_Mu6Qi1s_XKWE-5IVMXbpHFkVIB_WaPETUIJ1CKBzPjTl4UXgbp_EkaQPz-BwjS0x_0euITrZG4Uta5sFuZ60NZdoxYAKlYua8bRM&sig=Cg0ArKJSzDrH7w6HxNymEAE&id=lidar2&mcvt=1000&p=390,315,640,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4208516631&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637295890484&rpt=544&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6C51 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a886859a8542583923065d61ca09cce54a7af00f4c1b49708d006ba229e675db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/Bitmap1.png?1593426663506
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-40fd"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6C51 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswvG_A--xRlgX1j9Z_-5QoJsU8dLL5N9-Xwj_BTykROq5dH60vKkrFAxC6OV1OwXZm5XTcuvv0WUDzO45rluTaI3t5vhrl8Bnph6PwJ2kkGAVxwHcXAxEAY35yP3VZm3BnRoaorlQNvIgh3cJFExRI_BQiXlf__EbFshnH9CPIZC4x2DoTNAIBIeaadoh17z2WYimNm4gDzzdnPoixkqvQ37UTA-IITYyL2J_mv2-e_v9s22n3hts9Fje4OdP_j804VRqgADFjdG5L61aqmJWRyBQZkVnRyF5ecYlkkRIiG6HLPloPtqelBxKBK4vX0t7j&sig=Cg0ArKJSzE7A0inbGV9REAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Nov 2021 04:24:52 GMT
cookieSync.png
pix.cookiepix.com/ Frame 1218 		0
0
truncated
/ Frame 1218 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c29f9560b55e4615fdc859eb101865212086d33cec7375c40cb481a9f0b6e731

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
399302.js
a.th.giraff.io/data/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399302.js?json=1&async=1&cs=utf-8&rand=0.7003916683633604&num=2&as=2273322%3A2273323&nodupes=1&callback=callback8471096800659765
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
8c86fe21a1c37e50fa97e339c3da68f3700a3c4a4eca1bb9663894553afc311d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
truncated
/ Frame 34F9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c82ee2257b6d288e3c483d50c954092e2dc04586054b9a82d30590113dc41a33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
Bitmap1.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/Bitmap1.png?1593422211679
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-40fd"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 34F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMF7xrEoYVcceGaD0GDntuhRgsox3L6Kb3RzMErj-5lEmxl8z-14lCkGwYymtT2ssGgNwD1zj3Xv1XmMYEyjxIBUIqLue4_fXC2nHEBuO0AadNVvdFfVM8w_R4jEx72iQF0bJFzLzCivdwp1CMBnuITrk0k5WXEq19y72oEtBbRDoV3myIcQ-p_SO-KF2bEq3KcSn9ND96XG-LEVtaBdfTalC1YFJb3pkxaO0HGVCcDddFHq53SxKWiUiGn9maVakkcF2ptfjU77T2eWF0edCUeJcSCm24mvIE4zJnHprBwiFwTi7rDYlV02sfMbTGgvLFaQ&sig=Cg0ArKJSzFuHzDDo8mInEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Nov 2021 04:24:52 GMT
button.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/button.png?1593426663506
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1f17"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D5AB 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwExcLrKluzlR9VWInsXguA5aLlILtryF76cWTvcJahCLt-ERaUVyScHCjUm2p2UQJD9vG8nMntjWZL3MWwC3cXGFygwtwlhLZsRkAbFoxVlueuEtVsQ&sai=AMfl-YSwqJQYF5QMl75h0sj_5KsASInIma61JX5Jpkt1O_HreyI2ClbpEh9JphmmvvUSIfQHLl3l0r4ymMx4VH6jY7yoQm0ECjlf8hbSgVG5RkCa-pqAWvbbMdy31ug&sig=Cg0ArKJSzJYtsPp0ZocnEAE&cid=CAASEuRoHtw0xIK5Wl2kywa_P2dWlw&id=lidar2&mcvt=1000&p=1000,1069,1250,1369&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&app=0&itpl=20&adk=999895451&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637295891144&rpt=287&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
399303.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399303.js?json=1&async=1&cs=utf-8&rand=0.6920723474313639&num=1&as=2224265%3A2231781%3A2275972&callback=callback6773502626116059
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
816b65eee27886994d29ea2d5e325d5c45ad63ab56893f3b2697232d656242ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
2077354.jpg
cdn.th.giraff.io/cdn/images/380x200/54/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/54/2077354.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f37edcb6cb01156806a23d0edbd73f045b25c82962b3aa7434675608b49a7e3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
cf-cache-status
HIT
age
47983
cf-polished
qual=85, origFmt=jpeg, origSize=43237
access-control-max-age
1728000
content-disposition
inline; filename="2077354.webp"
content-length
18942
last-modified
Thu, 18 Nov 2021 15:05:07 GMT
server
cloudflare
etag
"61966ba3-a8e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 18 Dec 2021 15:05:09 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6b06abdffdd105d4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
button.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/button.png?1593422211679
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1f17"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:52 GMT
customer.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/customer.png?1593426663506
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-26c0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 017F 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqC5aJPJQ1iu5yD_eHB_RcurYpS_s2oFC1v1kmJtNzEFz_J6maMPem4T_Pyv7uLAQoe8wd9jly6aYcWf2tXCK4mQ2kedSn_ai8l0amIamxIT29P5Kn&sig=Cg0ArKJSzJeQn3wKaU3gEAE&id=lidar2&mcvt=1000&p=1000,1069,1250,1369&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=0.8&app=0&itpl=19&adk=719977154&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637295890461&rpt=1136&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
customer.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/customer.png?1593422211679
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-26c0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:52 GMT
free.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/free.png?1593426663506
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1815"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:52 GMT
csi
csi.gstatic.com/ Frame 017F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kw5vp6wn&c=3647816196294294&e=31063798%2C31061691%2C31061692&ctx=1&met.9=1.8m~2.bf~3_1.d4~7_1.0~4_1.ir~5_1.ix~6_1.vj&met.3=734.eg~112.ey_1~734.hb~734.kw~734.ny~734.rk~734.v1~415.vj~749.vk_2~113.vs_1~740.vt~735.wc_1~734.y2~734.119~734.1f8~734.1ny_1~735.1o4&met.10=1_1.IO0DEAAIABiAmHUoAQ~1_1.ILEFEODUAwj4yQQYgJh1KAE&met.1=1.kw5vp6hp~14.0~15.0~16.0~17.0~18.0~19.0~20.vj~21.vl~22.7k~23.7k&qqid.1=CLPL5L_Ko_QCFfHluwgd2xoMhg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wl
t.pubmatic.com/ 		17 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=156743
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156743/740/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:52 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
399305.js
a.th.giraff.io/data/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.th.giraff.io/data/399305.js?json=1&async=1&cs=utf-8&rand=0.5897701309874284&num=1&as=2273322%3A2273323&nodupes=1&callback=callback26162101009417094
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
02b27e01a720958f9a5a58029e4f91667596b74091eaf45cec1e29e49b1f4714

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
free.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/free.png?1593422211679
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1815"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:52 GMT
m1.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m1.png?1593426663506
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:52 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-4630"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:52 GMT
2025450.jpg
cdn.th.giraff.io/cdn/images/380x200/50/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.th.giraff.io/cdn/images/380x200/50/2025450.jpg
Requested by
Host: hilight.kapook.com
URL: https://hilight.kapook.com/view/218540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9c986594c22dc2c2be7649ca556ed8bf832cc2f16c6e85f160e23e8faae3c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
cf-cache-status
HIT
age
1161635
cf-polished
qual=85, origFmt=jpeg, origSize=25658
access-control-max-age
1728000
content-disposition
inline; filename="2025450.webp"
content-length
10694
last-modified
Wed, 03 Nov 2021 13:17:50 GMT
server
cloudflare
etag
"61828bfe-643a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 05 Dec 2021 17:44:18 GMT
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6b06abe358ee05d4-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:85,h2pri
v2_kapookcom
data.th.giraff.io/hit/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.th.giraff.io/hit/v2_kapookcom?u=https%3A%2F%2Fhilight.kapook.com%2Fview%2F218540&tag=pv_rv&tag=pv_ae&tag=ws_rv_1&tag=ws_ae_1&tag=ws_rv_2&tag=ws_ae_2&tag=ws_rv_3&tag=ws_ae_3&tag=ws_ae_4&tag=ws_rv_4&ht=3746&rand=0.9005163376479817
Requested by
Host: code.th.giraff.io
URL: https://code.th.giraff.io/data/widget-v2_kapookcom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
43.134.100.94 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://hilight.kapook.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
fontface.css
my.kapook.com/fonts/kittithada_roman/ 		387 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.kapook.com/fonts/kittithada_roman/fontface.css
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Thu, 24 Jan 2019 03:24:26 GMT
etag
W/"5c492fea-183"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
access-control-allow-headers
X-Requested-With,Accept,Content-Type, Origin
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
icon
fonts.googleapis.com/ 		569 B
462 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: my.kapook.com
URL: https://my.kapook.com/jquery/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 04:24:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 19 Nov 2021 04:24:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Nov 2021 04:24:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38512731225eb1219cc32cfff4b38ddaaa928e0b6bc941a850844855f7a121e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9320
x-xss-protection
0
popular-query
connect.thelead.tech/personalize/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/personalize/popular-query
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.228 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p354-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
fd3a0bf7ed34315fdc207115b1ed33cf1147c295cef7b00f4ee06df3d2982e9f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 04:24:53 GMT
vary
Origin
content-length
1476
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 19 Nov 2021 04:24:53 GMT
m1.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m1.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-4630"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
m2.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m2.png?1593426663506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-576"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 51EA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 18 Nov 2021 21:31:05 GMT
expires
Fri, 18 Nov 2022 21:31:05 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24828
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E14B 		783 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
841c90705d0e98b0c909a7439a47ef7114470c3f5b1f07ae3cdf3586f33ec1b7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hDNA2/5RuIz05stPi0gCjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 19 Nov 2021 04:24:53 GMT
date
Fri, 19 Nov 2021 04:24:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-hDNA2/5RuIz05stPi0gCjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
pagead2.googlesyndication.com/bg/ Frame 51EA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 20:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
201482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13508
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 20:26:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E14B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111501&jk=2353647329389365&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111501&jk=2353647329389365&bg=!CQqlCk7NAAZQLpa_UC47ACkAdvg8WoAyriFJQP_DXtVmzS8kaGnbyKgz3izglK3R2dMTdxUFhdCRuQIAAABUUgAAABBoAQcKABonMHCClIGwYzr96ib83hRjs5A0NL-yIGDN8JkCuGu3hVrDizdJXMjkXbjuZh4Isru5E4RvF_BmKtb3WgVAbt6qIi-cvHiBMj-WdIge_WA8uOu7sF_hAbX4g9R8YEA7bSBi6Ahd3M4SpA6mXJP3YqthzU52-y_uTMcULOoOfbSaa4mLKCIb5ZVLD-PIYL73S_KQpJa257jew1Rz0f0s7tgupGVjdXz1mKXU52d9Z5n9JRxyXjmRAQtHWVc71J3bh9qVJbX2XXFGJFBMIHtN3U1R0e_a4x3diC1XOMS5y_QH2CA-aDhrql3szB-4JfGieYzhknvcNoOOBYAmGXi09EwqhL0fjFg9eMstAeTu_-7If_-G6GsDjnyE6Pzux9oYLUEFvD6_ArMVKX_w03Y73B0vE0HGu6nGCWeNG4CMFJ4AUGGeVYuo9V42lYN_gxsvfEZOIPOrcMLil9npxoFrk2493AvskJkkElFYiqvlFMXN5eoUmJMVrNnsQvmA448po0MX4PYsPN73q5lIS5_5YIN2r1LIkyD8ugjr8Ljo6K6H3zR7HbuGfbPXGijuxISSDKOGsE_G2PovfCawDEgbIfSQ8TYf-y3UVj2lqCd6BaaFJhbrvNMECJPTWXYVXFEArkX65vRrngO831of5N2lT-KepqqkJvsNUhqZk6s5dx9rOsH7e1WgeiQ67tpoTcorKXxQhzVZAtHloel9ybz4Y3d0DOky_J4xiVMoAAphWMwlvczIDWECxYSqGmKklCUekxgDtUNDF1oh6MJut92OL7UT5atzzLJRNIHmTBegdFfE0ZRfwSTlrcjLJ4BEqKRyJYSLUWlFl7ia7vH0kAmo-SlwO6w7hWDpqK8LgmEM4G7vsvZu9IyaLOCfKIMfODaYv9inTDtiX9oCMKWzYfm2Wv3womlT1-bddxx0BFprzgVR6r9J8pcMnN-3tNOWfTGWzMFmgOJIMg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m2.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m2.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-576"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
m3.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m3.png?1593426663506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1be7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 34F9 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8idj4YaLGJOBrddXDuSgpjlqN6XRioZuDLnUMwJ-jGBkosqvvd-d7aOJZUWnNnhQQFJz_kgebDiDfsN0CHgh1nZoeJLZtjXkUTth4-Gkpi9yCy4g8&sig=Cg0ArKJSzGtm6dxTmAI0EAE&id=lidar2&mcvt=1000&p=390,315,640,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1922974829&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637295891051&rpt=1248&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 04:24:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
218487-new-119853.jpg
hilight.kapook.com/r/380/auto/image_fb/44/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/r/380/auto/image_fb/44/218487-new-119853.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
89432e1f2217e65908047b2809e1c735bc45576ecbe2e301e826394150727548

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/218540
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:29 GMT
last-modified
Wed, 17 Nov 2021 09:54:38 GMT
server
openresty/1.13.6.2
etag
"6194d15e-f6de"
content-type
image/jpeg
accept-ranges
bytes
content-length
63198
kp-cache-status
HIT
55378c9b-cda4-4443-98c1-454e9ff614d1.jpg
s359.kapook.com/r/380/auto/testupload/ 		159 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s359.kapook.com/r/380/auto/testupload/55378c9b-cda4-4443-98c1-454e9ff614d1.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
e4e13b8ecdf6128b3cfa7aacdd9e26f6a51025cffef773e8482dc403fe6a1ca2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:29 GMT
last-modified
Thu, 18 Nov 2021 03:34:46 GMT
server
openresty/1.13.6.2
etag
"6195c9d6-27a6f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800, private, must-revalidate
accept-ranges
bytes
content-length
162415
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:29 GMT
218549-new-915215.jpg
hilight.kapook.com/r/380/auto/image_fb/44/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/r/380/auto/image_fb/44/218549-new-915215.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
e557d147cb204f247e666fec82dd6ec10fc2327be22d091655e65793e5522f39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/218540
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:29 GMT
last-modified
Fri, 19 Nov 2021 02:27:49 GMT
server
openresty/1.13.6.2
etag
"61970ba5-110f4"
content-type
image/jpeg
accept-ranges
bytes
content-length
69876
kp-cache-status
HIT
218478-new-656416.jpg
hilight.kapook.com/r/380/auto/image_fb/44/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hilight.kapook.com/r/380/auto/image_fb/44/218478-new-656416.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.183.165.36 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p162-nasbkkST3.C.csloxinfo.net
Software
openresty/1.13.6.2 /
Resource Hash
82a0c3701afbefecd782639a34dc7dbf197fe156ce98436e8bea88c6dff1b279

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/view/218540
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:29 GMT
last-modified
Wed, 17 Nov 2021 08:17:04 GMT
server
openresty/1.13.6.2
etag
"6194ba80-c94d"
content-type
image/jpeg
accept-ranges
bytes
content-length
51533
kp-cache-status
HIT
m3.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m3.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1be7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
m4.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/m4.png?1593426663506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1b32"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
m4.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/m4.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1b32"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
money.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/money.png?1593426663506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1af0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
money.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/money.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1af0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
t1.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/t1.png?1593426663506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:53 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-142a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:53 GMT
post
connect.thelead.tech/event/ 		15 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/event/post
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.228 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p354-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 04:24:54 GMT
vary
Origin
content-length
15
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
post
connect.thelead.tech/event/ 		15 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.thelead.tech/event/post
Requested by
Host: cdn.thelead.tech
URL: https://cdn.thelead.tech/lead/lead-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.183.165.228 Bangkok, Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
p354-nasbkkST3.C.csloxinfo.net
Software
/
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hilight.kapook.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 04:24:54 GMT
vary
Origin
content-length
15
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
t1.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/t1.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-142a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:54 GMT
t2.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/t2.png?1593426663506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-19b1"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:54 GMT
t2.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/t2.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-19b1"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:54 GMT
t3.png
i.kapook.com/gorralit/kapookmarket1/728x90/images/ Frame 6C51 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/728x90/images/t3.png?1593426663506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hilight.kapook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:41:25 GMT
etag
W/"5ef9d365-1107"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:54 GMT
t3.png
i.kapook.com/gorralit/kapookmarket1/970x250/images/ Frame 34F9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kapook.com/gorralit/kapookmarket1/970x250/images/t3.png?1593422211679
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.254.43.242 , Thailand, ASN9891 (CSLOX-IDC-AS-AP CS LOXINFO Public Company Limited., TH),
Reverse DNS
Software
/
Resource Hash
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 04:24:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 11:40:16 GMT
etag
W/"5ef9d320-1107"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
kp-cache-status
HIT
expires
Fri, 26 Nov 2021 04:24:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aktrack.pubmatic.com
URL
https://aktrack.pubmatic.com/track?operId=7&p=156743&s=670822&a=2752542&ts=1637295891&wa=0&e=95&vc=2
Domain
pix.cookiepix.com
URL
https://pix.cookiepix.com/cookieSync.png?1637295892

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| PWT object| googletag object| slot1 object| interstitialSlot function| fbq function| _fbq string| WDMObject function| cpe string| GoogleAnalyticsObject function| ga function| skin2vdo function| close_skin string| page string| current_cat object| bluebillywig object| FB boolean| giraffDebugInit object| giraff function| grf_change_article function| grf_run_widget object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key function| cbGeo271249508 function| triggerEventOnJQueryObject function| triggerEventOnParentById function| setAttributeOnParentById function| bbExecuteJavascript function| onYouTubeIframeAPIReady function| webpackJsonpBbSkin function| setImmediate function| clearImmediate function| cpeclient object| google_tag_manager function| Swiper object| google_optimize object| ggeac object| google_js_reporting_queue object| tmpHead undefined| _grf_09881820934671381 undefined| VK undefined| ODKL object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_69507 function| processGoogleToken object| googleToken object| googleIMState function| head number| CONTENT_ID string| SUBDOMAIN function| GET_CATEID number| contentType string| mytheme object| myarr function| getYoutubeID object| list_oembed2 number| total number| count_box number| varCounter number| interval_id function| varName object| __s object| instgrm function| getCookie string| dmpUserMaping_id object| innityDataLayer string| url_stag string| url_ctag function| loadCss function| cb string| template string| template_new string| template_compound string| template_compound_new string| template_compound_new_z2 string| template_compound_new_z3 number| cp_count function| tag_singe string| url_get_tag_info function| setsticky function| setrelative function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| lazyLoadInstance function| cpeAsyncInit object| lazySizes object| closure_lm_689546 undefined| google_measure_js_timing object| google_reactive_ads_global_state object| innitytagmgr boolean| bG56d8ee121c51b14f6e964404 object| _innityq function| cpeapp boolean| bG5f47736a47e7049801000002 object| _innity_wtl object| _innityoq object| V object| _iampt number| dz object| skrollr object| _data object| file_dependency object| file_dependency_extend object| closure_lm_130203 object| msgData number| google_unique_id string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc string| _norec undefined| stat_frm string| truehitsurl object| ga1 number| VisitorT number| onSeconds string| p_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page number| __thflag string| udf string| arg string| _narg string| rf string| truehitsurl_top string| th_rand object| truehits_div undefined| th_img undefined| th_link object| angular object| s undefined| menuStatus undefined| menuslide undefined| loginStatus undefined| loginslide undefined| loginnow undefined| loginnows undefined| jQuery19107618084227284538_1637295889174 function| callback5567399722771675 string| domain string| prefix_url object| app function| jsonp_callback function| clip_callback function| article_callback function| photo_callback function| parseURL function| whenerr function| varidateemail function| market_edit_button string| base_dir string| base_tpl string| member_logout string| member_login function| lead object| ampInaboxIframes object| ampInaboxPendingMessages string| u object| dp function| callback8320386310422054 function| callback6054334745822045 function| callback7834295983569735 function| callback9603943445397536 function| callback8471096800659765 function| callback6773502626116059 function| callback26162101009417094 object| GoogleGcLKhOms object| google_image_requests

102 Cookies

Domain/Path Name / Value
hilight.kapook.com/view Name: verify
Value: test
.kapook.com/ Name: _ga
Value: GA1.2.628602502.1637295889
.kapook.com/ Name: _gid
Value: GA1.2.132347295.1637295889
hilight.kapook.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.kapook.com/ Name: pbjs-pubCommonId
Value: 1f909256-89fb-4aee-b14f-2e3d19103d21
hilight.kapook.com/ Name: _grf_vis
Value: 1
.kapook.com/ Name: _fbp
Value: fb.1.1637295889322.148445921
hilight.kapook.com/ Name: uuid
Value: 8449DF0E-F783-42D9-A52E-8B4058D9F797
.kapook.com/ Name: _gat
Value: 1
hilight.kapook.com/ Name: cto_bidid
Value: H1MTIl9mWmx3MyUyQmxhcVYyJTJGZzczMjU4Q2syQzhyMklVaWc4WExudW8lMkJSVG9Zc3U4a0hTQll2eG1kciUyQlBaTGVLVDVWTURRYm4xJTJGTTh1ZDBkTnVMM1ZjaG55SlElM0QlM0Q
hilight.kapook.com/ Name: cto_bundle
Value: 9Jm0z19CRzluZnRQbGwlMkZ4ZjVBN2ZDOUIzdUY3N0wzbkxIbTE3aW0lMkZkVXJlYVF2aXp6U0w4MnRSMXlaJTJCRFhnTGpLM2tkOEtyJTJCUVV4d2tkN0FtZmxpcFNvNXpGYTZZRUFUd09yQXVPZmhoUFp6VjE0TTNqdEVvbFIwdGg5WVQxZXhPYUpZ
.vk.com/ Name: remixlang
Value: 6
.delivery.adnuntius.com/ Name: usi
Value: yyq8!966192d4228ef0399e632a859de70d96
.delivery.adnuntius.com/ Name: sessionId
Value: 7670d6dc5a45bf7743328f2f0f55e3e9
.hilight.kapook.com/ Name: freq.5f73e63e47e7040e00000000
Value: 1
.truehits.in.th/ Name: ck3rdparty
Value: 1
.kapook.com/ Name: _cbclose
Value: 1
.kapook.com/ Name: _cbclose53935
Value: 1
.kapook.com/ Name: _uid53935
Value: 49DF6416.1
.kapook.com/ Name: _ctout53935
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BE2716F7-30AE-4399-BC2F-169452666759
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1638489600%3A197_219_201%7C1637366400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1639872000%3A203%7C1638489600%3A220_3_55_21_7_56_54_166_81_13_8_161_71_22%7C1638576000%3A35%7C1638144000%3A63%7C1637884800%3A2_15_223
.adnxs.com/ Name: uuid2
Value: 2420107947521994681
.adfarm1.adition.com/ Name: UserID1
Value: 7032132301425997964
.th.giraff.io/ Name: gid
Value: rBYQBWGXJxG/CD4WNaNLAg==
.simpli.fi/ Name: suid
Value: 77BCAD131F4B4FBCAB68AC42DB061136
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 72346197-2712-4b00-98b9-5c699e4a7ee9
hilight.kapook.com/ Name: _grf_uid
Value: 1418238997
hilight.kapook.com/ Name: _grf_cm
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUl5ObXp34R_P0MoDSc2UQ1zwcNmKWq_zhVsweNpSW2vbUoI2oxe5NhmmAOnmyc
.de17a.com/ Name: guid2
Value: 1.7718769723744663221
.adform.net/ Name: uid
Value: 1656506002516051173
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:72346197-2712-4b00-98b9-5c699e4a7ee9&KRTB&16736-uid:72346197-2712-4b00-98b9-5c699e4a7ee9&KRTB&23019-uid:72346197-2712-4b00-98b9-5c699e4a7ee9&KRTB&23114-uid:72346197-2712-4b00-98b9-5c699e4a7ee9
.pubmatic.com/ Name: PugT
Value: 1637295890
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7032132301425997964
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1656506002516051173&KRTB&23263-1656506002516051173
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPVqgjKbK0cRBBlRnS_TFB0&KRTB&16514-CAESEPVqgjKbK0cRBBlRnS_TFB0&KRTB&23025-CAESEPVqgjKbK0cRBBlRnS_TFB0
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2420107947521994681
.adsrvr.org/ Name: TDID
Value: fa333b71-86fe-4481-b0c9-a823e9599e2c
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YZcnEgAFnq6JKABR
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-7718769723744663221
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~21m4
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiElfjz0ceVOhAFGAUgASgCMgsI3qfIoOjHlToQBTgB
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YZcnEgAFnq6JKABR&KRTB&22978-YZcnEgAFnq6JKABR&KRTB&23194-YZcnEgAFnq6JKABR&KRTB&23209-YZcnEgAFnq6JKABR
.bidswitch.net/ Name: tuuid
Value: e1b4037d-54e8-471d-8d01-a5d017ab0847
.bidswitch.net/ Name: c
Value: 1637295890
.bidswitch.net/ Name: tuuid_lu
Value: 1637295890
.quantserve.com/ Name: d
Value: EIUBCwHhJPijAA
.quantserve.com/ Name: mc
Value: 61972712-2abce-95517-22feb
.bidr.io/ Name: bito
Value: AABazU7DLk4AACtIJmMSyg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-fa333b71-86fe-4481-b0c9-a823e9599e2c&KRTB&22918-fa333b71-86fe-4481-b0c9-a823e9599e2c&KRTB&23031-fa333b71-86fe-4481-b0c9-a823e9599e2c
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-0kklp9ZPLaLJSn3yhx0xqdFNLafJSi72gRoJ49kc&KRTB&19420-0kklp9ZPLaLJSn3yhx0xqdFNLafJSi72gRoJ49kc&KRTB&22979-0kklp9ZPLaLJSn3yhx0xqdFNLafJSi72gRoJ49kc
.turn.com/ Name: uid
Value: 4284361552413621268
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4284361552413621268
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjQzNrWwtDA0NxXiM9R1NCgwd6-s8C2tSDKR4gXKmRtZAqUNjMyNAR25A2s0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmxuZGlqYWlgZG4MAGccBagQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjQzNrWwtDA0NxXiM9R1NCgwd6-s8C2tSDIBAD3EFjwlAAAA
.uuidksinc.net/ Name: jcsuuid
Value: Keql7rMBA4Ni0g7PXxRF
.truehits.in.th/ Name: truehitsid
Value: lOxn0Ve7
.onaudience.com/ Name: cookie
Value: ca31da048c87b44e
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e1b4037d-54e8-471d-8d01-a5d017ab0847
.exelator.com/ Name: EE
Value: "0ebbabc8f069676fe2a9e60ff3fc0e78"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEgNSkpMSnZIs3AzNLM3Cwt1SjRMtXMIC3NOC3ZINXcYnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ0SX5RZvoiF9fFRSlpDItKik8F75ttAQDGMSrI"
.innity.com/ Name: iUUID
Value: ca3a0ecf5539c096035fe7d0381afe36
.kapook.com/ Name: iUUID
Value: ca3a0ecf5539c096035fe7d0381afe36
.kapook.com/ Name: innity.dmp.143.sess
Value: 1.1637295890544.1637295890544.1637295890544
.kapook.com/ Name: innity.dmp.143.sess.id
Value: 166716972.143.1637295890544
.kapook.com/ Name: innity.dmp.cks.innity
Value: 1
.pubmatic.com/ Name: pp
Value: 156743
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.rubiconproject.com/ Name: rsid
Value: 1|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3IXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2VoJ7Psdi6fqQ/Fn9jJ2Tlph+Ceuqbr/dqjK1sECNPHwCVEQbe2pSuLwbELo+Q1ANcwU9v3Cm//uCAnekPgJibxpTpySnG5S3QD5U7tEfUTQ==
.rubiconproject.com/ Name: khaos
Value: KW5VP6KR-J-E67I
.adsby.bidtheatre.com/ Name: __kuid
Value: 382689f1-fcd7-47d5-bb96-5a075f819b08.406509890
.kapook.com/ Name: __gpi
Value: 00000000-0000-0000-0000-000000000000
.th.giraff.io/ Name: nid
Value: F2r9p2GXJxIFe2W7QAUcAg==
.mathtag.com/ Name: mt_mop
Value: 9:1637295890
.kapook.com/ Name: __gads
Value: ID=404367f25c1adfed:T=1637295889:S=ALNI_MbpIWEdOP0cKtBPz32by_KWYe36pg
.yahoo.com/ Name: A3
Value: d=AQABBBInl2ECECRNNmEHOCZJLlRzlp8YiAIFEgEBAQF4mGGhYQAAAAAA_eMAAA&S=AQAAAtZMAneF-4wRFinAXc2PDcA
avd.innity.com/ Name: geo
Value: EU%3BUnited%20Kingdom%3BGB%3B%3B%3B
.kapook.com/ Name: ka_iid
Value: 8VdCPPQhgzZ63wurC17Gwr
.kapook.com/ Name: ka_sid
Value: LJ5TCRRSt5TpNB9dbNhkjQ
.casalemedia.com/ Name: CMPS
Value: 5224
hilight.kapook.com/ Name: _lr_retry_request
Value: true
hilight.kapook.com/ Name: _lr_env_src_ats
Value: false
.casalemedia.com/ Name: CMID
Value: YZcnE94H3Za5DeInNSGw3gAA
.casalemedia.com/ Name: CMPRO
Value: 1109
.casalemedia.com/ Name: CMST
Value: YZcnE2GXJxMA
hilight.kapook.com/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%22fa333b71-86fe-4481-b0c9-a823e9599e2c%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-19T04%3A24%3A51%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU%hLdmC!]tbPl1M>e)ZlrFUfJ+tGXxo3HQpOK?i-4KM(d4<>6*kkaVHJ3[81N<KG'rj*bpRz*qF1`*b^7Y)p:7H
.casalemedia.com/ Name: CMRUM3
Value: 2d619727132760CAESEDkdJAfBolp2M5i_g4RMBUE
hilight.kapook.com/ Name: id5_storage
Value: %7B%22created_at%22%3A%222021-11-19T04%3A24%3A42.637288Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
.kapook.com/ Name: panoramaId_expiry
Value: 1637382291408
.pubmatic.com/ Name: SPugT
Value: 1637295891
.a.th.giraff.io/ Name: s
Value: 2273322:2273322:2273323

4 Console Messages

Source Level URL
Text
other warning URL: https://cdn.bluebillywig.com/apps/player/20211115.130354/player.js(Line 25)
Message:
The keyword 'slider-vertical' specified to an 'appearance' property is not standardized. It will be removed in the future.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7a4b54d052e77aee9c6d2a1cfefa2a6e.safeframe.googlesyndication.com
88bd6a0acc969bbd15e7cdabcd9524a3.safeframe.googlesyndication.com
8e0ab5ebbb37c1d093bdd9d464d1c135.safeframe.googlesyndication.com
a.giraff.io
a.th.giraff.io
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
api-center.kapook.com
api.dmcdn.net
api.pxl.dailymotion.com
api.rlcdn.com
avd.innity.com
avd.innity.net
b498de7508ea5f17a5c66eddaf4261ba.safeframe.googlesyndication.com
beacon-fra2.rubiconproject.com
c1.adform.net
cacheportal.kapook.com
cdn.bluebillywig.com
cdn.jsdelivr.net
cdn.th.giraff.io
cdn.thelead.tech
cm.g.doubleclick.net
cms.kapook.com
code.createjs.com
code.th.giraff.io
connect.facebook.net
connect.ok.ru
connect.thelead.tech
csi.gstatic.com
d5p.de17a.com
data.th.giraff.io
delivery.adnuntius.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eea2f921b27aa65779f73fc733eb3944.safeframe.googlesyndication.com
eus.rubiconproject.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
gum.criteo.com
hbopenbid.pubmatic.com
hilight.kapook.com
i.kapook.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
loada.exelator.com
lvs.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
my.kapook.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pebed.dm-event.net
pix.cookiepix.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
pubmatic.mainroll.com
r4---sn-4g5e6nsy.c.2mdn.net
s.uuidksinc.net
s0.2mdn.net
s359.kapook.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
smarttag.rubiconproject.com
ssl-avd.innity.net
ssp.adriver.ru
stat.media
stats.g.doubleclick.net
stats.mainroll.com
sync-tm.everesttech.net
sync.mathtag.com
t.pubmatic.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
vid.pubmatic.com
vk.com
vpaid.pubmatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.kapook.com
x.bidswitch.net
aktrack.pubmatic.com
pix.cookiepix.com
104.111.224.62
119.81.216.16
142.250.181.226
142.250.185.66
142.250.74.194
143.204.98.111
143.204.98.52
15.197.193.217
151.101.194.49
159.122.14.34
172.217.18.98
178.250.0.163
178.250.2.146
178.62.202.251
178.79.242.16
18.198.69.109
185.29.134.248
185.64.189.112
185.64.189.226
185.64.190.75
185.64.190.80
188.65.124.59
188.65.124.90
193.0.160.129
195.161.16.131
198.47.127.19
198.47.127.20
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
202.183.165.228
202.183.165.36
203.151.144.224
213.155.156.180
217.20.155.208
23.106.253.167
23.37.42.132
2600:9000:2156:1200:1d:47ad:2280:93a1
2602:803:c004:200::143
2602:803:c004:200::152
2606:4700:10::6816:4f7b
2606:4700:10::ac43:1ac7
2606:4700::6810:5914
2607:f8b0:4005:80a::2003
2620:116:800d:21:5a23:9c4e:e774:96c1
27.254.43.241
27.254.43.242
27.254.43.243
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:64::9
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c1b::9b
2a02:2638::1c
2a02:26f0:6c00::210:ba1a
2a02:fa8:8806:16::1400
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f21c:80e5:face:b00c:0:4420
3.126.56.137
31.220.27.134
34.120.133.55
35.156.121.212
35.244.174.68
37.157.6.251
37.252.173.22
43.134.100.94
51.75.146.199
51.79.83.225
52.215.102.174
52.215.68.151
66.155.71.150
69.173.144.138
69.173.144.165
81.222.128.215
82.148.14.194
85.114.159.93
85.202.161.1
87.240.190.67
00086bf343de593bb06048dcad34e5a1d13847bb3e2f06a5394053fbe06e2a13
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
0155a6be45616060c044f3889a174d71a8cbba6bccf0d2bfecb3ef8c3911a601
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
02b27e01a720958f9a5a58029e4f91667596b74091eaf45cec1e29e49b1f4714
0554bac300cb54e43daff0148008e7a6d3f35ec3a0eacae2235bb8da8d1eae57
06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
078485c2ef3f95d9c63732cb9445ba6814ee1b9f2cb6a2f9eaebc85a59227b3f
07d5f877fd8af54f4fb1e1a562af64fdeba316d4b6e69a6d1aa6412c085f61da
08f48429b130365be6ae4966880ebecaaf32bc11d8b9e2f1c6495dd92936d5e2
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be502b9446e16b338d36ccadac232f4a68ab74655f98fec415ccdbbccbf5729
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
0c70dea7f7ae178cc658f383f959806d1c2476ffaaadc90e591a5a542746e306
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
10c3d6d47481598c6001fc73ad888736c907cdb8e5e2ffb2e8ebb9f0610e1c49
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d086123159647087409219dd2c223f05a740330e755c3eee4a20bbcdbfea19
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1869a799ad8fcb8ed4f7ca265940db5656e2d369376e6a7c8ba2d0b041fedd79
18c32489ad4b5869d199970a70ada9cae17a82d7588f9f6145289cfe0087433f
1c37b9f272a717c741e9294666fec7c6f3bdfb63ca3544803f4770668047c788
1cf1f7132ec2b6e9966d683b1fe193d130ae40191ec77e5449f3c3de6cb4456c
1d2a8c794add60a46cd6b6baccd0f696f532a5890f4ae056e77ea862782f3cd6
1dc6d2d43514d1d8956877d1f2ef347cd5abdb8ecf8e47aba59d87b8a6da49bb
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
2257a1847773bc2f2273720e446fb019b71e6c4b2410ab2ff8c2961b7c538a0b
237109949b73d2ee41a8d07042fc132ef14bcb34f443374eb98622686f62ca9f
261bb00bef911c5669e21d2eb97c372fa56ac5b0fd511886d7365980168e9481
278435d6363e75af1589f34c3a2be4ad950a3fcbeada286ef6a0282436c2ddbd
27cccbf9ebf3d40c6f0e333a63884e8970b1ad2d87b45665cdba5bc299895fff
288f6e8c235a885732fe11fbb164377baa2a8571f7bb7d589cd575e1e1873031
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2c4dfa47688b11bbd75dba8e7c3b30416dd39e2de1c842d3330b4fce3ebcfbae
2f54e8a76f78dc7236969087cfef1e06b5ef42fc4f96ab8c5dd29180e36267ec
303b701d48a7993b4176e72cf7e6f990959046b802acf41d0682d7344a40f4a6
30464051c94e5d8e58c23a199d488299e323daa29c32e4a36dc9e5cc93fcd618
321691b61b4d66024fd0a56b52ace5707942bc2cb24e2b7479f8fd6e6de2ceab
33ceac8852b43e0afb94ba6646ebda4654e9aba3c178e3d4819e4de6be134c8c
35e8d116088a6759d383a2997d73a401fc6ab313eca6999bfcc4a6d805baf133
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38512731225eb1219cc32cfff4b38ddaaa928e0b6bc941a850844855f7a121e8
38efc54eb97b294bf9f710239d5922ba7854186c13d9d39571e972fc5e6bc834
3b8e2eae4eb8f3e1b4132f8f7bac7c2aa5582b5d9a41d85983e960a0bc382926
3df10c6040524c148b213dba8cc1b5585a53e60d58cdc95e90a866dab5bbc3b0
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41f5f41fae57894923b9c02c9b5d619b8492bb1e4ab823a00cfd7dea2e70232c
42b8ae3f5d6f11558511d533082c60d4b4611a7d82c9116e54d0ecfbdb289541
42c56f0c2feff0c1c40ed1ee9f28c3deec7b29edefb43d50502f6a6d48623949
43f52a5e6e725ca87b9453e061f3564454d1da9d6b632431eb66896d2a7d4539
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
44b1dfba3096651cfa5bf09eabf8e6ae420490fce25bfb4dcf8a46101549f9d7
45c302f6d352a0c4e108a22a3b051ef23a12c77753fbd9d911083d6516ca8777
45d5e7cfe61e1d658856be3e90a9f57b4e79512497e2c47811cc7a44f430c75d
461936dc0a0933f6e2ccb6004a5c9e571303d356c8da26517f3fb2b57e2e0068
465099f20f471b460cd64714cf19acb077d5d595581433a55ec85a1afb726d4b
46b0ab164ea126ec0a84ff9f6f17abc06fc6729f800e1c25cc22e793b98507de
47cc326b95131fe5a4aa3bbcaa62900bd9d8a8558f5e47e9f6ffa9b4738055d7
47fd2d89da6d57a193dcdfde77680f8b0511740db8df42efe176f7683e835e8b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
49345f0372a5f2c59f8c830e15671d838ccaff58c5138f65fd3367c89c92f229
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4a642da827ad3fb5b4bd419082f0b6da9e60654433368a9d3cb829058ba19f28
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ccb64cb52eff9e8c10713a938a73ec2461b8b1e71acef86c52cd7242c3b0090
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
537f05a68252d9bfd7f05788fdf4f0755f1d7408855be918a5cfdc893050ea14
53c98371198ed64eaae5dcfb6c384bc6a57aa83c7c15a4177b49c8c19d508501
54822c5709873bcf9afc8091b8441dee5f4acc246672adc5c720899a6fc21f32
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b
5662ae17afa4eae1c6bab0464e39ae66a43cd7d679a153ecfeacd983d88de975
591e83b3346c9a91bb0ac1c9c658fae064d1b61e238b2efb2f213215323a9882
59ce937613311d1ed6f8b028b62172ac1090a451188e0dfcb48d00e65152a5ba
5a298162070e6c98a3babbbacfb38fb188d1ea28e7f14c61524426b4414f2cba
5c3cce8b8b874c74b9689d26608f7ca173bbf1982a809be6ee9670ebb9c38824
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d83682d408b8a5341dccb1e99215ef987833d80b13f28c2e19b91e1c4ea3df3
5ea9a56c380c2d473a725073c08c19c1f187ebeedee13dbae49bd3adf91ce1e2
613d3c9b1ae664647fc29af09983332254942b09d13dbc83eb8918e70843c639
617f957bbfb2c3afadf6114f8a2a161113d66e1362d30837d440a2e321abb327
6326eb339107d496ca5463a643a811b068758adac7d4b0f0f4e0b2f61fde72d8
632f5cd08bf1e4b618918edafe034f3ce838afe3b8a010b8fd26b08e79e50599
638b569a555e5237e935eaa674fca4ef1317347d53c41171b811759c47534d0e
63be908d043a6114d7a0899b8089d75366a3293530a42f85988260320f5436c9
6501f17d0120035bb709b4bb2e848af8bf31f4b9ec55834387015602daadb02c
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65febccb1cfc56bd6a3cc5fa437eb899e774d6415a2165ba2f4edf3195082813
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cfd6be94f5fe5fed376b185db31c537e0ae0eada1c6877ea81312368aea4c8a
6f551c1bc340a4c7d04aeb9401c8120959c8e5e674fe53cfc1ecb7e43cf00902
73cbce14c5fd57abf58ec408e249185f14703c2885a37fd469addc2c99c981ad
73e474a6433fb8cdacf6bee70c71b865f083fae737a0fa68522594bd831fbe4c
760ab9911c00c318c2ccfa343765c3c40fe4fd218137dc639cff9aacec12f8f2
763e533aa665d792df68fd2916b5d2da704f3122c1a0284aa7bfe84674a4e4f9
786c04f75c9e13cec3f0aceccba3e6a87d9e1dff0a905fbf89c32ec104793c88
78b8b9c06e8648b397191402eb4ca35c9a83400e71f2338c84f2ef1393ef32cf
7b725ae865db1ff6a60a6dc326de6c6689138e473de067d5309b8562ed8addc6
7c56eaccdfaf45898b493d44f6063c20f365137a89bc2a883f2b7a53a3f5ea2d
7f2e4ff471eeb00fdcfe65903def339eb79d799e649f39d9f3bf2d98caf175df
7ff4ad5f791e76df0cdc0b00c109ef3e2cc952982be33a56cf2a1bb73fa8a229
80d0638858ecf35cf9f8b25ea9875ae31051eb9c78c48317a5ee57de5ba5f798
816b65eee27886994d29ea2d5e325d5c45ad63ab56893f3b2697232d656242ec
82a0c3701afbefecd782639a34dc7dbf197fe156ce98436e8bea88c6dff1b279
8314f0c861f269e2e5291161165b859d86b07cde4f207c8670836454ef721494
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841c90705d0e98b0c909a7439a47ef7114470c3f5b1f07ae3cdf3586f33ec1b7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8819b0d3268b13f643a92860ff6db03177c44398768eddae4c7572187dfcd480
88c65b52a54592ac090863be12062fec8b78a5d96cd2d6b149ba1104965923b4
890811f2dee35e6df6581edb88d87d010cc01b38f218e6d5e1a65cccec00693e
89432e1f2217e65908047b2809e1c735bc45576ecbe2e301e826394150727548
8a3b04610b638de417f7fcc5f16dd25402e366cf46579fb0610749660a1aafa8
8a682188b461bbbcf5da4add2ec9ca4ba86d9cbf1c19fae6def913a84f8da0c0
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8c5b687f706a9d071d04ebcbd71bbf7e5f02b7d42f0ad781b4ee2511897c524e
8c86fe21a1c37e50fa97e339c3da68f3700a3c4a4eca1bb9663894553afc311d
8d1910a80fa9c415785ff71dd76a7826887136063b70ecf1b3c9e279b53d6da7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fc532add3314545a52dde94fea2091845a6d1069005f831b7c40923db6f8ae9
92e4092dbacfbf189bb993d6c7a884b97c810676465275dd4cc343d1b28f5766
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
977f35f75dfb224977b278c01ff5bd8fb73f53fcaec7480681eb779e34177f23
990361213a788f276de016ed7f9f42e96c2a4d91bb97bb59acf026ea9cbf4d56
9c45c6581f154b44f31a426c185f9e63eca4a3bece818d4538e32eb6ad45078b
9cb46df45ab7550f47004e885582a412d0b5008c3d8e5b67bdea86db4aaf450f
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dfde2ba9c506a2ff3279b128416b5c9b53f819ffffa56c0756d7619a74543fd
9f24677be7eecb840c6f532e665448d433748e43b51cae8649e0d172f7c39ab1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0eeae3d8cf894c79166200f51f81d76a2f823df18595b9e4927b237f257e199
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a36e915e6d259a73087a05d749dcbc1a7333c391af215218e87278f50ae45e2b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ddcd5757f5558d4903a2552265e2387b184d2e2a13f62d4d30aa8e251b74b2
a5063b4d545a41e524c13af9e390b6aafdb06f8c1d3167162ef5c9d20f660a54
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a64e146a49f7a281c1f34f88d5662ecba88fe33b77ad0cc8a161ab98e9a3a9b0
a67b319836d86d61b5073a465f042bc9d0583ee4705bde230cf7e542c0ac8a38
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a886859a8542583923065d61ca09cce54a7af00f4c1b49708d006ba229e675db
aaf3814524bd89364709ba29a2bfc51a8934b7e55b925b9d706d3c3ae9f9f53b
ab0335a147eedff460c9dcd5fd249b78606c81898e57db7397d1a4bacb962d5e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad4958ed3cb815e2b8b1ff4ae13807cb6c4780403d1c79fd94b2ca56005fbefb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0598f6bd96146e80c02b36de081942587425b10757f98d935aa70a1c760cb32
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18f0ae7e6dbf30d1e2717c998d8a90739617424335e570467cfbff24c369fd7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b55bcf7b09c0d7240291d5bbecc7f8fefe5ecff76945f5cef6873b5974b6ae8d
b5a3530e4b2177e1c71bbe14b92236b2fc7d1c8799108057e64890d936e431b2
b6f1992739740770e2126734354268f7fce885af79099569b8167f94736f507c
b92e76492322bd18e6bd6349530801a40b3393253125784a1cb1df6e97d37beb
bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b
bacf58b209770d37b89b09e4710b8e560266636d2d4c9a8451fbfa848d807fa6
baff1a934d373bb454702c82431c9c39a0503226583f69c784fe352c6c9da249
bbaa45ca63d2a369ce0752b1606cf67de2d689b320f1111277ed9ce97f29aeac
bc2258efd8fc7f792e0e6ccf033267cc3932082ee5c145ad2114afe64060942f
bd09cf357b25450e280234252a2a7f8b1e8f729ee4e4d99e2c061d49e7475bda
bd14d25fb8b5f98af810efea7049fad966e15e3c4bae892398398cacf2950e19
bd98b15ef22d320582f5b55b0a63a0ea2b676d7a873a0e3ad0ae62acf3169c88
bdc42aa4a949710671f730141ba5a5b67a8cfac29d8b501646b729c210ca5f21
be5913c6e9820dae39a9bdadbd7bfd525f076299fe92ac078cc668abc56d9550
bf42d056ce8cf3ccacfcfcd4319b5f5d96a9bd63b60a2d0899f30cc209bf60b6
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c29f9560b55e4615fdc859eb101865212086d33cec7375c40cb481a9f0b6e731
c2ff7f70b3225dcf12a96550ca4184fefd931e935eb7ea139b427411ce0031a8
c33a4a602c0a5bd19311d720325fbc3cdc25c66f0d8b36ef74f24eb6cff11c25
c3e32b434d0fc805b28e37bad9f6ad8b07d911cbc3bfa1f4484bc368729d886a
c4213c3fa4712b44d6dd366ee17ec80cd0d4d14daf33166d9e790da37e868f86
c82ee2257b6d288e3c483d50c954092e2dc04586054b9a82d30590113dc41a33
c89c9fc7bc0bcd36a7b5a9ff75bd3f7a977a184759edc2bb53a4f65770c7c9e6
cb82514134b5fdb33ccd125c6de3ce797d2563c8d1640f339e5123f084279287
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcb7b75a5b1b0c3d9f5b29f93355561913f75d826274412810b0e9db55cb7ae
d054801f4fca3b3535bc08e6b7dc6dc9a7faa2e94fb298c72923f4c77765ebd4
d094b1b98f3193b96465288be265ab2825b25a2fb049dec8d7967b308e6f0510
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d26533b4db9d039646b9f6fca8708bf3fe96e18eb851e38da43aa1a579145b4e
d3b3a603c3c709ff564c8f2e3ea5703116008e997674664f3f341ead54bd6958
d5dcfee16ba22d42e6380d13c07202e0372fab39e9b71b256cdbbcb818ed96c1
d7bb934e518c87d758dd90505d1ed7c16de4f044fcd666156cde2050c10802c3
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db8deb30d5cecf873a6361b5410aed53a439e46072dcd6af4dc2481e44ea2a59
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd396cba7949e705825c1cfc7f12946cce49176ee3d7da4ca179aa864674674d
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
df20478b52dea69126952f75750fc87b3ad848d9c563fe529028d260b64529e5
e0aca7971caf502dbd0e4d8093c8c9367b9a986dac102d0ddb223d18d2e68ff4
e0fe3cf3f4b694a7bc4bb1b11462e00a89eebf156fdb9436f7f01c38fea73e26
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4e13b8ecdf6128b3cfa7aacdd9e26f6a51025cffef773e8482dc403fe6a1ca2
e557d147cb204f247e666fec82dd6ec10fc2327be22d091655e65793e5522f39
e6733c9c2e5a3b02f9a30a80822e46bf05ead43eb696a95b711f0f445e57b266
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e914bfc9c6e45d94cc0e9c1b75a2f7180428f46ecce8e2695731853c9602c6a6
e939023bfc56418bffc4a75a5c48a54898479639808a1b2192dfbd7e072e6265
ea51adf4e82e91cf63f6ec6f08054cb7c7d332fc38521b5c057405a3ef4e9de0
eb00caeeb5864d2c296487be10f4254f93fb6b66653755703eedbeb3a75b12e6
ebd473d7f288cf6fc7cd00a65cece7f14fa649b25b4f47effd1acc7ad5f4c1eb
eda51ab7248feccf81e351757e504a158c1dd25a63c58304eb8111829ab438a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f1259058440967c44906abd94210fd46d4d09da874483152e3495bedf41ebfd1
f1f779cf00fa560698197236fefc380cc09cc19ac832f97341f4acbaefcd492a
f37edcb6cb01156806a23d0edbd73f045b25c82962b3aa7434675608b49a7e3e
f58089bd78c9c0bec016b4f773e16b083c2bd6b23e1241df58c6aedeff3410ed
f651e0344ed67b104b79c3b8cfb88260a7f5bc6bc9ed9a70737ac09b7bdc7289
f721bcad48ab572477de1c1b5f547cd92c52beb0afc5cd6681b6d604aecb3b42
f73b1025d0d708e80c7d3c65161f97ce64b667afc92d6484598eb88d1d4b9454
f8a17c5abfdfbdcd28cd156dd8842f4b735fcaaf9ecc0c3aadad4bf3052a0bbe
f8f28263933a84466cc21cbf27d39d2aab3db9a6e447d0a9c07d56f75e568c5a
f901876b0b270e9dec25e18a5b19e44b9a9a207a7eff6d560f7c9e96e117bd2b
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
fa5eb1e2aa590b1ad55c7770773f0d58595c9398cb117f508c29bcf8fbfe61ba
fc856d4345031aa1129a23530aa157b64f231ae829b8e1954a2c80ae14ac9d71
fc8c790b6a33e61d31a8d3904d28d2c58ad4ad9daf87a18e4d253eb61e96391d
fd3a0bf7ed34315fdc207115b1ed33cf1147c295cef7b00f4ee06df3d2982e9f
fe9c986594c22dc2c2be7649ca556ed8bf832cc2f16c6e85f160e23e8faae3c8