www.sanook.com Open in urlscan Pro
61.91.93.188 Public Scan

URL:
https://www.sanook.com/
Submission: On June 17 via manual (June 17th 2021, 3:23:04 pm UTC) from CA

Summary HTTP 445 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 86 IPs in 14 countries across 88 domains to perform 445 HTTP transactions. The main IP is 61.91.93.188, located in Thailand and belongs to TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH. The main domain is www.sanook.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 27th 2021. Valid for: a year.

This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	61.91.93.188 61.91.93.188	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
84	150.109.191.116 150.109.191.116	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	150.109.206.145 150.109.206.145	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	101.33.11.88 101.33.11.88	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	61.91.94.132 61.91.94.132	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 8	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 17	2a00:1450:400... 2a00:1450:4001:827::2002	() ()
1 3	2a02:2638::1c 2a02:2638::1c	() ()
2	178.250.2.146 178.250.2.146	() ()
1	2a00:1450:400... 2a00:1450:400c:c04::9b	() ()
3	2a00:1450:400... 2a00:1450:4001:828::2003	() ()
20	216.58.212.162 216.58.212.162	() ()
1 3	65.9.82.63 65.9.82.63	() ()
3	104.111.224.62 104.111.224.62	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	119.81.216.16 119.81.216.16	36351 (SOFTLAYER) (SOFTLAYER)
7 14	185.33.221.13 185.33.221.13	() ()
1	61.91.94.198 61.91.94.198	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
7	185.64.189.112 185.64.189.112	() ()
6	178.250.0.165 178.250.0.165	() ()
3	23.37.38.181 23.37.38.181	() ()
2 10	35.244.159.8 35.244.159.8	() ()
3	77.245.57.78 77.245.57.78	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
3	184.30.21.51 184.30.21.51	() ()
1	2a00:1450:400... 2a00:1450:4001:812::2002	() ()
3	2a00:1450:400... 2a00:1450:4001:813::2002	() ()
4	2a00:1450:400... 2a00:1450:4001:811::2001	() ()
1	2606:4700::68... 2606:4700::6812:d841	() ()
1	51.89.21.20 51.89.21.20	16276 (OVH) (OVH)
3 5	52.30.14.23 52.30.14.23	() ()
6 9	13.248.242.197 13.248.242.197	() ()
3 12	2.18.234.21 2.18.234.21	() ()
2	101.33.11.45 101.33.11.45	() ()
2	151.101.113.108 151.101.113.108	() ()
20	2a00:1450:400... 2a00:1450:4001:801::2002	() ()
5	2a00:1450:400... 2a00:1450:4001:803::2001	() ()
20	2a00:1450:400... 2a00:1450:4001:827::2001	() ()
4	185.64.190.78 185.64.190.78	() ()
6 6	185.29.135.233 185.29.135.233	() ()
3 3	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	() ()
5 8	37.157.2.236 37.157.2.236	() ()
17 33	142.250.185.162 142.250.185.162	() ()
4 4	213.155.156.181 213.155.156.181	1299 (TELIANET ...) (TELIANET Telia Carrier)
14	185.64.190.80 185.64.190.80	() ()
1 2	178.250.0.163 178.250.0.163	() ()
2 2	85.114.159.93 85.114.159.93	() ()
2 36	185.64.189.110 185.64.189.110	() ()
3 5	52.209.246.140 52.209.246.140	() ()
3	185.64.189.114 185.64.189.114	() ()
4 5	146.59.148.16 146.59.148.16	() ()
1 4	2606:4700:10:... 2606:4700:10::6816:1957	() ()
2 4	159.253.128.188 159.253.128.188	() ()
2	2a00:1288:110... 2a00:1288:110:c305::8000	() ()
2 3	18.156.0.31 18.156.0.31	() ()
3 3	151.101.114.49 151.101.114.49	() ()
4 5	35.156.158.150 35.156.158.150	() ()
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	() ()
3 3	178.62.202.251 178.62.202.251	() ()
3 3	66.155.71.149 66.155.71.149	() ()
1 2	72.21.206.140 72.21.206.140	() ()
3	169.197.150.7 169.197.150.7	() ()
2 2	51.178.20.139 51.178.20.139	() ()
1	2a00:1450:400... 2a00:1450:4001:811::200a	() ()
1 2	52.17.202.120 52.17.202.120	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:808::2006	() ()
7	185.64.189.226 185.64.189.226	() ()
4	142.250.186.98 142.250.186.98	() ()
4	52.215.97.146 52.215.97.146	() ()
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	() ()
1 4	2606:4700::68... 2606:4700::6812:d05	() ()
1 1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	() ()
1 1	35.190.0.66 35.190.0.66	() ()
4 4	70.42.32.127 70.42.32.127	() ()
1 1	185.86.137.107 185.86.137.107	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	35.205.207.25 35.205.207.25	15169 (GOOGLE) (GOOGLE)
4	185.64.190.81 185.64.190.81	() ()
2	35.173.0.225 35.173.0.225	14618 (AMAZON-AES) (AMAZON-AES)
1 2	193.0.160.129 193.0.160.129	() ()
1 1	172.105.199.172 172.105.199.172	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	80.64.106.148 80.64.106.148	() ()
1 1	178.162.133.149 178.162.133.149	() ()
1	54.72.136.29 54.72.136.29	16509 (AMAZON-02) (AMAZON-02)
1	34.107.231.31 34.107.231.31	15169 (GOOGLE) (GOOGLE)
1	151.101.14.110 151.101.14.110	() ()
1 1	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
3 3	198.148.27.140 198.148.27.140	() ()
1	162.247.242.19 162.247.242.19	() ()
2 2	162.55.6.210 162.55.6.210	() ()
6 6	213.19.147.44 213.19.147.44	() ()
2 2	87.98.228.78 87.98.228.78	() ()
2	2606:4700:20:... 2606:4700:20::681a:ad1	() ()
2	173.231.180.197 173.231.180.197	() ()
2 4	199.232.137.44 199.232.137.44	() ()
2 4	35.227.248.159 35.227.248.159	() ()
4 4	3.66.135.160 3.66.135.160	() ()
2 2	18.210.5.212 18.210.5.212	() ()
2	38.27.122.101 38.27.122.101	() ()
4 4	35.201.96.126 35.201.96.126	() ()
2	185.64.189.249 185.64.189.249	() ()
2 4	77.243.60.138 77.243.60.138	() ()
2 4	54.78.254.47 54.78.254.47	() ()
2 2	34.98.107.212 34.98.107.212	() ()
2 2	185.33.220.244 185.33.220.244	() ()
2 2	34.251.173.19 34.251.173.19	16509 (AMAZON-02) (AMAZON-02)
2 2	23.22.239.72 23.22.239.72	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.130 142.250.185.130	() ()
1	203.151.133.54 203.151.133.54	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
445	86

7 61.91.93.188 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-188.static.asianet.co.th

www.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graph.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

84 150.109.191.116 (Bangkok, Thailand)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

s.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 150.109.206.145 (Tokyo, Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

p3.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 101.33.11.88 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

lvs2.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 61.91.94.132 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)

sal.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 216.58.212.162 (Mountain View, United States)

ASN- ()
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.82.63 (United States) 1 redirects

ASN- ()

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com

avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 119.81.216.16 (Singapore, Singapore) 1 redirects

ASN36351 (SOFTLAYER, US)

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.33.221.13 (Amsterdam, Netherlands) 7 redirects

ASN- ()
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.91.94.198 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)

api.u1sf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.112 (United Kingdom)

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.165 (France)

ASN- ()
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.38.181 (Frankfurt am Main, Germany)

ASN- ()
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.159.8 (Kansas City, United States) 2 redirects

ASN- ()
PTR: 8.159.244.35.bc.googleusercontent.com

tencentth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

rtb-eu.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.21.51 (Frankfurt am Main, Germany)

ASN- ()

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN- ()

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN- ()

279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d841 (United States)

ASN- ()

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.20 (London, United Kingdom)

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.30.14.23 (Dublin, Ireland) 3 redirects

ASN- ()

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.248.242.197 (United States) 6 redirects

ASN- ()
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN- ()
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 101.33.11.45 (Frankfurt am Main, Germany)

ASN- ()

img-as.fsanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.108 (Frankfurt am Main, Germany)

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN- ()

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom)

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.135.233 (United Kingdom) 6 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 3 redirects

ASN- ()

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.2.236 (Denmark) 5 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 142.250.185.162 (United States) 17 redirects

ASN- ()
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.181 (Sweden) 4 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.190.80 (United Kingdom)

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN- ()
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 185.64.189.110 (United Kingdom) 2 redirects

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.209.246.140 (Dublin, Ireland) 3 redirects

ASN- ()
PTR: ec2-52-209-246-140.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.114 (United Kingdom)

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.59.148.16 (France) 4 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1957 (United States) 1 redirects

ASN- ()

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.253.128.188 (Amsterdam, Netherlands) 2 redirects

ASN- ()
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom)

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN- ()
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.49 (Frankfurt am Main, Germany) 3 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.158.150 (Frankfurt am Main, Germany) 4 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (United States)

ASN- ()

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.62.202.251 (Amsterdam, Netherlands) 3 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.149 (Portsmouth, United Kingdom) 3 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN- ()
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.197.150.7 (United States)

ASN- ()

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.139 (France) 2 redirects

ASN- ()

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.202.120 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.226 (United Kingdom)

ASN- ()

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN- ()
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.215.97.146 (Dublin, Ireland)

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d05 (United States) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.127 (United States) 4 redirects

ASN- ()
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.107 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.205.207.25 (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.81 (United Kingdom)

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.173.0.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.199.172 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN- ()
PTR: s-fr3.rutarget.ru

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands) 1 redirects

ASN- ()
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.136.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

global.cloud.netacuity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN- ()

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.39.188 (France) 1 redirects

ASN16276 (OVH, FR)

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.140 (New York, United States) 3 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (United States)

ASN- ()
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.6.210 (Germany) 2 redirects

ASN- ()
PTR: static.210.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.44 (United Kingdom) 6 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.98.228.78 (Spain) 2 redirects

ASN- ()
PTR: ip78.ip-87-98-228.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.180.197 (United States)

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.137.44 (Frankfurt am Main, Germany) 2 redirects

ASN- ()

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 2 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.66.135.160 (Frankfurt am Main, Germany) 4 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.210.5.212 (Ashburn, United States) 2 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.27.122.101 (Chestertown, United States)

ASN- ()

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.96.126 (Kansas City, United States) 4 redirects

ASN- ()

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.249 (United Kingdom)

ASN- ()

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Hjørring, Denmark) 2 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN- ()
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.107.212 (Kansas City, United States) 2 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.173.19 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.22.239.72 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN- ()
PTR: fra16s50-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.151.133.54 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)

notification.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	isanook.com s.isanook.com p3.isanook.com sal.isanook.com	2 MB
84	pubmatic.com 2 redirects ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com t.pubmatic.com simage4.pubmatic.com aud.pubmatic.com	311 KB
65	doubleclick.net 18 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	376 KB
45	googlesyndication.com 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com ade.googlesyndication.com	240 KB
18	adnxs.com 9 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	49 KB
13	casalemedia.com 3 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	13 KB
13	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	5 KB
11	google.com 2 redirects www.google.com adservice.google.com	1 KB
10	openx.net 2 redirects tencentth-d.openx.net eu-u.openx.net us-u.openx.net	3 KB
9	adsrvr.org 6 redirects match.adsrvr.org	4 KB
9	googletagservices.com www.googletagservices.com	300 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	124 KB
8	adform.net 5 redirects c1.adform.net	4 KB
8	sanook.com www.sanook.com graph.sanook.com notification.sanook.com	50 KB
6	2mdn.net s0.2mdn.net	308 KB
6	mathtag.com 6 redirects sync.mathtag.com	3 KB
5	bidswitch.net 4 redirects x.bidswitch.net	2 KB
5	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	4 KB
5	onaudience.com 4 redirects pixel.onaudience.com	2 KB
5	bidr.io 3 redirects match.prod.bidr.io	2 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	crwdcntrl.net 3 redirects id.crwdcntrl.net sync.crwdcntrl.net bcp.crwdcntrl.net	2 KB
5	innity.com 1 redirects avd.innity.com	3 KB
5	google.de www.google.de adservice.google.de	2 KB
4	exelator.com 2 redirects loadm.exelator.com	6 KB
4	semasio.net 2 redirects uipglob.semasio.net	2 KB
4	fiftyt.com 4 redirects visitor.fiftyt.com	2 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	tapad.com 2 redirects pixel.tapad.com	996 B
4	taboola.com 2 redirects trc.taboola.com match.taboola.com	1013 B
4	1rx.io 4 redirects sync.1rx.io	2 KB
4	zemanta.com 4 redirects b1sync.zemanta.com	2 KB
4	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	3 KB
4	simpli.fi 2 redirects um.simpli.fi	2 KB
4	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	1 KB
4	de17a.com 4 redirects d5p.de17a.com	1 KB
3	contextweb.com 3 redirects bh.contextweb.com	2 KB
3	avads.net 3 redirects ads.avads.net	871 B
3	deepintent.com match.deepintent.com	99 B
3	sitescout.com 3 redirects pixel-sync.sitescout.com	2 KB
3	bidtheatre.com 3 redirects match.adsby.bidtheatre.com	2 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net	957 B
3	quantserve.com 3 redirects pixel.quantserve.com	1 KB
3	teads.tv a.teads.tv	856 B
3	andbeyond.media rtb-eu.andbeyond.media	832 B
3	innity.net avd.innity.net	13 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google-analytics.com www.google-analytics.com	55 KB
3	criteo.net static.criteo.net	39 KB
2	ipredictive.com 2 redirects sync.ipredictive.com	1 KB
2	gumgum.com 2 redirects rtb.gumgum.com	671 B
2	playground.xyz 2 redirects ads.playground.xyz	724 B
2	bnmla.com match.bnmla.com	228 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com	1 KB
2	adgrx.com cm.adgrx.com	816 B
2	ad4m.at ad4m.at	1 KB
2	erne.co 2 redirects green.erne.co	649 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	loopme.me 2 redirects csync.loopme.me	391 B
2	rfihub.com 1 redirects p.rfihub.com a.rfihub.com	2 KB
2	dyntrk.com 2 redirects gu.dyntrk.com	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	dotomi.com pubmatic-match.dotomi.com	207 B
2	turn.com 2 redirects ad.turn.com	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com	1002 B
2	fsanook.com img-as.fsanook.com	112 KB
2	indexww.com js-sec.indexww.com	2 KB
2	facebook.com www.facebook.com	312 B
2	googleadservices.com www.googleadservices.com	15 KB
2	facebook.net connect.facebook.net	99 KB
2	truehits.in.th lvs2.truehits.in.th	4 KB
1	nr-data.net bam.nr-data.net	274 B
1	nrich.ai 1 redirects dsp.nrich.ai	489 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	adlooxtracking.com p.adlooxtracking.com	3 KB
1	netacuity.com global.cloud.netacuity.com	407 B
1	sonobi.com 1 redirects sync.go.sonobi.com	849 B
1	rutarget.ru 1 redirects google-sync.rutarget.ru	578 B
1	appier.net 1 redirects a.c.appier.net	556 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	456 B
1	travelaudience.com 1 redirects ads.travelaudience.com	611 B
1	linkedin.com 1 redirects px.ads.linkedin.com	728 B
1	jquery.com code.jquery.com	30 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	id5-sync.com id5-sync.com	532 B
1	izooto.com cdn.izooto.com	1 KB
1	u1sf.com api.u1sf.com	407 B
1	googletagmanager.com www.googletagmanager.com	42 KB
445	88

	Domain	Requested by
84	s.isanook.com	www.sanook.com s.isanook.com
36	simage2.pubmatic.com	2 redirects ads.pubmatic.com
33	cm.g.doubleclick.net	17 redirects eu-u.openx.net googleads.g.doubleclick.net 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com www.sanook.com
20	tpc.googlesyndication.com	www.sanook.com securepubads.g.doubleclick.net cdn.ampproject.org 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
20	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net tpc.googlesyndication.com www.sanook.com
20	securepubads.g.doubleclick.net	www.googletagservices.com www.sanook.com securepubads.g.doubleclick.net
14	image2.pubmatic.com	ads.pubmatic.com
14	ib.adnxs.com	7 redirects www.sanook.com acdn.adnxs.com googleads.g.doubleclick.net
9	match.adsrvr.org	6 redirects www.sanook.com eu-u.openx.net ssum-sec.casalemedia.com
9	www.googletagservices.com	s.isanook.com securepubads.g.doubleclick.net 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
8	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com googleads.g.doubleclick.net
8	c1.adform.net	5 redirects eu-u.openx.net ads.pubmatic.com
8	www.google.com	2 redirects www.sanook.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	t.pubmatic.com	www.sanook.com
7	hbopenbid.pubmatic.com	www.sanook.com
7	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.sanook.com 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
7	ads.pubmatic.com	s.isanook.com ads.pubmatic.com
6	s0.2mdn.net	www.sanook.com 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com s0.2mdn.net
6	sync.mathtag.com	6 redirects
6	graph.sanook.com	s.isanook.com
6	bidder.criteo.com	www.sanook.com static.criteo.net
5	x.bidswitch.net	4 redirects ads.pubmatic.com
5	pixel.onaudience.com	4 redirects
5	match.prod.bidr.io	3 redirects ads.pubmatic.com
5	us-u.openx.net	2 redirects eu-u.openx.net googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	avd.innity.com	1 redirects avd.innity.net www.sanook.com
4	loadm.exelator.com	2 redirects
4	uipglob.semasio.net	2 redirects
4	visitor.fiftyt.com	4 redirects
4	pm.w55c.net	4 redirects
4	pixel.tapad.com	2 redirects ads.pubmatic.com
4	sync.1rx.io	4 redirects
4	simage4.pubmatic.com	ads.pubmatic.com
4	b1sync.zemanta.com	4 redirects
4	static.adsafeprotected.com	fw.adsafeprotected.com 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.sanook.com
4	um.simpli.fi	2 redirects ads.pubmatic.com
4	d5p.de17a.com	4 redirects
4	image6.pubmatic.com	ads.pubmatic.com
4	p3.isanook.com	www.sanook.com s.isanook.com p3.isanook.com
3	bh.contextweb.com	3 redirects
3	ads.avads.net	3 redirects
3	a.tribalfusion.com	1 redirects ads.pubmatic.com
3	match.deepintent.com	ssum-sec.casalemedia.com ads.pubmatic.com
3	pixel-sync.sitescout.com	3 redirects
3	match.adsby.bidtheatre.com	3 redirects
3	sync-tm.everesttech.net	3 redirects
3	ups.analytics.yahoo.com	2 redirects ads.pubmatic.com
3	mwzeom.zeotap.com	ads.pubmatic.com
3	sync.crwdcntrl.net	3 redirects
3	image4.pubmatic.com	ads.pubmatic.com
3	pixel.quantserve.com	3 redirects
3	279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	a.teads.tv	www.sanook.com
3	rtb-eu.andbeyond.media	www.sanook.com
3	tencentth-d.openx.net	www.sanook.com
3	htlb.casalemedia.com	www.sanook.com
3	avd.innity.net	p3.isanook.com avd.innity.net www.sanook.com
3	sb.scorecardresearch.com	1 redirects p3.isanook.com www.sanook.com
3	www.google.de	www.sanook.com
3	gum.criteo.com	1 redirects static.criteo.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.sanook.com
3	sal.isanook.com	www.sanook.com
3	static.criteo.net	www.sanook.com
2	sync.ipredictive.com	2 redirects
2	rtb.gumgum.com	2 redirects
2	secure.adnxs.com	2 redirects
2	ads.playground.xyz	2 redirects
2	aud.pubmatic.com
2	match.bnmla.com	ads.pubmatic.com
2	sync.srv.stackadapt.com	2 redirects
2	match.taboola.com	ads.pubmatic.com
2	trc.taboola.com	2 redirects
2	cm.adgrx.com	ads.pubmatic.com
2	ad4m.at	ads.pubmatic.com
2	green.erne.co	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	csync.loopme.me	2 redirects
2	dt.adsafeprotected.com	279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects www.sanook.com
2	gu.dyntrk.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	pubmatic-match.dotomi.com	ads.pubmatic.com
2	ad.turn.com	2 redirects
2	pr-bh.ybp.yahoo.com	ads.pubmatic.com
2	dsp.adfarm1.adition.com	2 redirects
2	dis.criteo.com	1 redirects ads.pubmatic.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	acdn.adnxs.com	ads.pubmatic.com
2	img-as.fsanook.com	www.sanook.com securepubads.g.doubleclick.net
2	js-sec.indexww.com	ads.pubmatic.com ssum-sec.casalemedia.com
2	eu-u.openx.net	ads.pubmatic.com eu-u.openx.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	mug.criteo.com	www.sanook.com
2	www.facebook.com	www.sanook.com connect.facebook.net
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	connect.facebook.net	www.sanook.com connect.facebook.net
2	lvs2.truehits.in.th	www.sanook.com
1	notification.sanook.com	www.sanook.com
1	ade.googlesyndication.com
1	bam.nr-data.net	js-agent.newrelic.com
1	dsp.nrich.ai	1 redirects
1	js-agent.newrelic.com	www.sanook.com
1	p.adlooxtracking.com	www.sanook.com
1	global.cloud.netacuity.com	www.sanook.com
1	sync.go.sonobi.com	1 redirects
1	google-sync.rutarget.ru	1 redirects
1	a.c.appier.net	1 redirects
1	a.rfihub.com	www.sanook.com
1	p.rfihub.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	s.tribalfusion.com	279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
1	code.jquery.com	www.sanook.com
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	ssum-sec.casalemedia.com
1	a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	spl.zeotap.com	1 redirects
1	id.crwdcntrl.net	www.sanook.com
1	id5-sync.com	www.sanook.com
1	cdn.izooto.com	s.isanook.com
1	api.u1sf.com	s.isanook.com
1	stats.g.doubleclick.net	www.sanook.com
1	www.googletagmanager.com	www.sanook.com
1	www.sanook.com
445	128

This site contains links to these domains. Also see Links.

Domain
truehits.net
www.facebook.com
twitter.com
instagram.com
www.youtube.com
www.linkedin.com
sso.member.sanook.com
tv.sanook.com
video.sanook.com
guru.sanook.com
comics.sanook.com
learning.sanook.com
dictionary.sanook.com
dir.sanook.com
www.sanook77.co
muan.sanook.com
sport.sanook.com
news.sanook.com
adclick.g.doubleclick.net
www.joox.com
feedback.sanook.com
www.tencent.co.th

Subject Issuer	Validity	Valid
*.sanook.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-27` - `2022-06-27`	a year	crt.sh
*.isanook.com DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-10-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
lvs2.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2021-02-12` - `2022-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.innity.net DigiCert SHA2 Secure Server CA	`2021-05-12` - `2022-05-17`	a year	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-11` - `2021-12-12`	a year	crt.sh
*.u1sf.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2022-03-16`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
*.id5-sync.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.fsanook.com DigiCert SHA2 Secure Server CA	`2019-09-19` - `2021-12-22`	2 years	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.cloud.netacuity.com Amazon	`2021-04-11` - `2022-05-10`	a year	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2021-04-30` - `2021-07-30`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-21` - `2022-04-10`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh

This page contains 70 frames:

Primary Page: https://www.sanook.com/
Frame ID: 3C05D93BA752A170C29B023598203C67
Requests: 193 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 1153AA14EB5491792181B37F3AA22F54
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html
Frame ID: 60CCF4B19D946B94A38A59B715D48428
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CE5B268026548EDD24171553BBBC4569
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 436BC52C14A0AF657E9FD9ACB5994C0A
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CA7025513D3642F03D93670CE168BEEF
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8C1E91FE52F8E4865B2550645184F458
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 596848880CD20B05CC081696E2CAED9D
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B9B7B2568D9DAD6C7F15D32B639C1CBE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst82rgK6UPA6WrmV8Wf_nejjg8h2wJDkjbRbFo8tgyzHbFDdzd1_F7lRtakzVUlgMv5VxJ24OqsKREy5D-9dxpp3LxL6ovzrRZIeUOcwqa18eeIDnCJRVK3VgJSCkUedWeG-pwHatYWrARQ-ZzlZjEpiOr5P_XrJXWPZOcPgV4hK5hTXoU2wyIB0KJF_GrTHfTeLkbn7g48nthoMyH5iJRy0T3kt84-R0z3xOzHX0yasIg9dbVkkr5_eczXo_NVXQZ-SfawB1okXltx81_BZP8O77OQFuOW-WirJG20eni-C7MNsmb0pMSvhokeeNILmbDWXjwcNeRAMjo&sai=AMfl-YTRDVPTFkt2TTHVFmI2c2xIgJUKqSIjdpVEjqZeDnhmui8JWZeGK7nRXDLr3_x4Lb1bbEFvQuFE0x_MxeoC4xNzK5D0o6ISPjwFvrdXTr1Q36Unj_-fBa0KEA6Mtlhq&sig=Cg0ArKJSzOsEGln1pk8cEAE&urlfix=1&adurl=
Frame ID: 527E0810D2B9538DDBA0398F285862D4
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuN5DUbpKWd6TJSrL5bZ_e-oQlSeuzPsgUD2FR-rgTmqDaRNdjIqXiqrtEeFGKPrG6ElZwttH_AkW-CHmoG88qa0CIeSP-8nOJmJiO8RHVlwbtXdZKm_PP0x5J9oTq-J2aMPCzDvoW1QZwM7s6YyX4zCH1h-134RMZPAXUUWsPHKq6Ytv-SPKb4ShEOgbLwMfs6z9aKdECl7LQl5edBuvt0UUrcdxeJWCnpL3H6joJRF2e67kWqzTnTpfN1Lh99hsZxGETRT8JgiLRjd1YeHVPXJlTr2ims24WrhwWpbaD5K2uy1SUbBZPplPDrJnZsR5yFNFPc6ESHuPbLqM&sai=AMfl-YRUYIBRtYfYpIF1E4M2jS2WDVT8CytGaVtBL4s4KF4-y_oyfZoV6F09Lfrato_BXLWmXG4iTiRpbcZpVCnvu4f1p0vLxcTNf-PtgqUxLj_9er0-MPjTt6WY35G1GBM&sig=Cg0ArKJSzHv9DZEwbT4EEAE&urlfix=1&adurl=
Frame ID: 9E81CA2E1EAF0E60CD06828BD9BB0D97
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6489DE85BDB40E05FC5D7058F1FAE3D0
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 98624F898995DF581CA2A54A582FE087
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 95529A4C03C1FA730212CBD3C8B782A8
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B1B8604C14829945662BE54A4E37BE41
Requests: 10 HTTP requests in this frame

Frame: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3E6684926DE5A4C0F81C4DE7B7A0BEA9
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNgoQjK7e7oJ0ps1uhJciZlbX7EzVaa7-ZQdobtBCw3GtZgiBmM8R3MMO76JLPgfe16vabzm8DivCNd_c_v8_0hSiQyBK3JNiyM6Bd2nJJF2kZScuCa2EOZvcxBwzLdRJQ8TwVPrcmcoKPR-qukeKjZMLypnNUnstbof3ZM_o5wMd4dVyW2WTmAm8s9OUfHe2KP4EsEYZaOWi-xe1JHBhS_UCjgxVgLFM8zf9cscx_I_1oGLJb5nmmJVLo1OX-zYShwvvAP0iY4seTucRd5JW7mf1XPKqR4Qy1SmRvccK6kXviEKluUBOjppmtVU8IxLD7C6A&sig=Cg0ArKJSzJ222hVtfXFOEAE&adurl=
Frame ID: 33C023EF9067E52CFDBCA0AE08D7B7A3
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=AE364A24-AEF4-4146-A1D8-E917BB7839CF
Frame ID: B9C616402E8AB06AD7C4CE1B3B29D9D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
Frame ID: 2329AC2785BEBCF33F012D17E058F1AE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 28D90CE4E72E0EB5C1C6B5241EA11226
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973
Frame ID: B171AC702410A6BECD924FDBF684859D
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 2CAD09D037A549E6F98F9BEBF46470B0
Requests: 1 HTTP requests in this frame

Frame: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C20A82B54C50E14294FCF5143342892C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
Frame ID: C6C5EE724F405F48F5D22EAB0823817F
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBjkrqPfRg33zXFMnH6vumDaoxtHrawU3EJtwvXkGdC3fOR0rphxGaIvzLOrS7xay655ufqosrGUjfN_Pq4JUexcGlqbVLIXNz5-x19QwdZsrP-RHEMriAkgoS3omjVXec0foHrxbkBpZJKoVlyO-POBEebSpEe0_DonmWrfWT6az8CvZwpTMoUw2w_JEFkNS2dsWkSbM_Ns8bCmvmIQa4gvzEddUXH4uHSnm4SjPjuvORdm4Nf4nhBcnTOTAQJ1dwRVEAF-h0F0JW-lDCqrcseR5V_Eg6gls3DxTlz2bHmnnHbig&sig=Cg0ArKJSzMeTS2BERxSxEAE&urlfix=1&adurl=
Frame ID: 92F15CABB277C5C18AB4D18A5DCC5A27
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
Frame ID: CE14E94CD59BE3B2F8DFC59A9293697C
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
Frame ID: 547144CFBD66B7710FBF00FC6ADC1A40
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 875280620E46FDFAEA5DA8266B94F45B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 0E182A542F3F17F3564C0EF98F19DA28
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E01976674A62C7BE3B0332EA62365479
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 621A6477ABEEBE2FAF4B521FAFEB3204
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1DC8D51BD694BA698CD11770ECBD1A3B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F48A03FDD064006954DECEE0D6172922
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 42EDBF5FBF7A7752B780E47345DF05B7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: E00CD8F41966F83233EF527ABF6EAD6A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Frame ID: DBDA7F296D9B7E5F8A4DB72FBD1AF92D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
Frame ID: 4EF062C770C40630D104CDA2653A484F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 8306CC71362B8054AC76903C60A73316
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677
Frame ID: EE391173286050FFEADDFF308C484A01
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add
Frame ID: C95FD7C8737ABA4CD4D42B7BC40BADA0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: CA8274DD3171A26F12724E6FF87AE6C4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9850B5F9FCBC5FE3FD17395713A6762F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 30F609AC540E3A8ED55DBD196B542AA9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Frame ID: 79D9F0C2555C357288D00BEC210D3780
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Frame ID: 524FED93FE10CE61C48EA7AE7CF8F813
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 2212079A7C4EECAFD5CACF60B2DE5B97
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4B9772E26ADD64D4D82DE58FB3AA5C88
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 90E1340CFCCFFBDD42944DC715FF72E3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
Frame ID: 02461BD933D3F31E9DA27C4069A58F0A
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: D26FDFA80FC75AE2BD7189FC82D26710
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 048137FDE475FD1EACF702E937B7B403
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 335BA9DD87A1AE66E85D9D2A53FFBAF0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
Frame ID: 78AC8DD8EAD54E4F18841DD095A95EDB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
Frame ID: B4EA1DE85DA9AAF39FC860FB18099A5D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
Frame ID: 98B785ACA82145F5FFDFF62676133D23
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 024DAD6DC394000D5BFFBEC783364BE4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: B962359BA505E9634E2862ACCF7F8DDA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Frame ID: 6056896E21880B6E000A39FF880C6314
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Frame ID: 1D19EFBB492E3FBA4F71605EFECEB158
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 33C3ECB05B74FD41797CFFF6572F88AB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A95F8170C70DCBEE69DF95E7B8CA1E31
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 02F495C915C9A1F4E7E4FAD23D7C6723
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
Frame ID: D023A4510B6694A16FE4B89046441EBF
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: A0014AEC75B5AB6743566A6D745B90D4
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 7E0CDF3D9F582411347F895E3066BD1E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 6CF25E2969BC707EA613787CA6441ACA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
Frame ID: 61FC495525C4D9EF4DF3E335063D6B0F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
Frame ID: BAF7900FFB105560AF01DF83E4371618
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
Frame ID: F8C49E1397324ED898329E66244B3044
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 6CFAC5135AE2A6477A35903B5E342E34
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

445
Requests

99 %
HTTPS

25 %
IPv6

88
Domains

128
Subdomains

86
IPs

14
Countries

3985 kB
Transfer

12156 kB
Size

35
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://truehits.net/stat.php?login=sanook

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sanookeveryday

Search URL Search Domain Scan URL

URL: https://twitter.com/sanook

Search URL Search Domain Scan URL

URL: https://instagram.com/sanook.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SanookTV

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1013623?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A1013623%2Cidx%3A2-1-2%2CtarId%3A1465882069006%2Ctas%3ASanook

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/login.php?psnid=000001-000046-000049-000001&autologin=1&option=&surl=https://www.sanook.com/&registerUrl=http%3A%2F%2Fsso.member.sanook.com%2Fregister%2Fmini.php
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/signup.php?psnid=000001-000046-000049-000001&surl=https://www.sanook.com/&autologin=1&eventID=&option=&mail=

Search URL Search Domain Scan URL

URL: https://tv.sanook.com/wetv/
Title: wetv

Search URL Search Domain Scan URL

URL: http://video.sanook.com/
Title: คลิป

Search URL Search Domain Scan URL

URL: http://tv.sanook.com/
Title: ดูทีวี

Search URL Search Domain Scan URL

URL: http://guru.sanook.com/
Title: กูรู-รอบรู้

Search URL Search Domain Scan URL

URL: http://comics.sanook.com/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: http://learning.sanook.com/
Title: เรียนออนไลน์

Search URL Search Domain Scan URL

URL: http://dictionary.sanook.com/
Title: พจนานุกรม

Search URL Search Domain Scan URL

URL: http://dir.sanook.com/
Title: สารบัญเว็บไทย

Search URL Search Domain Scan URL

URL: https://www.sanook77.co/
Title: Sanook77

Search URL Search Domain Scan URL

URL: https://muan.sanook.com/
Title: ຂ່າວລາວ

Search URL Search Domain Scan URL

URL: https://sport.sanook.com/football/euro/
Title: บอลยูโร 2020

Search URL Search Domain Scan URL

URL: http://news.sanook.com/lotto/
Title: ตรวจหวยงวดล่าสุด

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvw4Cu_IZSL_oZghmZ8rY-B7s_jhqN8DjSqqfYpjG7ZI0aAB68RxNKcB2kEwCpsmE7_UrUAFnHC-XIymLTy3X-mjXOq9YDx8rROEAn1LrBikAkjaN1RBB2KuwgU7115Zj_joojN_SdqQKp4j9ZT7GbNlZ_C4sa7pKsTuR9kwx2HaDkEhemyc3MA2RgxKcjjYAecDVNupqjPs1rE8Rv9tk8pXCOJvqHobOPIzGAIhubxVMreWo-kgJ3YB02qXtslTLARym6n2C_2SJKfqkaAGoejjweYAQQZGN3BVUg6L-XKhSw8H7Wi9nsxi6nvIDJcc3NKGEPCDs0&sai=AMfl-YRW7D8bhDRyxRw6aw3sANjbehD8Tme_V37YHzlU7dh5hEFBjAEK4gtVE1OeZ4EAdEjSinyIjtdirIJ0ZVLQDLZhtaxNI-eDwX0cLmjw3p2vmCDVfqkeUmb40LT8uYI&sig=Cg0ArKJSzLss_cu-auBcEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.sanook.com/podcasts/program/cheevittongsu/

Search URL Search Domain Scan URL

URL: http://news.sanook.com/entertain/
Title: ข่าวบันเทิง

Search URL Search Domain Scan URL

URL: https://www.joox.com/th
Title: ฟังเพลงทั้งหมดบน JOOX

Search URL Search Domain Scan URL

URL: https://www.joox.com/th/genre/lukthung

Search URL Search Domain Scan URL

URL: https://www.joox.com/th/vip

Search URL Search Domain Scan URL

URL: http://feedback.sanook.com/
Title: แนะนำ-ติชมเเละแจ้งปัญหาการใช้งาน

Search URL Search Domain Scan URL

URL: http://www.tencent.co.th/th/jobs/
Title: ร่วมงานกับเรา

Search URL Search Domain Scan URL

URL: http://www.tencent.co.th/
Title: เกี่ยวกับเรา

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1 HTTP 302
https://mug.criteo.com/sid?cpp=stCIh3xYRTIxY3F1ak5xZGtIQkRCK1BBVjhMWUpwZFNHZ1FETkdsMnJ3U1pDSXBsVGNuMHJRSnkySjFwYU9KcTc3bzlnV1g1T01EVElwUkdoN00vdElGZjVEaDIrQmJKUEJ4ekJKUFVRRmphMVVDVjBEejZRVnYvUHVjYm11aHBYSDVsZEUvay9nRXJodmdhd0RDUHFQQ3VHclpYQjBlalIrYTRNV25ZRFRENVljQUFMQmpoaUMzMEVYMU1aYjJMc05rWDBRYitVSDJNZlo1dVlQU0RFU1prZWZQT1R0bVJsT3RnbE9yTHBnQUdaSDVZPXw&cppv=2

Request Chain 74

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&sscte=1&crd=&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vN4opfby8TWChS45id81ps5mynAe6ToW6cA HTTP 302
https://www.google.com/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&cid=CAQSKQCNIrLMiHw3hTN2xoGVsoqsuwD11mtoK5qzdxu_425sscOFTARLf8af&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vNwkQ3lV373667WzkKonOpWeVE-DYgi6XxA&random=1292834463&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&cid=CAQSKQCNIrLMiHw3hTN2xoGVsoqsuwD11mtoK5qzdxu_425sscOFTARLf8af&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vNwkQ3lV373667WzkKonOpWeVE-DYgi6XxA&random=1292834463&resp=GooglemKTybQhCsO&ipr=y

Request Chain 85

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=

Request Chain 89

https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1623943358480 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1623943358480 HTTP 302
https://avd.innity.com/sync/?partner=appnexus&token=1807299555491511333&type=cookie&itmcb=1623943358480 HTTP 302
https://avd.innity.com/bounce/?%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D1807299555491511333%26type%3Dcookie%26itmcb%3D1623943358480

Request Chain 192

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b2260cb-68c0-4d00-aa4f-2877330b7187

Request Chain 193

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yopam8qCWsnRgl-fz9wUyc6KAJvRjwzBz4jJMZ9Z

Request Chain 194

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEFedekC2nKNQxgvrLvPyvg&google_cver=1

Request Chain 208

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801

Request Chain 210

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973

Request Chain 211

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZGwwN0JsdElBQURIaUZySjhkUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZGwwN0JsdElBQURIaUZySjhkUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rjZKJK70QUah2OkXu3g5zw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 213

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b2260cb-68c0-4d00-aa4f-2877330b7187

Request Chain 214

https://pixel.onaudience.com/?partner=214&mapped=AE364A24-AEF4-4146-A1D8-E917BB7839CF HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=31c436ec425565a261519396812994a7 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=31c436ec425565a261519396812994a7 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=3c59c16a-1a06-4cb4-be13-f1834f838c79&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=3fff020ad3aeb4a2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zcluid=3fff020ad3aeb4a2&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHUtp-hsbQ-80Rlv6vsxnhE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zcluid=3fff020ad3aeb4a2&zdid=1332

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUUzNjRBMjQtQUVGNC00MTQ2LUExRDgtRTkxN0JCNzgzOUNG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2Ng1EThtomNH5wavw6Ko4&google_cver=1

Request Chain 218

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7444902178821496912

Request Chain 219

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&gdpr=0&gdpr_consent=

Request Chain 220

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0432562f-926e-4677-88ae-c9807d3e9cec

Request Chain 221

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1807299555491511333&gdpr=0&gdpr_consent=

Request Chain 223

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=&verify=true

Request Chain 224

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X

Request Chain 225

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YMtowAAB4BFG9AA4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=&_test=YMtowAAB4BFG9AA4

Request Chain 226

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

Request Chain 227

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2845108476452106797&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 229

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 230

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=

Request Chain 232

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 249

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&cm_dsp_id=85&ixi=1&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMtowX6-fDkfLuTo.m8DqwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2

Request Chain 250

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&dcc=t

Request Chain 251

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECuujU694ixr7sc2AdBLyQQ&google_cver=1

Request Chain 254

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_60cb68c155db9&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60cb68c155db9

Request Chain 255

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7da860cb-68c1-4400-b4d2-4193ed8c6ff0

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1

Request Chain 295

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMtowX6-fDkfLuTo.m8DqwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2

Request Chain 297

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 298

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 312

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAaIGtuwl4lVfvbvucyj74s&google_cver=1

Request Chain 313

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1MDI5NjM5NTk0OTU0NTE2Ng%3D%3D

Request Chain 314

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDbY8X6sLH3EZaEStJpB_3M&google_cver=1

Request Chain 315

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmFmZjA5MWYtNjA2My0yNDQ5LWQwN2QtZTkxOTlkMTVkZmY5

Request Chain 328

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 329

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPPZE_GrIzrtp_t6KDjDZXk&google_cver=1&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5

Request Chain 330

https://ads.travelaudience.com/google_pixel?google_gid=CAESELXT67Y1z5Tuuk1hUs410nM&google_cver=1&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hiEeHY2VQiObXZJwxtNttQ2&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx

Request Chain 331

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_cver=1&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8 HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=

Request Chain 332

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s

Request Chain 333

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKy_HT9X754iB58CvdCtUmg&google_cver=1&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8&google_hm=ODE5ODMwNDkzNTY4MzE0NDMxNg%3D%3D

Request Chain 334

https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ&av_tc=True HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZWE0MGEzNjctNzRjNC00NGFlLTllZWEtOTlkZGUyOGI5YjUw

Request Chain 337

https://fw.adsafeprotected.com/rfw/st/722837/54927600/skeleton.js?adsafe_url=https%3A%2F%2Fwww.sanook.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f091177f-b027-386e-5353-567f607fc2a4,c:fOtaVH,sl:na,em:true,fr:false,mn:app05ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sABCQNm+11%7C121%7C122%7C123%7C124%7C125%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c%7C1d*.722837-54927600%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1f2%7C1f3,idMap:1d*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:663,oid:dba2122f-cf7f-11eb-8352-02bf2b86cc68,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_970x250.js

Request Chain 341

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEIIz5Aw4ZIcg9Az7X1mytAw&google_cver=1&google_push=AYg5qPJRbrMaHMxipd0BAdtHkggVBuDrjjfkxF-BwkDVa_oSz519kzqjsmkSw_F9XO0Y9tPrUjVDI_PAwEFNrrZfbcX-b1q592Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJRbrMaHMxipd0BAdtHkggVBuDrjjfkxF-BwkDVa_oSz519kzqjsmkSw_F9XO0Y9tPrUjVDI_PAwEFNrrZfbcX-b1q592Y&google_hm=NTU0NjkxNzE3OTYxNTU2NjIxMg== HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 342

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEJ2NoYAdRQBUkEq5MFNnR5k&google_cver=1&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA

Request Chain 343

https://a.c.appier.net/gcm?google_gid=CAESEL5ooMy-duwDhXQ8Kr12aso&google_cver=1&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW5ZaFdKZjNCZ3VYNVpoY3cyakxZQQ%3D%3D&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY

Request Chain 344

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_cver=1&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=

Request Chain 345

https://google-sync.rutarget.ru/sync?google_gid=CAESEMqc9XIntouNY9GUOhWVClQ&google_cver=1&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOtRz6c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Zzdyb3FzMW1FMWZN&google_ula=2046794&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOtRz6c

Request Chain 346

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA

Request Chain 347

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE%26google_hm%3D%5BUID%5D&google_gid=CAESEEffduR2rR80SjovEtyXpM4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE&google_hm=95f5116d-8660-49f1-8d4e-61cc2201e743

Request Chain 366

https://c1.adform.net/serving/cookie/match?party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507

Request Chain 367

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQ_CdaLqhO_hSk787uGVrU&google_cver=1

Request Chain 369

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417

Request Chain 370

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5565809440969734050

Request Chain 371

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&gdpr=0&gdpr_consent=

Request Chain 372

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c59c16a-1a06-4cb4-be13-f1834f838c79

Request Chain 373

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

Request Chain 374

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7050296395949545166&gdpr=0&gdpr_consent=

Request Chain 375

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz

Request Chain 376

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=1ddc91a8-187f-4ea7-bd36-48da481362fd&expires=1&user_group=5&ssp=pubmatic&bsw_param=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 377

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677

Request Chain 378

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACdl07BltIAADHiFrJ8dQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add

Request Chain 379

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 380

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=

Request Chain 381

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8LpOp72pR8KVluWsa-_FBw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 382

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7da860cb-68c1-4400-b4d2-4193ed8c6ff0

Request Chain 384

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjBCQTRFQTctQkRBOS00N0MyLTk1OTYtRTVBQzZCRUZDNTA3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 386

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kjcy56tE2uVTps1MbfEO6dUKUkJnWY4-~A&gdpr=0&gdpr_consent=

Request Chain 387

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=

Request Chain 388

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2751009170363871789&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 393

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 394

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7419099741 HTTP 302
https://sync.1rx.io/usersync/tradedesk/3c59c16a-1a06-4cb4-be13-f1834f838c79 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003

Request Chain 395

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6

Request Chain 399

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219

Request Chain 400

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 402

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 403

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=

Request Chain 404

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4

Request Chain 405

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1

Request Chain 407

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31

Request Chain 408

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 410

https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

Request Chain 411

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166

Request Chain 412

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d9ce3f4b-c468-411d-8427-001fa7f18f4e

Request Chain 413

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd1550d8-cf7f-11eb-a11f-7b7d63553c25&gdpr=0&gdpr_consent=

Request Chain 414

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31

Request Chain 415

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 417

https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

Request Chain 418

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 419

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5263073156 HTTP 302
https://sync.1rx.io/usersync/tradedesk/3c59c16a-1a06-4cb4-be13-f1834f838c79 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003

Request Chain 420

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6

Request Chain 423

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166

Request Chain 424

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_9de1c230-afe0-4737-be5b-a35c97fd4049

Request Chain 426

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219

Request Chain 427

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 429

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 430

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=

Request Chain 431

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd2704a8-cf7f-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=

Request Chain 432

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4

Request Chain 433

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1

445 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.sanook.com/ 655 KB
44 KB 1427ms
207ms Document
text/html 61.91.93.188
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-188.static.asianet.co.th

Software

nginx /

Resource Hash

2c003389936cf0796514f0d6dd1a6254e7cf80241452c93ce135c13401057872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Host: www.sanook.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 17 Jun 2021 15:22:35 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
SN-Cache-Status: HIT
X-Ua-Device: desktop
X-Ua-Type: human
X-Ua-Key: cover_display
X-Ua-Exp: notset
X-Ua-isExpReadpage: 0
X-Ua-shouldPass: 0
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains;

GET
H2 200 styles.e0e44015.chunk.css
s.isanook.com/sr/0/_next/static/css/ 35 KB
8 KB 610ms
195ms Stylesheet
text/css 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/styles.e0e44015.chunk.css
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 04:24:16 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 11 Jun 2021 04:22:04 GMT
server: Lego Server
age: 0
etag: W/"60c2e4ec-8b78"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3253967863699819155
accept-ranges: bytes
content-length: 7608
expires: Sun, 11 Jul 2021 04:24:16 GMT

GET
H2 200 b0367955a9a22d497ae9f047ae41e4de2ed7a4ff.e122f107.chunk.css
s.isanook.com/sr/0/_next/static/css/ 7 KB
2 KB 793ms
378ms Stylesheet
text/css 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/b0367955a9a22d497ae9f047ae41e4de2ed7a4ff.e122f107.chunk.css
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:26 GMT
server: Lego Server
age: 0
etag: W/"60cab7fa-1bcb"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5247882518870446213
accept-ranges: bytes
content-length: 1707
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 pubmatic_desktop.1.0.0.js Show response
s.isanook.com/sh/0/js/ 1 KB
739 B 199ms
199ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 00:30:53 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 May 2018 08:30:09 GMT
server: Lego Server
age: 0
etag: W/"5afbec11-43f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4456861139284919682
accept-ranges: bytes
content-length: 548
expires: Sat, 10 Jul 2021 00:30:53 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 75ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:36 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:10:01 GMT
server: nginx
etag: W/"60b79139-1d469"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 18 Jun 2021 15:22:36 GMT

GET
H2 200 beacon.v1.js Show response
p3.isanook.com/sh/0/js/ 375 B
494 B 779ms
250ms Script
application/javascript 150.109.206.145
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 28 Nov 2013 06:56:15 GMT
server: Lego Server
etag: "5296e90f-177"
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 4229368660577808802
accept-ranges: bytes
content-length: 266

GET spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 0
0

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjY0MTMvc2Fub29rX3RodW1ibmFpbF8xMjAweDcyMC0yLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/ 48 KB
48 KB 226ms
191ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjY0MTMvc2Fub29rX3RodW1ibmFpbF8xMjAweDcyMC0yLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 0cdebf332d3618da868300642219a30c2c7b807728685b8986379a318ecf5fdf

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:37:00 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9704448732454481573
accept-ranges: bytes
content-length: 49303
expires: Sat, 17 Jul 2021 14:37:00 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjU5NDkvaGgoMSkuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 8 KB
8 KB 778ms
744ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjU5NDkvaGgoMSkuanBn.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 0517939adf31a748c050f6346b0b33a4f702b7cd49600c0dfb4664a67c965fc3

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:13:34 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12680104328118780543
accept-ranges: bytes
content-length: 8519
expires: Sat, 17 Jul 2021 03:13:34 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ2ODUvbmV3cHJvamVjdC0yMDIxLTA2LTE0dDE1MjcuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 7 KB
7 KB 225ms
192ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ2ODUvbmV3cHJvamVjdC0yMDIxLTA2LTE0dDE1MjcuanBn.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 28fc16368231dc391eaf63180d2f3c469e8a8e8a8237121c9eca7b4285188c48

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17830982326303460875
accept-ranges: bytes
content-length: 6766
expires: Sat, 17 Jul 2021 13:05:33 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYxMTMvcF9zcG9ydC0yMDIxLTA2LTE3dDA4NDcxOS41LmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 7 KB
7 KB 596ms
562ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYxMTMvcF9zcG9ydC0yMDIxLTA2LTE3dDA4NDcxOS41LmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e8246b428a5957d64eca65688abc8ab94b252835cded7bc43ca1ad0db5b3666d

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12598655647001952075
accept-ranges: bytes
content-length: 7020
expires: Sat, 17 Jul 2021 13:05:33 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzNjEvMy5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 5 KB
5 KB 225ms
191ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzNjEvMy5qcGc=.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 1db5deb58a44fcc8f03e499f735494523624ae54c8b710cdb3af91536e79de19

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 943973715651314486
accept-ranges: bytes
content-length: 5431
expires: Sat, 17 Jul 2021 13:05:33 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjY0MDkvY29sbGFnZS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 5 KB
5 KB 224ms
191ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjY0MDkvY29sbGFnZS5qcGc=.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 57aad0eb32478aac681048ab9824a8b427c40d19e85897db861bb403f8f13c7b

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 3574380567058784662
accept-ranges: bytes
content-length: 5366
expires: Sat, 17 Jul 2021 13:05:33 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjU3MzMvYWhyMGNobTZseTl6bG1senl3NXZiMnN1eTI5dGwuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 8 KB
8 KB 1140ms
1102ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjU3MzMvYWhyMGNobTZseTl6bG1senl3NXZiMnN1eTI5dGwuanBn.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 35b684a020b50c10e1b42cc6d725b0a4db17190f26eb6a93ce8a9527dfc775c9

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5155563371685744760
accept-ranges: bytes
content-length: 8483
expires: Sat, 17 Jul 2021 13:05:33 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYyNjkvaWtlYS1mcmFuY2UtZXNwb2luYWdlLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 6 KB
6 KB 771ms
735ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYyNjkvaWtlYS1mcmFuY2UtZXNwb2luYWdlLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 822bd9d006dbb6645f5d81a7ecd887f2ac3b966c3ac98ef6c4e3964c5d568b15

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:07:24 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13181305171543617849
accept-ranges: bytes
content-length: 6352
expires: Sat, 17 Jul 2021 14:07:24 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjUxMzcvdG5ob21lMTczLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 7 KB
7 KB 731ms
695ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjUxMzcvdG5ob21lMTczLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: a9b0042ee62511bb68c172c7281de2e2e392790dad297d85055e98be565930bc

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1791791341540624312
accept-ranges: bytes
content-length: 7517
expires: Sat, 17 Jul 2021 13:05:33 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzNDEvcGFnZS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 7 KB
7 KB 772ms
736ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzNDEvcGFnZS5qcGc=.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 0a419d02e11deedca8f2782c692be6185d0f1e588d4d747d992323c9a2f1ff70

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:46:59 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
etag: W/"PSA-e7fKb4cXE2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9586012501154775118
accept-ranges: bytes
content-length: 7121
expires: Sat, 17 Jul 2021 14:46:59 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzMjUvc3VwZXJyb2JvdHdhcnMzMCgxKS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 8 KB
8 KB 775ms
740ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzMjUvc3VwZXJyb2JvdHdhcnMzMCgxKS5qcGc=.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 6da2d71f0662c4f3dfab496c7a7e5510cc2ceab4725452758669f68cd3ffc95a

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17897306351427325249
accept-ranges: bytes
content-length: 7787
expires: Sat, 17 Jul 2021 13:05:33 GMT

GET
H2 200 category.js Show response
s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/common/ 627 KB
141 KB 1325ms
1290ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/common/category.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: f694d27b06b472d3776ce0fa1c5449e90ed98eaac957785afd6321e3ed4e1e04

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:26 GMT
server: Lego Server
age: 0
etag: W/"60cab7fa-9cbb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1473059306492301862
accept-ranges: bytes
content-length: 143700
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 _app.js Show response
s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/ 329 KB
71 KB 1325ms
1290ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e4f23332d4748e331a4d57b5d6007ba7af36ca5bda105942ed74f68ce365f144

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:26 GMT
server: Lego Server
age: 0
etag: W/"60cab7fa-52584"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6777891473923322336
accept-ranges: bytes
content-length: 72524
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 webpack-c2835681ae534c98c119.js Show response
s.isanook.com/sr/0/_next/static/runtime/ 7 KB
3 KB 1691ms
1656ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: aefa474da0458e44b73f36cee85fbcb2acd8bf5b571748f454c8a45161ba000f

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:26 GMT
server: Lego Server
age: 0
etag: W/"60cab7fa-1a77"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 7512266034075117294
accept-ranges: bytes
content-length: 3029
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 framework.a8c446334694403b7af5.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 136 KB
45 KB 774ms
739ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/framework.a8c446334694403b7af5.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:03:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 11 Jun 2021 07:09:45 GMT
server: Lego Server
age: 2
etag: W/"60c30c39-220b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12893592859627111705
accept-ranges: bytes
content-length: 46310
expires: Mon, 12 Jul 2021 10:03:38 GMT

GET
H2 200 23e5d2c346b06b9b422377979e9d2b603549eff2.6ee61761ec68b3509c52.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 6 KB
3 KB 1137ms
1103ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/23e5d2c346b06b9b422377979e9d2b603549eff2.6ee61761ec68b3509c52.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:26 GMT
server: Lego Server
age: 0
etag: W/"60cab7fa-1995"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 2858541267574609461
accept-ranges: bytes
content-length: 2469
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 5466013ee3cffe5a81a798f6d0b046865c48b9c3.72cd02f786ed330dfcb4.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 7 KB
3 KB 1137ms
1103ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5466013ee3cffe5a81a798f6d0b046865c48b9c3.72cd02f786ed330dfcb4.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: f0b002f3bbd864cec1fe3869c5add1468504ef19e6593bb5fb5c3a498c3edb9e

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-1def"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6640209789358359330
accept-ranges: bytes
content-length: 2559
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 44926a7f1e8cb8f1946a9c35158bbb3821565aa9.f730df8e8b37583cb0b9.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
5 KB 773ms
739ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/44926a7f1e8cb8f1946a9c35158bbb3821565aa9.f730df8e8b37583cb0b9.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: ef4e71e9a2ab98f6494be890955e6426a21459dd86f030cce59f05e61b9b5016

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:37:15 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: "60cab7f9-320a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16344534111472676981
accept-ranges: bytes
content-length: 4709
expires: Sat, 17 Jul 2021 03:37:15 GMT

GET
H2 200 ec5612319a13e9c7fdfde79a1c6bbfecea985630.b7595c8340c8fcd5e360.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 47 KB
18 KB 773ms
739ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/ec5612319a13e9c7fdfde79a1c6bbfecea985630.b7595c8340c8fcd5e360.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:32:42 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 48628
server: Lego Server
age: 0
etag: W/"60cab7f9-bdf4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 8254320922870505806
accept-ranges: bytes
content-length: 17763
expires: Sat, 17 Jul 2021 03:32:42 GMT

GET
H2 200 94e5ba8261a97cca262d92b9023a9666455748f6.e4725ddb2c84cda01172.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 150 KB
46 KB 1135ms
1103ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/94e5ba8261a97cca262d92b9023a9666455748f6.e4725ddb2c84cda01172.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-2565e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 5646124381316404426
accept-ranges: bytes
content-length: 47008
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 415cc29571e0b905875e9f49f07a94737275e6fa.7a1a2b2083b0c66bf6e7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 40 KB
14 KB 1134ms
1103ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/415cc29571e0b905875e9f49f07a94737275e6fa.7a1a2b2083b0c66bf6e7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-9fa7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9026140403043874964
accept-ranges: bytes
content-length: 14572
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 c0ac2e790aec42522b7f11570b55cbf546e9c466.af027d836b2282fda407.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 39 KB
13 KB 771ms
739ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/c0ac2e790aec42522b7f11570b55cbf546e9c466.af027d836b2282fda407.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-9da8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 10455901454389842898
accept-ranges: bytes
content-length: 12714
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 6f6e240ca28cbb56fe1b285fe0abf22d032eb1f2.2ecb9e18e02fabaac6c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 62 KB
19 KB 771ms
740ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6f6e240ca28cbb56fe1b285fe0abf22d032eb1f2.2ecb9e18e02fabaac6c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:32:42 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 63749
server: Lego Server
age: 0
etag: W/"60cab7f9-f905"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 9490097081678601432
accept-ranges: bytes
content-length: 18959
expires: Sat, 17 Jul 2021 03:32:42 GMT

GET
H2 200 d6577ecef0948e661ace853cdcf61a998c2aa83e.c74985a28258bd8a1ada.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 18 KB
6 KB 1688ms
1654ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/d6577ecef0948e661ace853cdcf61a998c2aa83e.c74985a28258bd8a1ada.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: ea97cb8133264d34a7c9a2969e45ea82b20956ec88c1b8bb4892fda102f4c6f7

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-49e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 16846495063515907402
accept-ranges: bytes
content-length: 6105
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 f1311e74398f87b1995111810d08c1a388413b11.d43661cb11d428343663.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 19 KB
7 KB 1687ms
1655ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/f1311e74398f87b1995111810d08c1a388413b11.d43661cb11d428343663.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 313bc1d183c3afddcbdbcc4974b7b52a294d6048abfbf22f8f458eb07f5f68ec

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 06:15:13 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
age: 3478
ntcoent-length: 19676
content-length: 6943
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
etag: "60cab7f9-4cdc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7000612326228486150
accept-ranges: bytes
expires: Sat, 17 Jul 2021 06:15:13 GMT

GET
H2 200 bb0f87cd0590ddc521e0b30df44ada9e80d6f874.25b32f2bf3ce9d3af029.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
4 KB 1687ms
1655ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/bb0f87cd0590ddc521e0b30df44ada9e80d6f874.25b32f2bf3ce9d3af029.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:32:42 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
age: 13228
ntcoent-length: 11793
content-length: 3474
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
etag: "60cab7f9-2e11"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 112920516187679218
accept-ranges: bytes
expires: Sat, 17 Jul 2021 03:32:42 GMT

GET
H2 200 26e57cc433838abc0ffd5e04c06d69731b5dc4e8.88ab629e351d2314d04e.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 284 KB
55 KB 1687ms
1655ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/26e57cc433838abc0ffd5e04c06d69731b5dc4e8.88ab629e351d2314d04e.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 7a636173433040eaadd28a28bb7b07173bd735977615b9b783d25e915c231666

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-46fb5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 2782376987402718069
accept-ranges: bytes
content-length: 56468
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 c76aa74fc08c45ae98eaa0cead7285158e34df8a.db1b049ee320c7a7c3f9.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 30 KB
7 KB 1868ms
1836ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/c76aa74fc08c45ae98eaa0cead7285158e34df8a.db1b049ee320c7a7c3f9.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 17 Jun 2021 02:48:26 GMT
server: Lego Server
age: 0
etag: W/"60cab7fa-776e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 3908565483858929192
accept-ranges: bytes
content-length: 7416
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 styles.0ca305d73607ebe4ae5a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 107 B
302 B 1685ms
1655ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/styles.0ca305d73607ebe4ae5a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 4996a083825c331e56e13372d3eb0660679a2c19b84032b9bcc6eb1e0792f569

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 08:50:58 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 Jun 2021 04:59:42 GMT
server: Lego Server
age: 31531
etag: "60c9853e-6b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 11291336690546564713
accept-ranges: bytes
content-length: 107
expires: Fri, 16 Jul 2021 08:50:58 GMT

GET
H2 200 main-2908131e712561857f39.js Show response
s.isanook.com/sr/0/_next/static/runtime/ 13 KB
5 KB 1866ms
1836ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 9eab4bc0eec58056c3b00a50a62561731b2620c59302f501f34ba4de6421aa31

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 23:55:14 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
age: 194264
ntcoent-length: 13391
content-length: 5063
last-modified: Fri, 11 Jun 2021 07:09:46 GMT
server: Lego Server
etag: "60c30c3a-344f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7712774991501435788
accept-ranges: bytes
expires: Tue, 13 Jul 2021 23:55:14 GMT

GET
H2 200 d372a20dd6399737a3982f419ebce0d9daad53dd.ba405c7daaf7facffe5c.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 251 KB
26 KB 1684ms
1655ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/d372a20dd6399737a3982f419ebce0d9daad53dd.ba405c7daaf7facffe5c.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: fec554dc67cf85228a5b76981f07b368a75d285eddd3d67f2537eb61fd6d9f10

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-3ea30"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 253085886166647418
accept-ranges: bytes
content-length: 26020
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 45232adf18d555e6562ceb65eb7ebe49cf9cb2a5.02e73207f7dab7fbde40.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 18 KB
5 KB 1865ms
1837ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/45232adf18d555e6562ceb65eb7ebe49cf9cb2a5.02e73207f7dab7fbde40.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: W/"60cab7f9-47b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 11714603566877961626
accept-ranges: bytes
content-length: 5292
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 a1964d9b6eef054f5f4f7db732d26a0919314bbb.115e3508778f913c00c1.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
5 KB 1865ms
1837ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/a1964d9b6eef054f5f4f7db732d26a0919314bbb.115e3508778f913c00c1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 8b64e9644f2f8cf98b093aec08032e56ebc4becf2b6768eaf24163a423dae655

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-3493"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14439092674088503981
accept-ranges: bytes
content-length: 4708
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 433412772918bb56dd724f6b94a3198d9bb3fad3.8c7201dca81875cd9bba.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
4 KB 1869ms
1840ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/433412772918bb56dd724f6b94a3198d9bb3fad3.8c7201dca81875cd9bba.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-2e2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 2723583049871553667
accept-ranges: bytes
content-length: 3936
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 212 KB
47 KB 1869ms
1840ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: a3efab061ef483ca4d6d0ead3c0b415ddba24a57d55366f89738c12b5da174b8

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-3519a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6488922155325296077
accept-ranges: bytes
content-length: 48378
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 d79bfb941bed20e52f2717b0a2e1d1492384fa96.6fe0d2db4ad1278b3e1b.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 15 KB
4 KB 1868ms
1840ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/d79bfb941bed20e52f2717b0a2e1d1492384fa96.6fe0d2db4ad1278b3e1b.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-3c2a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 2470396783629298596
accept-ranges: bytes
content-length: 3643
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 37788c12fde364d8af75326163b9cf5da35807cb.373763efdd431ed68264.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 34 KB
8 KB 1867ms
1840ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/37788c12fde364d8af75326163b9cf5da35807cb.373763efdd431ed68264.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-8724"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15441946227092921485
accept-ranges: bytes
content-length: 8443
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 46a0bbc5aecc4709930df957530a48c8bc680d40.1c26ec41cba2d9195163.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 6 KB
3 KB 1867ms
1840ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/46a0bbc5aecc4709930df957530a48c8bc680d40.1c26ec41cba2d9195163.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: W/"60cab7f9-16bf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13523009870366437998
accept-ranges: bytes
content-length: 2659
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 1b91c73627dbf66500087ebd556769da2d95a350.99c2898dcbff2a789c9c.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
6 KB 1867ms
1840ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1b91c73627dbf66500087ebd556769da2d95a350.99c2898dcbff2a789c9c.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-72c9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 203396453251767700
accept-ranges: bytes
content-length: 5530
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 b0367955a9a22d497ae9f047ae41e4de2ed7a4ff.d78986082232a551f17b.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 52 KB
15 KB 1867ms
1841ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/b0367955a9a22d497ae9f047ae41e4de2ed7a4ff.d78986082232a551f17b.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 56e6ed5bbbb9077c8bfdda4d8ca32afff6c7368bb1ade4a6f57ecf3a26df870c

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-d1e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 17082854682988572553
accept-ranges: bytes
content-length: 15077
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 _buildManifest.js Show response
s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/ 5 KB
2 KB 1866ms
1841ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/_buildManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 13fddc04b2c9562fc41facd921cdf8eeace3f4e7f954374f3934cfad44a880bb

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 4893
server: Lego Server
age: 13215
etag: W/"60cab7fa-131d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 5575208248890660196
accept-ranges: bytes
content-length: 1744
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 oppa.js Show response
p3.isanook.com/sh/0/js/ 537 B
496 B 761ms
250ms Script
application/javascript 150.109.206.145
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/oppa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
server: Lego Server
etag: W/"591c0bd4-219"
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 17157670079539212835
accept-ranges: bytes
content-length: 363

GET
H2 200 db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js Show response
s.isanook.com/sr/0/js/izooto/ 120 KB
34 KB 1865ms
1840ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: dc8acdb75d8e5a18b6c02d03a842bf4383df926b7a4aad907614a037e5eaa277

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 01:22:32 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 122756
server: Lego Server
age: 204068
etag: W/"PSA-aj-4UqXOPMF_n"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 16804102574140160611
accept-ranges: bytes
content-length: 34490
expires: Sat, 10 Jul 2021 01:07:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
42 KB 48ms
23ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3db55ba67b886a7c0d4f317b266a3f19f5aff866f08f7978a739c6bcd76c9811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43089
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Jun 2021 15:22:36 GMT

GET
H/1.1 200
OK d0004449.js Show response
lvs2.truehits.in.th/dataa/ 8 KB
3 KB 98ms
20ms Script
application/x-javascript 101.33.11.88
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWS_Oversea_AP /
Resource Hash: 69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 15:22:36 GMT
Content-Encoding: gzip
X-Cache-Lookup: Hit From Disktank3 Gz, Hit From Inner Cluster
Last-Modified: Thu, 17 Jun 2021 07:02:00 GMT
Server: NWS_Oversea_AP
P3P: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control: max-age=604800
X-Daa-Tunnel: hop_count=1
X-NWS-LOG-UUID: a875f263-4f2f-4c88-8fc4-3d81345d1470
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 2946
Expires: Thu, 24 Jun 2021 15:22:36 GMT

GET
H2 200 a102.js Show response
sal.isanook.com/js/ 23 KB
10 KB 1254ms
237ms Script
application/javascript 61.91.94.132
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/js/a102.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software: nginx /
Resource Hash: 65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length: 24035
date: Thu, 17 Jun 2021 15:22:38 GMT
content-encoding: gzip
last-modified: Mon, 10 Aug 2020 09:23:14 GMT
server: nginx
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10300
expires: Sat, 17 Jul 2021 15:22:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
25 KB 43ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24517
x-xss-protection: 0
pragma: public
x-fb-debug: 0zwgGsa4VzgnZskC6G37dosFh1hg8PY1F0gsZfnXxAJkSFpN+QCLahjm2G4YmpLAoWq6U0ENne9joTWSbd3XmA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 17 Jun 2021 15:22:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 logo-sanook.svg
s.isanook.com/sr/0/images/ 6 KB
6 KB 1859ms
1838ms Image
image/svg+xml 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/logo-sanook.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 08:52:31 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 Jun 2021 05:00:12 GMT
server: Lego Server
age: 25652
etag: W/"60c9855c-1633"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 4677114787578700223
accept-ranges: bytes
content-length: 5683
expires: Fri, 16 Jul 2021 08:52:31 GMT

GET
H2 200 wetv-g.svg
s.isanook.com/sr/0/images/homewetv/ 4 KB
5 KB 1854ms
1836ms Image
image/svg+xml 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/homewetv/wetv-g.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 08:52:46 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 Jun 2021 04:59:59 GMT
server: Lego Server
age: 3806
etag: W/"60c9854f-113a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 1908276189357906616
accept-ranges: bytes
content-length: 4410
expires: Fri, 16 Jul 2021 08:52:46 GMT

GET
H2 200 covid-bg.png
s.isanook.com/sr/0/images/events/2020/covid2019/ 3 KB
3 KB 1846ms
1836ms Image
image/png 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/events/2020/covid2019/covid-bg.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 7f90dcd0fba90d90c2bb4b845ecacdfb21873fef07fc57d931fce0a5a43f4a40

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 04:33:36 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:30 GMT
server: Lego Server
age: 0
etag: "60cab7fe-c8d"
content-type: image/png
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7958823342607296525
accept-ranges: bytes
content-length: 3213
expires: Sat, 17 Jul 2021 04:33:36 GMT

GET
H2 200 base-icon-v1.0.33.woff2
s.isanook.com/sr/0/fonts/icon/ 34 KB
34 KB 592ms
196ms Font
font/woff2 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.33.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e

Request headers

Origin: https://www.sanook.com
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 03:42:53 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 11 Jun 2021 03:31:26 GMT
server: Lego Server
age: 0
etag: "60c2d90e-886c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 7094828905879167802
accept-ranges: bytes
content-length: 34924
expires: Sun, 11 Jul 2021 03:42:53 GMT

GET
H2 200 SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
31 KB 962ms
566ms Font
font/woff2 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Origin: https://www.sanook.com
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 03:54:10 GMT
x-cache-lookup: Cache Hit
last-modified: Wed, 09 Jun 2021 04:46:45 GMT
server: Lego Server
age: 194970
etag: "60c047b5-7a90"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 1402484836891093119
accept-ranges: bytes
content-length: 31376
expires: Sat, 10 Jul 2021 03:54:10 GMT

GET
H2 200 SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
32 KB 961ms
565ms Font
font/woff2 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Origin: https://www.sanook.com
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 08:52:01 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 11 Jun 2021 07:09:49 GMT
server: Lego Server
age: 160291
etag: "60c30c3d-7df4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 6018129574134965110
accept-ranges: bytes
content-length: 32244
expires: Wed, 14 Jul 2021 08:52:01 GMT

GET
H3-29 200 1489944661112333 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1489944661112333?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c361370e5b93024f75c586ec20a5692f4a4e7dbe2ef15905b75cd47d74dfceb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75784
x-xss-protection: 0
pragma: public
x-fb-debug: gyK1LuAOyEI6KyCbcc47oGFtvf1vQuVpLn/WeQSqTTqt6lLFp692oKe1OcVpKDlIJ40O2XggihA19dTmTKg6CA==
x-frame-options: DENY
date: Thu, 17 Jun 2021 15:22:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK goggen.php
lvs2.truehits.in.th/ 91 B
441 B 421ms
420ms Image
image/jpeg 101.33.11.88
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=yA1RX46rXb%2bDzXMUH/wxfQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=44CE3C16.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 15:22:37 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
P3P: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control: no-cache
X-Daa-Tunnel: hop_count=2
X-NWS-LOG-UUID: d5bfcec0-48b9-450b-941b-11273ba969c2
Connection: keep-alive
Content-Type: image/jpeg

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 2 MB
195 KB 105ms
24ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 02:13:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a0a4a-1896b8-5c44bd063c1a9"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=57539
accept-ranges: bytes
content-type: text/javascript
content-length: 198970
expires: Fri, 18 Jun 2021 07:21:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1440
date: Thu, 17 Jun 2021 14:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 17 Jun 2021 16:58:37 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 96ms
30ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a38be1af053ab88f66edd53f84ef3df0d69c2447ccb801d17d62ee74e03fcf2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14001
x-xss-protection: 0
server: cafe
etag: 14997771784825138903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Jun 2021 15:22:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 19ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1623943357331&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623943357329.804690212&it=1623943357187&coo=false&rqm=GET

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 17 Jun 2021 15:22:37 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 93 KB
36 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NBRLWV4&t=gtm4&cid=343587080.1623943357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c07d8d1de782177a97372172e2c5dfed7946b584afe569e2353fb158715743dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36999
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:37 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/1007499765/ 2 KB
1 KB 36ms
35ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1007499765/?random=1623943357377&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6f4edf42f57ab049ff5c1e111189c998762737248dca9a5556ef97cc2210ea67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1268
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/privacysandbox/conversion/1007499765/ 0
0 38ms
18ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/1007499765/?random=1623943357377&cv=9&fst=1623943357377&num=1&fmt=3&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 3 KB
2 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1623943357419&cv=9&fst=1623943357419&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

6ab30c05860dc5426ee66e700ae6c5a5ede1ac7d4432b6580f93661f33994ff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1469068318&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=11989492&gjid=962888306&cid=343587080.1623943357&tid=UA-8147095-6&_gid=1289261235.1623943357&_r=1&gtm=2wg6g0PNXLXRS&cd4=0&cd12=1623943357437.aov8fcurg&cd22=firstpage&cd23=indexpage&z=835249059

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 83ms
22ms Preflight
application/json 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1

Protocol

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sanook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.sanook.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1655
date: Thu, 17 Jun 2021 15:22:36 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
https://mug.criteo.com/sid?cpp=stCIh3xYRTIxY3F1ak5xZGtIQkRCK1BBVjhMWUpwZFNHZ1FETkdsMnJ3U1pDSXBsVGNuMHJRSnkySjFwYU9KcTc3bzlnV1g1T01EVElwUkdoN00vdElGZjVEaDIrQmJKUEJ4ekJKUFVRRmphMVVDVjBEejZRVnYvUHVjYm...

350 B
633 B

103ms
37ms

XHR
application/json

178.250.2.146

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=stCIh3xYRTIxY3F1ak5xZGtIQkRCK1BBVjhMWUpwZFNHZ1FETkdsMnJ3U1pDSXBsVGNuMHJRSnkySjFwYU9KcTc3bzlnV1g1T01EVElwUkdoN00vdElGZjVEaDIrQmJKUEJ4ekJKUFVRRmphMVVDVjBEejZRVnYvUHVjYm11aHBYSDVsZEUvay9nRXJodmdhd0RDUHFQQ3VHclpYQjBlalIrYTRNV25ZRFRENVljQUFMQmpoaUMzMEVYMU1aYjJMc05rWDBRYitVSDJNZlo1dVlQU0RFU1prZWZQT1R0bVJsT3RnbE9yTHBnQUdaSDVZPXw&cppv=2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN (),

Reverse DNS

Software

Resource Hash

7b0f134d3c5fc97ef8feb1488957d50fb3fe61134848ad8c7e4a292c73d1071a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 17 Jun 2021 15:22:37 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2378
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 17 Jun 2021 15:22:37 GMT
location: https://mug.criteo.com/sid?cpp=stCIh3xYRTIxY3F1ak5xZGtIQkRCK1BBVjhMWUpwZFNHZ1FETkdsMnJ3U1pDSXBsVGNuMHJRSnkySjFwYU9KcTc3bzlnV1g1T01EVElwUkdoN00vdElGZjVEaDIrQmJKUEJ4ekJKUFVRRmphMVVDVjBEejZRVnYvUHVjYm11aHBYSDVsZEUvay9nRXJodmdhd0RDUHFQQ3VHclpYQjBlalIrYTRNV25ZRFRENVljQUFMQmpoaUMzMEVYMU1aYjJMc05rWDBRYitVSDJNZlo1dVlQU0RFU1prZWZQT1R0bVJsT3RnbE9yTHBnQUdaSDVZPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1679
content-length: 482
expires: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 63 KB
21 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1923d80074cb1c0adebc7cf62681da3dc1502b06f7f8b03ddcd8d20a7d6047b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "905 / 452 of 1000 / last-modified: 1623928601"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21551
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
433 B 64ms
15ms XHR
text/plain 2a00:1450:400c:c04::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-8147095-6&cid=343587080.1623943357&jid=11989492&gjid=962888306&_gid=1289261235.1623943357&_u=aGDAAEACQAAAAC~&z=1826674090

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 17 Jun 2021 15:22:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505...
https://www.google.com/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1...
https://www.google.de/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=16...

42 B
64 B

52ms
37ms

Image
image/gif

2a00:1450:4001:828::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&cid=CAQSKQCNIrLMiHw3hTN2xoGVsoqsuwD11mtoK5qzdxu_425sscOFTARLf8af&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vNwkQ3lV373667WzkKonOpWeVE-DYgi6XxA&random=1292834463&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&cid=CAQSKQCNIrLMiHw3hTN2xoGVsoqsuwD11mtoK5qzdxu_425sscOFTARLf8af&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vNwkQ3lV373667WzkKonOpWeVE-DYgi6XxA&random=1292834463&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/408516141/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/408516141/?random=1623943357419&cv=9&fst=1623942000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&async=1&fmt=3&is_vtc=1&random=1115957460&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/408516141/ 42 B
569 B 42ms
21ms Image
image/gif 2a00:1450:4001:828::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/408516141/?random=1623943357419&cv=9&fst=1623942000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&async=1&fmt=3&is_vtc=1&random=1115957460&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021061502.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
115 KB 68ms
26ms Script
text/javascript 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

4ecfa657a94c57109985f7d07882a68936fe311340910a2f592ebd80a1c82906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:12:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116908
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:37 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-8147095-6&cid=343587080.1623943357&jid=11989492&_u=aGDAAEACQAAAAC~&z=906960327

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
30ms Image
image/gif 2a00:1450:4001:828::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-8147095-6&cid=343587080.1623943357&jid=11989492&_u=aGDAAEACQAAAAC~&z=906960327

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 81ms
26ms Script
application/javascript 65.9.82.63

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.82.63 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:08:19 GMT
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 858
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: EeomdudhF_GIjUhCmWwHAcqmYk-FxKXFzS2kzDm743fZK_QinxTf-w==

GET
H/1.1 200
OK container_57b51f2f1c51b15b6d1e8553.js Show response
avd.innity.net/225/ 8 KB
4 KB 79ms
24ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 15:22:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:27:45 GMT
Server: nginx/1.18.0
ETag: "5f48c001-20eb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2507993
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3222
Expires: Fri, 16 Jul 2021 16:02:30 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 96ms
32ms Preflight
application/json 178.250.2.146

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 862
date: Thu, 17 Jun 2021 15:22:37 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ 20 KB
7 KB 24ms
24ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 15:22:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 01:29:24 GMT
Server: nginx/1.18.0
ETag: "5fa203f4-51a4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2497874
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6437
Expires: Fri, 16 Jul 2021 13:13:51 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ 8 KB
3 KB 48ms
24ms Script
application/javascript 104.111.224.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-224-62.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 15:22:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.18.0
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2439688
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2875
Expires: Thu, 15 Jul 2021 21:04:05 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%...
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8...

64 B
328 B

36ms
36ms

Image
image/gif

65.9.82.63

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.82.63 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:37 GMT
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 5TL-pbziEiLn_TpybLj1LgVGcYOpAC_rcQaiyUYsj8sHwJSEA8clQg==

Redirect headers

date: Thu, 17 Jun 2021 15:22:37 GMT
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
content-length: 433
x-amz-cf-id: ZCUI3nDqOcN30FO6xvx0fCxFtZnSvrLi4ObBq9hADVxykpjoRxPIYw==

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ 59 B
724 B 730ms
185ms Script
application/javascript 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: b48893b6aa61aa39b43f18ef69b68f3b160c0e4372edd8f05c078b7025bfb93f

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Jun 2021 15:22:38 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: application/javascript
Content-Length: 77
Expires: Wed, 04 Aug 1985 12:59:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
6ms Ping
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryg0KRaiQgjAobe8dX

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 17 Jun 2021 15:22:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK /
avd.innity.com/dc/ 43 B
604 B 547ms
186ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=225&cuid=ad65656fd510226007c7023f3585bc61&cb=1623943358479&douid=&sess=36700016.225.1623943358478&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:38 GMT
Last-Modified: Thu, 17 Jun 2021 15:22:38 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1

200
OK

/
avd.innity.com/bounce/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1623943358480
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1623943358480
https://avd.innity.com/sync/?partner=appnexus&token=1807299555491511333&type=cookie&itmcb=1623943358480
https://avd.innity.com/bounce/?%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D1807299555491511333%26type%3Dcookie%26itmcb%3D1623943358480

43 B
471 B

1542ms
1182ms

Image
image/gif

119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/bounce/?%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D1807299555491511333%26type%3Dcookie%26itmcb%3D1623943358480
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:40 GMT
Last-Modified: Thu, 17 Jun 2021 15:22:40 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Location: /bounce/?%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D1807299555491511333%26type%3Dcookie%26itmcb%3D1623943358480
Date: Thu, 17 Jun 2021 15:22:39 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
avd.innity.com/sync/ 43 B
471 B 1634ms
1271ms Image
image/gif 119.81.216.16
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=ad65656fd510226007c7023f3585bc61&type=cookie&itmcb=1623943358480
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:40 GMT
Last-Modified: Thu, 17 Jun 2021 15:22:40 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 123e19f2.8e7e22347c3c27645b2d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 376 KB
106 KB 214ms
214ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/123e19f2.8e7e22347c3c27645b2d.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:35:55 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Fri, 11 Jun 2021 07:09:46 GMT
server: Lego Server
age: 0
etag: W/"60c30c3a-5e0f3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 10361906997590205480
accept-ranges: bytes
content-length: 108222
expires: Wed, 14 Jul 2021 01:35:55 GMT

GET
H2 200 a7e7d9dd.29101f59d4b366d42e27.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 276 KB
64 KB 213ms
213ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/a7e7d9dd.29101f59d4b366d42e27.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: dca1f4e2612b116221b7c2544644cf400809ec7a2e5c4d5f1b6569536eceba87

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:03:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 283103
server: Lego Server
age: 2
etag: W/"60c30c39-451df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 5586701377593692107
accept-ranges: bytes
content-length: 65434
expires: Mon, 12 Jul 2021 10:03:38 GMT

GET
H2 200 JooxPlayer.67af19cc9c9f7e92c734.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 259 KB
89 KB 214ms
214ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/JooxPlayer.67af19cc9c9f7e92c734.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 840af75bc8b3a5fbc16c4871c3f1a15c95fa59abd76f2a6fbed17718e2c29884

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 23:45:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 Jun 2021 04:59:41 GMT
server: Lego Server
age: 0
etag: W/"60c9853d-40bc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 15370186673890680397
accept-ranges: bytes
content-length: 90368
expires: Fri, 16 Jul 2021 23:45:39 GMT

GET
H2 200 hub.html Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 1153 236 B
414 B 461ms
461ms Document
text/html 150.109.206.145
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

:method: GET
:authority: p3.isanook.com
:scheme: https
:path: /jo/0/mu/evt/_cross_storage/ex/hub.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Thu, 17 Jun 2021 15:21:55 GMT
x-page-speed: 1.13.35.2-0
cache-control: no-cache, max-age=0
age: 44
accept-ranges: bytes
server: Lego Server
x-cache-lookup: Cache Miss Hit From Inner Cluster
content-encoding: gzip
content-length: 192
x-nws-log-uuid: 5015762079360606438

GET
H/1.1 200
OK / Show response
api.u1sf.com/geoip2/code/ 160 B
407 B 1234ms
235ms Script
application/json 61.91.94.198
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.u1sf.com/geoip2/code/?callback=jsonp_1623943359218_28986
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/c76aa74fc08c45ae98eaa0cead7285158e34df8a.db1b049ee320c7a7c3f9.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 61.91.94.198 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software: /
Resource Hash: 1e05c513890dfe5ed032afd2ef6aa8621f8cc1cd231b3094472cfa795d01b4f2

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 17 Jun 2021 15:22:40 GMT
Age: 0
Content-Type: application/json; charset=utf-8
Cache-Control: public, max-age=900, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 160

GET
H2 200 116.7de05d8ed63e34b7489e.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 301 KB
98 KB 195ms
195ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/116.7de05d8ed63e34b7489e.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: bf693376bfcfc1b85adad412d8ca798a23092967b57fa68f6109443572f15342

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 05:51:14 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 16 Jun 2021 04:59:42 GMT
server: Lego Server
age: 0
etag: W/"60c9853e-4b31f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 9436582284237518688
accept-ranges: bytes
content-length: 99853
expires: Fri, 16 Jul 2021 05:51:14 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 100ms
25ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 ads.json Show response
s.isanook.com/sh/0/ad/ 142 B
322 B 196ms
196ms Fetch
application/json 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/ad/ads.json?v=13532861
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 01:17:26 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 142
server: Lego Server
age: 0
etag: "5f9f831b-8e"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-nws-log-uuid: 9736786333918209788
accept-ranges: bytes
content-length: 109
expires: Sat, 17 Jul 2021 01:17:26 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 74ms
25ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 97ms
31ms XHR
text/plain 178.250.0.165

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=71964507749
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN (),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:39 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 62ms
24ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 32ms
31ms XHR
text/plain 178.250.0.165

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=29897482388
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN (),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:38 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 24ms
24ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 latest.json Show response
s.isanook.com/an/0/covid-19/static/data/thailand/daily/ 116 B
348 B 206ms
206ms XHR
application/json 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/an/0/covid-19/static/data/thailand/daily/latest.json?1623943359219
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: df5748b46d35365a88c5de066e301538b0326e3ec1324300bfa160cc26abfdc2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
x-cache-lookup: Cache Miss, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 15:15:05 GMT
server: Lego Server
age: 0
etag: "60cb66f9-74"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 10874576605446412402
accept-ranges: bytes
content-length: 116
expires: Sat, 17 Jul 2021 15:22:39 GMT

GET
H2 200 ico-policy-2.svg
s.isanook.com/sr/0/images/icon/ 994 B
1 KB 200ms
200ms Image
image/svg+xml 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/icon/ico-policy-2.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 08:52:12 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 Jun 2021 04:59:58 GMT
server: Lego Server
age: 27520
etag: W/"60c9854e-3e2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 13877502613606868662
accept-ranges: bytes
content-length: 994
expires: Fri, 16 Jul 2021 08:52:12 GMT

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 18 KB
3 KB 474ms
251ms Fetch
application/json 61.91.93.188
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getHomeHilightEntries&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%2C%22poll%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A15%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%226a056dc7f08c6d2e00ee86da7454619643df4a58%22%7D%7D

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-188.static.asianet.co.th

Software

nginx /

Resource Hash

0d5a51d1cfd4c9c94ea57f6c8f1706883b9303735fffb5f72b229d5493417fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 17 Jun 2021 15:22:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Origin
x-newrelic-app-data: PxQDWFFXAAATUVFSBAgEV1MTGhE1AwE2QgNWEVlbQFtcCxYkSRFBBxdFXRJJJH1nH0tDTgcdB0hVBQUGWlBXWwBbAVsBAQ0LC0kbUAlQClJGGhVWXgIIAAhTVAMEUgZXVBMaVQMKEAdt
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://www.sanook.com
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 979ms
249ms Preflight 61.91.93.188
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-188.static.asianet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sanook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 17 Jun 2021 15:22:40 GMT
Connection: keep-alive
Access-Control-Max-Age: 300
X-Cache: BYPASS
Vary: Origin
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security: max-age=15724800; includeSubDomains;

GET
H2 200 c
sal.isanook.com/sa/ 35 B
167 B 226ms
225ms Image
image/gif 61.91.94.132
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sal.isanook.com/sa/c?v=1&_v=j41&a=539772019&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SAAAAAABC~&cid=470544314.1623943359&tid=SA-8147095-6&cd4=0&cd8=b&z=1778191641
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
server: nginx
content-type: image/gif
cache-control: no-cache, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 35
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 entry.js
s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/common/ 0
10 KB 200ms
200ms Other
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/common/entry.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:26 GMT
server: Lego Server
age: 0
etag: W/"60cab7fa-9c11"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 875839063268966968
accept-ranges: bytes
content-length: 9914
expires: Sat, 17 Jul 2021 03:01:40 GMT

GET
H2 200 d372a20dd6399737a3982f419ebce0d9daad53dd.ba405c7daaf7facffe5c.js
s.isanook.com/sr/0/_next/static/chunks/ 0
26 KB 197ms
197ms Other
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/d372a20dd6399737a3982f419ebce0d9daad53dd.ba405c7daaf7facffe5c.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-3ea30"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14021372230495716865
accept-ranges: bytes
content-length: 26020
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 45232adf18d555e6562ceb65eb7ebe49cf9cb2a5.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ 0
5 KB 200ms
199ms Other
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/45232adf18d555e6562ceb65eb7ebe49cf9cb2a5.02e73207f7dab7fbde40.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: W/"60cab7f9-47b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 13278893679003751034
accept-ranges: bytes
content-length: 5292
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 a1964d9b6eef054f5f4f7db732d26a0919314bbb.115e3508778f913c00c1.js
s.isanook.com/sr/0/_next/static/chunks/ 0
5 KB 203ms
201ms Other
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/a1964d9b6eef054f5f4f7db732d26a0919314bbb.115e3508778f913c00c1.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-3493"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 733539459380267830
accept-ranges: bytes
content-length: 4708
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 433412772918bb56dd724f6b94a3198d9bb3fad3.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ 0
4 KB 202ms
201ms Other
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/433412772918bb56dd724f6b94a3198d9bb3fad3.8c7201dca81875cd9bba.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-2e2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15541007571414454761
accept-ranges: bytes
content-length: 3936
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js
s.isanook.com/sr/0/_next/static/chunks/ 0
47 KB 197ms
197ms Other
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-3519a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6467218478745905015
accept-ranges: bytes
content-length: 48378
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 d79bfb941bed20e52f2717b0a2e1d1492384fa96.6fe0d2db4ad1278b3e1b.js
s.isanook.com/sr/0/_next/static/chunks/ 0
4 KB 217ms
203ms Other
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/d79bfb941bed20e52f2717b0a2e1d1492384fa96.6fe0d2db4ad1278b3e1b.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-3c2a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14333340930716525696
accept-ranges: bytes
content-length: 3643
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 46a0bbc5aecc4709930df957530a48c8bc680d40.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ 0
3 KB 212ms
204ms Other
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/46a0bbc5aecc4709930df957530a48c8bc680d40.1c26ec41cba2d9195163.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:38 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: W/"60cab7f9-16bf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17396924592732227245
accept-ranges: bytes
content-length: 2659
expires: Sat, 17 Jul 2021 03:01:38 GMT

GET
H2 200 ffdaf678930dc5d9f5a44b4ea5ab5521d66095a9.0d563f91b1e6dae195d3.js
s.isanook.com/sr/0/_next/static/chunks/ 0
4 KB 209ms
204ms Other
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/ffdaf678930dc5d9f5a44b4ea5ab5521d66095a9.0d563f91b1e6dae195d3.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:01:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 02:48:25 GMT
server: Lego Server
age: 0
etag: W/"60cab7f9-474f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14062820703426937785
accept-ranges: bytes
content-length: 4248
expires: Sat, 17 Jul 2021 03:01:40 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
682 B 108ms
51ms XHR
application/json 23.37.38.181

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212e37181ee3779b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22136049b5eb7cb74%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 788113b5149e8260aecd7fc881e07f3be400bf8ae53f04135f54d46e0d9d5d17

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[37.120.137.158], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.sanook.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 43
x-ak-client-geo: 12
expires: Thu, 17 Jun 2021 15:22:39 GMT

GET
H2 200 arj Show response
tencentth-d.openx.net/w/1.0/ 172 B
559 B 93ms
37ms XHR
application/json 35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=24039288-1798-4edf-807b-f4456702811c&nocache=1623943359557&aus=300x250&divIds=rgpt-recb-4&auid=542511420
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: ae0940a8bbb0d579de4f4cdfb221b8addc01275d7d1327c06e00689f42a22c29

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sanook.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content hb Show response
rtb-eu.andbeyond.media/ 0
266 B 123ms
23ms XHR
text/plain 77.245.57.78
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:39 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 186ms
185ms XHR
application/json 185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN (),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e6a40ab2403813d5a0a4eaa2156a8514276bff4df070c9211e10960151878276

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:39 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: 10b41a30-4cf9-4912-a43c-97bffc500233
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 70ms
70ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
362 B 102ms
52ms XHR
application/json 184.30.21.51

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 17 Jun 2021 15:22:39 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
187 B 45ms
44ms Ping
text/plain 178.250.0.165

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN (),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:38 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
303 B 13ms
13ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 12 Jun 2022 15:22:39 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
303 B 14ms
13ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 12 Jun 2022 15:22:39 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 144 B
397 B 34ms
34ms XHR
application/json 178.250.0.165

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=30510815678
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN (),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: afab4cddb39ebfcfd288a219afa7f3d2713c0f23c7469506b235b9a90a8ebd31

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 148

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 37ms
16ms Script
application/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
16ms Script
application/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
5 KB 68ms
68ms XHR
text/plain 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=4006038205094527&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623943359&dt=1623943359635&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=345054422&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

56350012a78fa8493bcb38fe6e0e06a29c70582ed2ab2d45a6babdef2b195c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4377
x-xss-protection: 0
google-lineitem-id: 5582840632
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138336206208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 61ms
13ms Other
text/html 2a00:1450:4001:811::2001

General

Check archive.org

Show headers Download Go to

Full URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 79ms
79ms XHR
text/plain 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=142233099096013&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623943359&dt=1623943359645&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2209700283&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=132&ohw=130&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

16b6712bb0e8b96ef51ee1898e487bbf652b4ac82436e77efb82bbd73106cbbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5123
x-xss-protection: 0
google-lineitem-id: 5610434112
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339427655
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 468 B
430 B 55ms
55ms XHR
text/plain 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=2565508784608742&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cthemead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623943359&dt=1623943359652&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=362149050&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

170c0ad9b955a9af6dc766e12b8a199e45d9d58769ed8114774720fb147f74b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arj Show response
tencentth-d.openx.net/w/1.0/ 173 B
361 B 76ms
75ms XHR
application/json 35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9fe99334-e563-4363-b412-95e0ffdbb47f&nocache=1623943359662&aus=1130x250%2C1090x250%2C970x250%2C1x1&divIds=rgpt-billboard-6&auid=542511408
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 9cdfcda365e1b66d3f880c979ac8cdc83e178cef320c33c75f53b55f3e3c1c18

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sanook.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 78ms
75ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 400
Bad Request hb Show response
rtb-eu.andbeyond.media/ 32 B
300 B 44ms
27ms XHR
text/plain 77.245.57.78
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-eu.andbeyond.media/hb?zone=136923&v=1.5
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:39 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 32

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
602 B 86ms
86ms XHR
application/json 23.37.38.181

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=575405&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223172be0464ad2e3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22328651b25c92cb2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221130x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1130%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22336baf933e80bea%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221090x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1090%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223484b8bed28dd2a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2235f27dea3ad560f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 07a4456a253eafbae8ca967f6d8d80c531d8140f55b767aabf9bfcc32255a381

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[37.120.137.158], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.sanook.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 45
x-ak-client-geo: 12
expires: Thu, 17 Jun 2021 15:22:39 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
247 B 51ms
51ms XHR
application/json 184.30.21.51

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 17 Jun 2021 15:22:39 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
187 B 40ms
40ms Ping
text/plain 178.250.0.165

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN (),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:39 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 60CC 2 KB
1 KB 70ms
41ms Document
text/html 2606:4700::6812:d841

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn.izooto.com
:scheme: https
:path: /scripts/sak/iz_setcid.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 11 Feb 2020 13:01:43 GMT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2139498
expires: Sun, 18 Jul 2021 15:22:39 GMT
cache-control: public, max-age=2678400
cf-request-id: 0abc2a44e4000005d4822ce000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 660d464e3d4e05d4-FRA
content-encoding: br

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame CE5B 38 KB
14 KB 25ms
24ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=122552
expires: Sat, 19 Jun 2021 01:25:11 GMT
date: Thu, 17 Jun 2021 15:22:39 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 436B 38 KB
14 KB 26ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=122552
expires: Sat, 19 Jun 2021 01:25:11 GMT
date: Thu, 17 Jun 2021 15:22:39 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame CA70 38 KB
14 KB 27ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=122552
expires: Sat, 19 Jun 2021 01:25:11 GMT
date: Thu, 17 Jun 2021 15:22:39 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8C1E 38 KB
14 KB 27ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=122552
expires: Sat, 19 Jun 2021 01:25:11 GMT
date: Thu, 17 Jun 2021 15:22:39 GMT
vary: Accept-Encoding

POST
H/1.1 200 617.json Show response
id5-sync.com/g/v2/ 213 B
532 B 160ms
55ms XHR
application/json 51.89.21.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/617.json

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

6c44405ab70a28ddb28bb5930646a069e59076fcd530ac435f6350f14a1ead72

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.sanook.com
Date: Thu, 17 Jun 2021 15:22:48 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 77 B
823 B 152ms
47ms XHR
application/json 52.30.14.23

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 4145b1c3dc67dbf7e7633324f42330d2467ccb902d874494695567ca2dac42f0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.30.201
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 77
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
543 B 150ms
45ms XHR
application/json 13.248.242.197

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN (),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: be5f112e2769401e53cb3336a1ff34d48469c5b2a8a2f3940ae41c725bd0d19d

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 17 Jul 2021 15:22:39 GMT

GET
H2 200 2021-06-17.json Show response
s.isanook.com/an/0/covid-19/static/data/thailand/daily/ 35 KB
5 KB 229ms
228ms XHR
application/json 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/an/0/covid-19/static/data/thailand/daily/2021-06-17.json?1623943359219
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: cc139102469d1642b0d6deb4bbdb6ac89a2ba409d24c24a96ed6bfd288072c9a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
x-cache-lookup: Cache Miss, Hit From Inner Cluster
last-modified: Thu, 17 Jun 2021 15:15:05 GMT
server: Lego Server
age: 0
etag: "60cb66f9-8b26"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 12836795391146496623
accept-ranges: bytes
expires: Sat, 17 Jul 2021 15:22:39 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 156ms
144ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 107ms
94ms XHR
application/json 185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN (),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b02098980576153147ea9762d8aeaaec7447decca7bddc419a1e7b333583de46

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:39 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid: 35541c9a-f538-47f3-8400-206ebe93acaa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
602 B 69ms
62ms XHR
application/json 23.37.38.181

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224736102eb8f31b6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22484b5cf66338d5c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22496a49c42e0a448%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22257x240%22%7D%2C%22banner%22%3A%7B%22w%22%3A257%2C%22h%22%3A240%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2250fb39a5b4590ed%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 99d6a9fabcf841ba995fe8b71f1c9c1e960f6df646a0e73cbdd08fb1f8913e69

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[37.120.137.158], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.sanook.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 45
x-ak-client-geo: 12
expires: Thu, 17 Jun 2021 15:22:39 GMT

GET
H2 200 arj Show response
tencentth-d.openx.net/w/1.0/ 173 B
357 B 99ms
94ms XHR
application/json 35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2f50c01f-d463-447b-b9aa-0b8ff13a902a&nocache=1623943359737&aus=300x250%2C257x240%2C300x125&divIds=rgpt-reca-8&auid=542511420
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 97dd2b26c7e555d537095fb4147d2d8cf99fd87e8135246b92dbfa1acb62d913

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sanook.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
247 B 67ms
64ms XHR
application/json 184.30.21.51

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 17 Jun 2021 15:22:39 GMT

POST
H/1.1 204
No Content hb Show response
rtb-eu.andbeyond.media/ 0
266 B 27ms
25ms XHR
text/plain 77.245.57.78
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:39 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

POST
H2 204 events
bidder.criteo.com/csm/ 0
187 B 63ms
60ms Ping
text/plain 178.250.0.165

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN (),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.sanook.com
date: Thu, 17 Jun 2021 15:22:39 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 376ms
325ms XHR
text/plain 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=2152303294896701&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cnative1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=257x240&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623943359&dt=1623943359761&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=1088&adys=1797&adks=2250919550&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=257x0&msz=257x0&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

97072232e06c3504d24e712480dc926fedf5c77a8c23737c673982ebcb725540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10223
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 5968 668 B
723 B 44ms
42ms Document
text/html 35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 1acc2adcaf6ce530c15df6381743228c4f04c87001bec4e9f2b5fb9bd7f4ac08

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=497fa801-dbaa-0d8d-34a4-290f41306f18|1623943359
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=497fa801-dbaa-0d8d-34a4-290f41306f18|1623943359; Version=1; Expires=Fri, 17-Jun-2022 15:22:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623943359|gekin0vNiygu; Version=1; Expires=Fri, 02-Jul-2021 15:22:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.209.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 17 Jun 2021 15:22:39 GMT
content-type: text/html
content-length: 411
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame B9B7 2 KB
1 KB 91ms
24ms Document
text/html 2.18.234.21

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sanook.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 17 Jun 2021 15:22:39 GMT
Content-Length: 1151
Connection: keep-alive

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 527E 0
0 58ms
55ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst82rgK6UPA6WrmV8Wf_nejjg8h2wJDkjbRbFo8tgyzHbFDdzd1_F7lRtakzVUlgMv5VxJ24OqsKREy5D-9dxpp3LxL6ovzrRZIeUOcwqa18eeIDnCJRVK3VgJSCkUedWeG-pwHatYWrARQ-ZzlZjEpiOr5P_XrJXWPZOcPgV4hK5hTXoU2wyIB0KJF_GrTHfTeLkbn7g48nthoMyH5iJRy0T3kt84-R0z3xOzHX0yasIg9dbVkkr5_eczXo_NVXQZ-SfawB1okXltx81_BZP8O77OQFuOW-WirJG20eni-C7MNsmb0pMSvhokeeNILmbDWXjwcNeRAMjo&sai=AMfl-YTRDVPTFkt2TTHVFmI2c2xIgJUKqSIjdpVEjqZeDnhmui8JWZeGK7nRXDLr3_x4Lb1bbEFvQuFE0x_MxeoC4xNzK5D0o6ISPjwFvrdXTr1Q36Unj_-fBa0KEA6Mtlhq&sig=Cg0ArKJSzOsEGln1pk8cEAE&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Jun 2021 15:22:39 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 527E 63 KB
21 KB 57ms
54ms Script
text/javascript 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

d14abb44a7716fc2800014e868021b15da2b75db9703de98e54ed31de56a4241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "905 / 757 of 1000 / last-modified: 1623928601"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21761
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 527E 122 KB
37 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:39 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:39 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9E81 0
0 59ms
53ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuN5DUbpKWd6TJSrL5bZ_e-oQlSeuzPsgUD2FR-rgTmqDaRNdjIqXiqrtEeFGKPrG6ElZwttH_AkW-CHmoG88qa0CIeSP-8nOJmJiO8RHVlwbtXdZKm_PP0x5J9oTq-J2aMPCzDvoW1QZwM7s6YyX4zCH1h-134RMZPAXUUWsPHKq6Ytv-SPKb4ShEOgbLwMfs6z9aKdECl7LQl5edBuvt0UUrcdxeJWCnpL3H6joJRF2e67kWqzTnTpfN1Lh99hsZxGETRT8JgiLRjd1YeHVPXJlTr2ims24WrhwWpbaD5K2uy1SUbBZPplPDrJnZsR5yFNFPc6ESHuPbLqM&sai=AMfl-YRUYIBRtYfYpIF1E4M2jS2WDVT8CytGaVtBL4s4KF4-y_oyfZoV6F09Lfrato_BXLWmXG4iTiRpbcZpVCnvu4f1p0vLxcTNf-PtgqUxLj_9er0-MPjTt6WY35G1GBM&sig=Cg0ArKJSzHv9DZEwbT4EEAE&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Jun 2021 15:22:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E81 122 KB
37 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:39 GMT

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 2 KB
1 KB 257ms
249ms Fetch
application/json 61.91.93.188
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getJooxBannersQuery&variables=%7B%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%229d7bf40fa4e39e4e741ae8d00d5c35059c84ee45%22%7D%7D

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-188.static.asianet.co.th

Software

nginx /

Resource Hash

346b47cc32af221672e98b0ec2811bc32b5cc578fe7de77118d80e1cd6d3e294

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 17 Jun 2021 15:22:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Origin
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://www.sanook.com
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 696ms
283ms Preflight 61.91.93.188
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-188.static.asianet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sanook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 17 Jun 2021 15:22:40 GMT
Connection: keep-alive
Access-Control-Max-Age: 300
X-Cache: BYPASS
Vary: Origin
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security: max-age=15724800; includeSubDomains;

GET
BLOB 200
OK 21a7bda6-7e0f-4297-9e46-1c3f7822ed96
https://www.sanook.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sanook.com/21a7bda6-7e0f-4297-9e46-1c3f7822ed96
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 558ms
556ms XHR
text/plain 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=3971575866882168&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1130x250%7C1090x250%7C970x250%7C1x1&prev_scp=category%3Dall&eri=1&cookie=ID%3D4f93ea7983d9efb8-2208c15064c80076%3AT%3D1623943359%3AS%3DALNI_MZNpq8ioW2f6MiKvIBuet1g_WbT5g&bc=31&abxe=1&lmt=1623943360&dt=1623943360034&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=255&adys=75&adks=2010139517&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1090x-1&msz=1090x-1&psts=AGkb-H_aeP1RfZSQLxicH5xZLD04iR8hkuUffOCMRyGTtmbBQnQ9WIAlAah9ftQD6nrWnSw4N7vKGPfqkBxGBk5jai1Ie8jH81Biz6Od1V14T2u_7cqwiAMiZjw%2CAGkb-H_BfKZg80vN1fpF3SfaYMAmjXbihDZ7-y_gz89pnZYJvz17IyXUC34ee68Lsfel-eHp32WRJjPEVFKT_F_HSDBn_at9Fz0DGl3ZoEBHFcY%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=4&ohw=1090&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a6bcc9a15c4f7b2e65d2b24ef72efa9e373791cf4bd9576c78a9c53009a9aadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8707
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 o_1eu83pcof1g21aqe4nv1n1g3gib.png
img-as.fsanook.com/files/uploads/ads/dfp/20210211/ 32 KB
32 KB 81ms
22ms Image
image/png 101.33.11.45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-as.fsanook.com/files/uploads/ads/dfp/20210211/o_1eu83pcof1g21aqe4nv1n1g3gib.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.33.11.45 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: NWS_Oversea_AP /
Resource Hash: 60fad079dc91b61a311881988011fcfee25a6f5e9899a937e6e7294c5bd0c442

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
last-modified: Thu, 11 Feb 2021 08:37:07 GMT
server: NWS_Oversea_AP
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 844a7cc2-fd43-4cd3-90de-7c3479d5af8f
accept-ranges: bytes
content-length: 32418
expires: Sat, 17 Jul 2021 15:22:39 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
13 KB 519ms
517ms XHR
text/plain 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=781487305346815&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Crecb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&prev_scp=category%3Dall&eri=1&cookie=ID%3D4f93ea7983d9efb8-2208c15064c80076%3AT%3D1623943359%3AS%3DALNI_MZNpq8ioW2f6MiKvIBuet1g_WbT5g&bc=31&abxe=1&lmt=1623943360&dt=1623943360085&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=1863&adks=3963815495&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H_aeP1RfZSQLxicH5xZLD04iR8hkuUffOCMRyGTtmbBQnQ9WIAlAah9ftQD6nrWnSw4N7vKGPfqkBxGBk5jai1Ie8jH81Biz6Od1V14T2u_7cqwiAMiZjw%2CAGkb-H_BfKZg80vN1fpF3SfaYMAmjXbihDZ7-y_gz89pnZYJvz17IyXUC34ee68Lsfel-eHp32WRJjPEVFKT_F_HSDBn_at9Fz0DGl3ZoEBHFcY%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=4&ohw=300&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

896cf85f87c399105e58561f2c31b353ef3fc91b6180d5cb92ffa376a723b371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12960
x-xss-protection: 0
google-lineitem-id: 5609315470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339156757
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6489 52 KB
17 KB 71ms
22ms Document
text/html 151.101.113.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sanook.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=1807299555491511333; icu=ChgIvrdKEAoYASABKAEwv9GthgY4AUABSAEQv9GthgYYAA..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Jun 2021 04:37:16 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 17 Jun 2021 15:22:40 GMT
Age: 38724
X-Served-By: cache-lga21925-LGA, cache-hhn4046-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 775649
X-Timer: S1623943360.171775,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9862 52 KB
17 KB 61ms
16ms Document
text/html 151.101.113.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.sanook.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=1807299555491511333; icu=ChgIvrdKEAoYASABKAEwv9GthgY4AUABSAEQv9GthgYYAA..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Jun 2021 04:37:16 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 17 Jun 2021 15:22:40 GMT
Age: 38724
X-Served-By: cache-lga21925-LGA, cache-hhn4066-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 773253
X-Timer: S1623943360.166820,VS0,VE0
Vary: Accept-Encoding

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
15ms Script
application/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
17ms Script
application/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 769ms
767ms XHR
text/plain 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=3601496744186260&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&prev_scp=category%3Dall&eri=1&cookie=ID%3D4f93ea7983d9efb8-2208c15064c80076%3AT%3D1623943359%3AS%3DALNI_MZNpq8ioW2f6MiKvIBuet1g_WbT5g&bc=31&abxe=1&lmt=1623943360&dt=1623943360122&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=924&adks=3191418387&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H_aeP1RfZSQLxicH5xZLD04iR8hkuUffOCMRyGTtmbBQnQ9WIAlAah9ftQD6nrWnSw4N7vKGPfqkBxGBk5jai1Ie8jH81Biz6Od1V14T2u_7cqwiAMiZjw%2CAGkb-H_BfKZg80vN1fpF3SfaYMAmjXbihDZ7-y_gz89pnZYJvz17IyXUC34ee68Lsfel-eHp32WRJjPEVFKT_F_HSDBn_at9Fz0DGl3ZoEBHFcY%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ce0a25dc618c0bfbc4bd472a7ffad89c9c2f386b3f0d9e396b0a70bced07ed26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8537
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9E81 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c28c0bea0fa5730a0a1c07a00d822c5cfcbba07c9619f92595f733f4732a761

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9E81 0
0 83ms
55ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurHgLWAWZzqsm43rCv32XzH-tnqpcdBDju0n3G3LQq0SMu7qHo4ci5awRug6iHvKpv8lN8aFXZEGQTA7SIXscSjzvu1-wWzy0mBIUawwz9noXxbx3urVL5UrrnNWxPe1UZSACoa0icvMN51hI_SXQd1pgWFfi3e-Nm6xJnVdBPXl5dTtIgON51cNJaaZ0HPcrkKpoO-rmAnLuALMW4hrQ3cWsTKg5atYOv5r-tkgXmuoWJGhqCFbxTwwoUzKsGxX0oWuF_FGCSS2TRyvy2YHEddKCYhyIrkjxY-R2uD_3mzb7opmiRfPxg_d14780o3Ov88MPCypuaaksMQjR7TQ&sai=AMfl-YRkzoQKA32F4hKW-rIl5_mSBN9gOnq6NgNn3BO9ZqboKaER8tkgzfgZw5eag9a6_pNTkHY-bEllvNc4frWOX3itSYMcEJgIeu7D5feYQarcNXf_CbTq6EFtPV_Wwks&sig=Cg0ArKJSzCgZFaVmEM8zEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Jun 2021 15:22:40 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
0 67ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=sanook.com&host=www.sanook.com&success=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 9552 191 KB
55 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:803::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 209602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 9552 12 KB
5 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:803::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 209602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 9552 87 KB
27 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:803::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 209602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 9552 4 KB
2 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:803::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 209602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 9552 41 KB
13 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:803::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 209602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
DATA 200
OK truncated
/ Frame 9552 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15980f681ddb5e251b4e0ad65b79173af6f042e2d33edb41d496c3c276eb6a6e

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14006368914855997490
tpc.googlesyndication.com/daca_images/simgad/ Frame 9552 41 KB
41 KB 34ms
9ms Image
image/png 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14006368914855997490

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

97366ccdc6b19deea73abc010d5f78af83b22403e122129e1ed250d2ba35f004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:39:30 GMT
x-content-type-options: nosniff
age: 463390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41929
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 05:36:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:39:30 GMT

GET
H2 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9552 3 KB
3 KB 34ms
9ms Image
image/png 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 05:30:24 GMT
x-content-type-options: nosniff
server: cafe
age: 35536
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3306
x-xss-protection: 0
expires: Fri, 18 Jun 2021 05:30:24 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9552 344 B
828 B 33ms
8ms Image
image/png 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 32689
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 18 Jun 2021 06:17:51 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9552 0
0 62ms
59ms Image
text/html 216.58.212.162

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj4x3v2jLYPOENN2KjuwP5bO7QO7Gm_lg_tLes5QK0fHzi-MXEAEgr9HbH2D1lc6B4ASgAdTsxskDyAECqQIcgMH2YQu0PuACAKgDAcgDCKoEwgFP0GRacCXdVzO18EsyXJZdPOFmZm4zL3q6DMbkmyR58BF_-qJiU2r8jKYqgVeMMZZjRBbDwd3AdLiME2WoHc8vfJDXnBRM4POMVzerSkbc8msc_QqH8q9ePfAqzEG1CHIOm0yxIU7GAYLp97Uf1kePmupnSmulPb3myGuudIpTwrElnklmiOk_Bwbb04H9-Hs51S-4ADv4Vw5RLJf7cI-bipA4jclGAdOpqTRgXq4BvE4_8FbzI3XclfBgWQWshfhPjcAEv4zKgZ4C4AQBkgUECAQYAZIFBAgFGASgBgKAB5STuTaoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQjOsH0ggHCIBhEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi02MTY3MjM4NzEyNzI5MDMy&sigh=1e0vQ2NFKzo
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 hub.js Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 1153 8 KB
3 KB 265ms
264ms Script
application/javascript 150.109.206.145
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

Referer: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 18 Nov 2016 04:14:33 GMT
server: Lego Server
etag: "582e8029-1e6a"
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 17180741765063747599
accept-ranges: bytes
content-length: 2483

GET
H3-29 200 pubads_impl_2021061505.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 527E 326 KB
114 KB 63ms
48ms Script
text/javascript 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

097fd71be450d266fde4a961b060bbe7e758e051c2a06c7888e444b96ea67d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:12:59 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116947
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:40 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CE5B 4 KB
4 KB 121ms
39ms Script
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17440466&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 678bca8a699320e0bd46136b88ee78c9e5525d9f81a809383e8b6a909fcede5b

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:38 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5968
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b2260cb-68c0-4d00-aa4f-2877330b7187

43 B
106 B

40ms
28ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b2260cb-68c0-4d00-aa4f-2877330b7187
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 17 Jun 2021 15:25:02 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b2260cb-68c0-4d00-aa4f-2877330b7187
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 17 Jun 2021 15:25:01 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5968
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yopam8qCWsnRgl-fz9wUyc6KAJvRjwzBz4jJMZ9Z

43 B
122 B

57ms
50ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yopam8qCWsnRgl-fz9wUyc6KAJvRjwzBz4jJMZ9Z
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yopam8qCWsnRgl-fz9wUyc6KAJvRjwzBz4jJMZ9Z
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 5968
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22

35 B
376 B

45ms
40ms

Image
image/gif

37.157.2.236

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=22

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
server: nginx
location: https://c1.adform.net/serving/cookie/match?CC=1&party=22
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 5968 70 B
264 B 48ms
47ms Image
image/gif 13.248.242.197

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=9ad39758-722d-327a-6e72-e1e725175ce5&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN (),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5968 170 B
243 B 106ms
53ms Image
image/png 142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjZiYzQ0OTItYmI1YS02Y2RlLTdiOTItYmI1ZWVmZjU5Mjg1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5968
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEFedekC2nKNQxgvrLvPyvg&google_cver=1

43 B
106 B

29ms
29ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEFedekC2nKNQxgvrLvPyvg&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEFedekC2nKNQxgvrLvPyvg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame B1B8 2 KB
3 KB 123ms
59ms Document
text/html 2.18.234.21

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 391b9bd107cd37096dc2ed770bb52e4f34d577f54dee4319f563ea482ce6f8b6

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YMtov9QCPYvO9ae5qL0nGgAA; CMDD=AAjC5AE*; CMST=YMtov2DLaL8B
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|241|230|221|176|196|3
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1751
Expires: Thu, 17 Jun 2021 15:22:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:40 GMT
Connection: keep-alive
Set-Cookie: CMID=YMtov9QCPYvO9ae5qL0nGgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 17 Jun 2022 15:22:40 GMT CMPS=3269;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 15 Sep 2021 15:22:40 GMT CMPRO=1203;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 15 Sep 2021 15:22:40 GMT CMRUM3=e660cb68c02760&dd60cb68c02760&2760cb68c00b40&2d60cb68c005a0&b060cb68c005a00&c460cb68c005a0&f160cb68c005a0&0360cb68c005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 17 Jun 2022 15:22:40 GMT CMST=YMtov2DLaMAB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 15:22:40 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 15:22:40 GMT

GET
H3-29 200 container.html Show response
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E66 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:811::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 17 Jun 2021 15:22:39 GMT
expires: Fri, 17 Jun 2022 15:22:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33C0 0
0 60ms
59ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNgoQjK7e7oJ0ps1uhJciZlbX7EzVaa7-ZQdobtBCw3GtZgiBmM8R3MMO76JLPgfe16vabzm8DivCNd_c_v8_0hSiQyBK3JNiyM6Bd2nJJF2kZScuCa2EOZvcxBwzLdRJQ8TwVPrcmcoKPR-qukeKjZMLypnNUnstbof3ZM_o5wMd4dVyW2WTmAm8s9OUfHe2KP4EsEYZaOWi-xe1JHBhS_UCjgxVgLFM8zf9cscx_I_1oGLJb5nmmJVLo1OX-zYShwvvAP0iY4seTucRd5JW7mf1XPKqR4Qy1SmRvccK6kXviEKluUBOjppmtVU8IxLD7C6A&sig=Cg0ArKJSzJ222hVtfXFOEAE&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/ Frame 33C0 17 KB
7 KB 45ms
6ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

b30a5db854ba342c274c09d698a14b5e44e33659edce46b9f74784f7fa21955d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7073
x-xss-protection: 0
server: cafe
etag: 13534463047637254567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:22:10 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame 33C0 3 KB
1 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:22:18 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33C0 122 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 33C0 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFFepzTJlylJraSDNXdlkF-N5nD7DCdjyOPjhUVR14_vssyOCZ2v4zoAf5OQcb4HVbh7Nkn80Hap_0UZhmF5t8aNmXkA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 o_1etk363k81t221erpke817mdpb.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20210203/ Frame 33C0 79 KB
80 KB 25ms
25ms Image
image/jpeg 101.33.11.45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-as.fsanook.com/files/uploads/ads/dfp/20210203/o_1etk363k81t221erpke817mdpb.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.33.11.45 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: NWS_Oversea_AP /
Resource Hash: 5d23cbd2a9a33bd91cc49c18cec7e2ea6c1b0650c19c418d533c0c9083cad8e5

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Wed, 03 Feb 2021 14:01:37 GMT
server: NWS_Oversea_AP
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: c54dbe8e-bd7b-4113-89f4-e02776060698
accept-ranges: bytes
content-length: 81060
expires: Sat, 17 Jul 2021 15:22:40 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9862 0
752 B 48ms
34ms Script
text/html 185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN (),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:40 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid: 58f09654-7545-4fde-9db2-6bf197fe6a91
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame B9C6 35 B
467 B 43ms
39ms Document
image/gif 37.157.2.236

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=AE364A24-AEF4-4146-A1D8-E917BB7839CF

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=AE364A24-AEF4-4146-A1D8-E917BB7839CF
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:40 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=4481914123120438595; expires=Mon, 16 Aug 2021 15:22:40 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2329
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801

42 B
518 B

116ms
31ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KRTBCOOKIE_1101=23040-6974783621786957973; PugT=1623943360; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-4690034062060225801; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:41 GMT; path=/ PugT=1623943361; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:41 GMT; path=/
x-lat: lhrpug011:0:309
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 28D9 43 B
347 B 138ms
33ms Document
image/gif 178.250.0.163

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Thu, 17 Jun 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1196
date: Thu, 17 Jun 2021 15:22:40 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B171
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973

42 B
520 B

97ms
27ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=AE364A24-AEF4-4146-A1D8-E917BB7839CF; chkChromeAb67Sec=1; DPSync3=1625097600%3A201_197_219%7C1623974400%3A174; SyncRTB3=1625097600%3A56_54_8_22_220_13_161_81_55_3_166_21_7_71%7C1624492800%3A223_15_2%7C1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:40 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6974783621786957973; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:40 GMT; path=/ PugT=1623943360; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:40 GMT; path=/
x-lat: amspug002:0:367
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 17 Jun 2021 15:22:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6974783621786957973; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 2CAD
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZGwwN0JsdElBQURIaUZySjhkUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZGwwN0JsdElBQURIaUZySjhkUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

37ms
37ms

Document
image/gif

52.209.246.140

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.246.140 Dublin, Ireland, ASN (),

Reverse DNS

ec2-52-209-246-140.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AACdl07BltIAADHiFrJ8dQ; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Thu, 17 Jun 2021 15:22:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Thu, 17 Jun 2021 15:22:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
set-cookie: IDE=AHWqTUlgK9MDBhh5v1q1yBkRT-I4cVR7Gv0vVVuP5XbLtaVG91sIMwSvA1Y22ikIg0s; expires=Sat, 17-Jun-2023 15:22:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CE5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rjZKJK70QUah2OkXu3g5zw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

37ms
35ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=122489
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sat, 19 Jun 2021 01:24:10 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b2260cb-68c0-4d00-aa4f-2877330b7187

0
369 B

104ms
25ms

Image
text/plain

185.64.189.114

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b2260cb-68c0-4d00-aa4f-2877330b7187
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 17 Jun 2021 15:25:02 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b2260cb-68c0-4d00-aa4f-2877330b7187
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 17 Jun 2021 15:25:01 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame CE5B
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=AE364A24-AEF4-4146-A1D8-E917BB7839CF
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=31c436ec425565a261519396812994a7
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=31c436ec425565a261519396812994a7
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=3c59c16a-1a06-4cb4-be13-f1834f838c79&icm
https://spl.zeotap.com/?zdid=1332&zcluid=3fff020ad3aeb4a2
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHUtp-hsbQ-80Rlv6vsxnhE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0...

95 B
188 B

92ms
90ms

Image
image/png

2606:4700:10::6816:1957

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEHUtp-hsbQ-80Rlv6vsxnhE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zcluid=3fff020ad3aeb4a2&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 660d46624a9116e6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0abc2a516a000016e6b50cb000000001

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHUtp-hsbQ-80Rlv6vsxnhE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zcluid=3fff020ad3aeb4a2&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUUzNjRBMjQtQUVGNC00MTQ2LUExRDgtRTkxN0JCNzgzOUNG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

98ms
33ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:594
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2Ng1EThtomNH5wavw6Ko4&google_cver=1

42 B
280 B

98ms
32ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2Ng1EThtomNH5wavw6Ko4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:456
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2Ng1EThtomNH5wavw6Ko4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame CE5B 43 B
611 B 121ms
24ms Image
image/gif 159.253.128.188

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN (),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 16 Jun 2021 15:22:40 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7444902178821496912

42 B
233 B

25ms
24ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7444902178821496912
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:477
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7444902178821496912
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&gdpr=0&gdpr_consent=

42 B
340 B

37ms
34ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:422
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 17 Jun 2021 15:25:02 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 17 Jun 2021 15:25:01 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0432562f-926e-4677-88ae-c9807d3e9cec

42 B
292 B

46ms
34ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0432562f-926e-4677-88ae-c9807d3e9cec
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:385
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0432562f-926e-4677-88ae-c9807d3e9cec
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1807299555491511333&gdpr=0&gdpr_consent=

42 B
209 B

99ms
32ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1807299555491511333&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:417
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:40 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.179:80
AN-X-Request-Uuid: 1198be37-0fb0-46a2-b7b3-20b8251cd984
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1807299555491511333&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 AE364A24-AEF4-4146-A1D8-E917BB7839CF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CE5B 43 B
837 B 127ms
31ms Image
image/gif 2a00:1288:110:c305::8000

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/AE364A24-AEF4-4146-A1D8-E917BB7839CF?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/58292/ Frame CE5B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=&verify=true

0
584 B

30ms
29ms

Image
text/plain

18.156.0.31

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=&verify=true

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 15:22:41 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Thu, 17 Jun 2021 15:22:40 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X

42 B
270 B

127ms
32ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:422
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=&_test=YMtowAAB4BFG9AA4

1 B
390 B

48ms
25ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=&_test=YMtowAAB4BFG9AA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:452
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1623943361.119308,VS0,VE0
x-served-by: cache-hhn4059-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=&_test=YMtowAAB4BFG9AA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame CE5B
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

43 B
145 B

30ms
28ms

Image
image/gif

35.156.158.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.158.150 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
date: Thu, 17 Jun 2021 15:22:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2845108476452106797&gdpr=0&gdpr_consent=&us_privacy=

1 B
342 B

45ms
34ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2845108476452106797&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:411
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2845108476452106797&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame CE5B 0
104 B 116ms
63ms Image
text/plain 2a02:fa8:8806:16::1400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

26ms
24ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:39 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:341
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 17 Jun 2021 15:22:41 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=

42 B
231 B

34ms
31ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:372
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:40 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6489 0
752 B 48ms
33ms Script
text/html 185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN (),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:40 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid: e4152977-f16b-428d-a9c3-874561c4c3bf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9552
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

17ms
15ms

Image
text/html

2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 527E 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 527E 418 KB
22 KB 81ms
81ms XHR
text/plain 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=505708472549781&correlator=2895267664139148&output=ldjh&impl=fif&eid=31060439%2C31060783%2C31061040%2C31061279%2C31061422%2C31061481%2C21068110%2C31061004&vrg=2021061505&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=21863666334%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D4f93ea7983d9efb8%3AT%3D1623943359%3AS%3DALNI_MZUzxxtEaWwd6tOXOlp3IrMUC19vA&cdm=www.sanook.com&bc=31&abxe=1&lmt=1623943360&dt=1623943360953&dlt=1623943359905&idt=971&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1033481451&ucis=vymszu8jnf6p&ifi=1&ifk=2895095238&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1723804817.1623943361&ga_sid=1623943361&ga_hid=241796544&ga_fc=false&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

62689a2ba5327bbf1d225f66c3de6506816831bbdb326864992abaab063e2a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22581
x-xss-protection: 0
google-lineitem-id: 5546075965
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138331849821
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 527E 0
0 34ms
13ms Other
text/html 2a00:1450:4001:811::2001

General

Check archive.org

Show headers Download Go to

Full URL: https://a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 14006368914855997490
tpc.googlesyndication.com/daca_images/simgad/ Frame 9552 41 KB
41 KB 15ms
8ms Image
image/png 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14006368914855997490

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

97366ccdc6b19deea73abc010d5f78af83b22403e122129e1ed250d2ba35f004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:39:30 GMT
x-content-type-options: nosniff
age: 463390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41929
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 05:36:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:39:30 GMT

GET
H3-29 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9552 3 KB
3 KB 17ms
12ms Image
image/png 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 05:30:24 GMT
x-content-type-options: nosniff
server: cafe
age: 35536
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3306
x-xss-protection: 0
expires: Fri, 18 Jun 2021 05:30:24 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9552 344 B
368 B 6ms
5ms Image
image/png 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
server: cafe
age: 32689
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 18 Jun 2021 06:17:51 GMT

GET
H2 200 container.html Show response
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C20A 6 KB
3 KB 17ms
17ms Document
text/html 2a00:1450:4001:811::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 17 Jun 2021 15:22:39 GMT
expires: Fri, 17 Jun 2022 15:22:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33C0 0
0 61ms
59ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6vNCYctGulQPUmkgBDGNje19E5CCpsOf_MwpFp047QK--T6MqeiC-_PLxrxGU5E8OXuAufNs5BNnEfvApvqilUKaPfQf3Geb12ykPUXD-CzT55_jtLlx1wlf60csruhUTB8nsjipkGYc7uQcOO3MCnq-PSopKOMU2ZbLviy9fBkqMvRucrDFNvHJJS4EskvY6ZTn57wohMho_ZRVOvvH5ON0r6SDiL8Dw9N1rf2WSmg5cnPn01qKK5XbPtcHGTCQJoOviHmDgz4N3gA4NsKlRB5DOu57y1rZNUbvOyfmnXhAORHL0GwcP3gT6LQfcBEMNCnXTAw&sig=Cg0ArKJSzBi5ediAFW4uEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Jun 2021 15:22:41 GMT

GET
DATA 200
OK truncated
/ Frame 33C0 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51748a5942d66b489df0745ec6fb22fd8930d2b62fc06c448a1bd3168b5d99c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C6C5 478 B
251 B 24ms
22ms Document
text/html 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUlgK9MDBhh5v1q1yBkRT-I4cVR7Gv0vVVuP5XbLtaVG91sIMwSvA1Y22ikIg0s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 17 Jun 2021 15:22:41 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3E66 66 KB
25 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dtl2X51e3HAK0NRHQ94m0GVYUXleu8-ktpZ72IJ8u1qTC9EnaxE00SarFszrDwCidHaqlYE4yJ48GOjLPu6w1SWaYpWM-Zf5nrJMdmBdtyvpZeFUiyPd81uOS5OM839TL3sKckXdZ-ydXW6JV4AGGMyPwFbw&dbm_d=AKAmf-Cg4o1eBLHPF-MbsYWdgM0cCXOnrcZFZes0-e0vzbXkXc9mg9MjAhsZpMs6jdarOxO-_1gKCcX_jyI3PGYyGNMexbUDd_swBHEPdgeroSepqCVw6x9XRl3nJ4u5fQWmx_5iMMvjRVdqBnJlaCKEzgX_cfR4ncvPBPFWWchBHZQJ-dP-RhKcG1xwiIUn_2yoQLHxztMLQK5pw181XuJoSdycUCm9VcUYfszoSK45C2pKhm4e68SFKN8Tj3IBIZji0GpdPK1WKONLeFohbknOjH1567RQmyuZYbh7KsfpH4GcYSrdoU1O0jf4eCzLNhIkQ6JlXo7tZ9ZRs_sSUmik9sOm1IOWbNYGz4-sI0msEAvBNcjNLnX1tIigbrYnfl2gJVHK2_Bdf_8jf0tY_yqomu7H3zC2OfTGzCCYVQ7bnkgTc9EJzC4zuUyuIBOjomiW9QjUq1mpYjDaB9F0BhrzSVfS45qEOjvTmiybQlFNZb8hkrf1isNOiu_TZL90blp9fj6Q95YoQtUkhdtE4u5WJwIqBJ1xPVBqbwkMdPkMJWuwFnU508IrpTmjZ773qKOLw7C76d0gaVEDHzO_7eLozDzE7psAP1IlZvfohuCQFHuqYjUsPjbbQiKGpqICAGWGmcea9P7Sbqhi71kTyDmnnAozsW3ltOnPaaGEfjC3sDIv0XITLddfJY5y7bkKoT3KhsEmcN7pWBzJYEWtESvksWJqkj07K9hN1kp01lUaeNq10ugL3Pkbp40tuEaLSYXy2TLYJkey6YVvsPIVc6IMOvM0KjONNqMgwgmQ5DB4YiF65GCjgTsz30S_LIB1t7XvuV6enJB_OT0udVzdq1e445BTs5UVUFxuNQEL_UvuEx2wnfoGvQ96UocatrFtNUchozR3eEL20qPpQ_hRDb3nLVe16n1ko3kxKeaOeOrbtDFQtbR26vSXKVD_i2ElmUOodyxto_Rhz94oQ6UzHM6CMuMy6ExpJ3nBnQXTSjDYGlhqcdghMwndOCgLIeQJKNb3Fiys9qkHApavGe6pVu2_olmiVTDZMw9sJT3OZuJSY_7DnKvmKrb6OUYD688Ylg6-bPqmsOcp5wzKBkEXBPEw-gcE4mcN3HQh2qIUfGl19idChLOsSLZ33jdpU7uHmwXan7JQJ3lamHK7-t0uOkGJoG13mASqGbUzd5lk9yf1l6-IplX4FiHZSrS6COnWWGVpS0vTpmXOF-7zU8jDTHXoNK7NOJKgSFhzt-RrvwQBJ4hkvzxt-xcgTlZp8NJK_GWNSlsimoPJhmrqzRCvusxVahCb1ysfH3IjTjp6kBTmSznMattPNdz7kWL5zSjRxc5UXnpPg-8fX593Gims6EiTuoYxp6gHRy3ct_wPuaq34LT24_iumkkwu2ViCmSAcVjanj8WfS6sfM4AhvHUD89dbB-FSFaI25UF7ciaNe-ndzcx3Y94X0RvAYWtwOpfd4Whke0D_3StVRtJaG2FQQYqHK_cnfUPEQIkIwpImJFgfrHatPP1Lbb4zp3kM0Rsc4IgEbQZSkg_R6DLMffZVntQ2lzV53Z9HPy3jMNzr1BlnTY6TAYblyWLUfSdFUSR0w3XjVmrqqNyQ0PRhFpI2YQ_4Y_aXGrh2om45hXE4Ih_Xwq6CyrP8vOzB23xveF8zCBiXBoG7Hx-I5sD54bRFp_FQdEoNc964r3wLRhLS3BAA3sZ5BhV6a_qJ1-54xLdYquazvIrX5LmR7Q2xKJfTra42tRrHCUNEYzXksMl8wqJTTrt0pCp5Q2fuyxXwZ5OZOKJprdmJSagls3u6FNhbT9zlfTTEOhecrST4V0DHgo9GklTKd3THCtK2nBYtCbRzyERelHVTjjROjCSpPYx9KWI3dW8PeUL0biq_SHpjXL-YTfsycpa77m9uEfxXm-j_JzA6bQpWMrYxLfZ-bHbWcZj1Fpwp_FBCZ3RXirGDhW6wuXcxbaZkEeLt14eXpOJEh3tXI6o61sKId8iMlLSkIv_tCmccnw2RooG-CjMZa_JV8zvtkcCh3M-fs_HOLNxlm3iNcUK-DpK-fTABZEAhsG5lWzkZgRrwhsk_tsiPLSbRgO9B9sJ3l0WKCqOsKnQ99mUcQrjN8lzRUtpQRunJrMYki9mF-sgJ7ewfktXaEa-ehWN5L4QS-pPXlgC_7F5ZaUJzviOap0ltYsizYB-tsGgv-Xx9hAxVvlhfBZ0xckIT11HPXU87pwfOJD1RaRy0zfDiOnSn5C2Eh8SNRdDTELd_wcJyqdyKgArEaXUyqg0XzsyfdkBv8y5D52XYOu3roVbC-sSmHJgjEWI7OkuNWcQzjeAeK2uVBt6wpJAAXwbEwI9f8wmKVo02rIgz_o45iF7r1aEy-DETwDUmLF9zPsKhQ_2CkgGwaGqU7dyawoE8vHFyYH1CY7Y4Zw77AaWwI-FDVxk3mXlQC4G_zywOSaCK-ibRfGBZOBBEP-cr7A0qc0j_Qn4OB3w0bUSjULW8536UrrYSu4f2cehyUKuKbZmHxnnizJ1MZYuLEz6qN_XcsL94gE-Vpvj2bEO8Y-db4Yj1DqNVzTE6Wv6HYye14LOoU-c59cDSDyZvp_tIYZeU5Z5J8SKJdg5CknvDDX4b-pbXZNW4quVBrivy3rQB8Lqw7DiPky97QbNUXp3jpn1jhXIOJVIM8Wfr9hRKVdqD7dob6B5v8aKEX62RnTLQ8mAXF27KELCXlTr-mu7yl0vwGKcORgVgra_XUDDxPhgYyfiuBbeEvQGvdWmWwxQi_qlyKCei2Em6meGUcw1sI2ZNOP9Ic2BY1aieduoAgkCB6HWcatNmfbHE-gGHkOhpy5QzBFNx1y0MvKsnjXohNkDchum9qm4Mx0qpx6bW5B9NLziDVDZIsjIYJPBt6EF8ccknm4SaqlKrnrLOHobicMzGTHqPjqEiII50Dtt7DKy4td7QL2MNub99cS-i1ckbraSPpWs51zmkw&cid=CAASEuRoXy37hcHJhWGq4a2u23hyyg&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f4531c23652f58a8c6e1bf3b03517515df38ebdd06ac48f69432ac02bca3b5b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26005
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E66 42 B
110 B 45ms
44ms Image
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DiirzhfbjnH9sAJZp1cbYg2591qJLWtrOEct6OjYpbYgYpYPfxbd636dI47YlWy-oesGkHVmFbvPy9L4XByprPVh89EnGyJEnUqWtkguyhjTijoYM

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame 3E66 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/window_focus_fy2019.js

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:22:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E66 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:41 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame 3E66 13 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:22:07 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B1B8 70 B
264 B 63ms
43ms Image
image/gif 13.248.242.197

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMtov9QCPYvO9ae5qL0nGgAA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN (),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B1B8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&cm_dsp_id=85&ixi=1&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMtowX6-fDkfLuTo.m8DqwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2

43 B
931 B

44ms
34ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B1B8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&dcc=t

43 B
720 B

158ms
150ms

Image
image/gif

72.21.206.140

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN (),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:41 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:41 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame B1B8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECuujU694ixr7sc2AdBLyQQ&google_cver=1

43 B
315 B

35ms
34ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECuujU694ixr7sc2AdBLyQQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECuujU694ixr7sc2AdBLyQQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tpid=YMtov9QCPYvO9ae5qL0nGgAA%261203
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame B1B8 49 B
265 B 81ms
45ms Image
image/gif 52.30.14.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMtov9QCPYvO9ae5qL0nGgAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.196
content-type: image/gif
content-length: 49
expires: 0

GET
H2 200 113
match.deepintent.com/usersync/ Frame B1B8 0
44 B 350ms
104ms Image
text/plain 169.197.150.7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN (),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:40 GMT
content-length: 0
server: b

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B1B8
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_60cb68c155db9&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60cb68c155db9

43 B
904 B

42ms
36ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60cb68c155db9
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

date: Thu, 17 Jun 2021 15:22:41 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60cb68c155db9
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame B1B8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7da860cb-68c1-4400-b4d2-4193ed8c6ff0

43 B
1023 B

42ms
35ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

Date: Thu, 17 Jun 2021 15:25:02 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 17 Jun 2021 15:25:01 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame B1B8 43 B
425 B 44ms
25ms Image
image/gif 2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YMtov9QCPYvO9ae5qL0nGgAA%261203
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 15:22:41 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2761
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 17 Jun 2021 16:08:42 GMT

GET
H2 200 disc.png
s.isanook.com/sr/0/images/joox-home/ 11 KB
11 KB 220ms
198ms Image
image/png 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/joox-home/disc.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 5800186dfe1f045bf506a3981070d552a8d1da1d9ef16899e1987e57102e7092

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 21:32:19 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 16 Jun 2021 05:00:12 GMT
server: Lego Server
age: 0
etag: "60c9855c-2d12"
content-type: image/png
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 13608978084457184339
accept-ranges: bytes
content-length: 11538
expires: Fri, 16 Jul 2021 21:32:19 GMT

GET
H2 200 logo02.png
s.isanook.com/sr/0/images/joox-home/ 592 B
789 B 402ms
397ms Image
image/png 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/joox-home/logo02.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 4510c424b1e231feccf2d713061ef7b73829f075a9f91a75e49dd3556051d5a3

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 07:13:17 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 1821
server: Lego Server
age: 0
etag: W/"PSA-aj-glsbuxvdic"
vary: User-Agent
content-type: image/png
access-control-allow-origin: https://www.sanook.com
x-nws-log-uuid: 9952048680356691071
accept-ranges: bytes
content-length: 592
expires: Sat, 17 Jul 2021 02:00:38 GMT

GET
H2 200 aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi8zLzYvNjQ5YTFlYTdiODlkM2M2OTJhMGQwYWMwNjVjZGI4MzYuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/ 54 KB
55 KB 384ms
382ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi8zLzYvNjQ5YTFlYTdiODlkM2M2OTJhMGQwYWMwNjVjZGI4MzYuanBn.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e1eea1640a99dad163f68e61551270bfe0548820de1463cf1acb8fe4e7c53c00

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 18:17:39 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 13161503496322788146
accept-ranges: bytes
content-length: 55678
expires: Fri, 16 Jul 2021 18:17:39 GMT

GET
H2 200 aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi81LzcvYzRiNGQ0YTg5M2Y5N2MyOTY2MTA1NmQzMmFlMjlmNTcuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/ 37 KB
38 KB 384ms
381ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi81LzcvYzRiNGQ0YTg5M2Y5N2MyOTY2MTA1NmQzMmFlMjlmNTcuanBn.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 1955fdb95aa4534a05fee4a3084e36f30857e4f39d2ff5aca46f632928365d00

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 10:28:53 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 15396664129105005829
accept-ranges: bytes
content-length: 38298
expires: Thu, 15 Jul 2021 10:28:53 GMT

GET
H2 200 aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi9mLzUvNGIxZmZiZTQxYTQyMzQ0NTU2MjI3YWE4MDZhM2NiZjUuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/ 42 KB
42 KB 922ms
920ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi9mLzUvNGIxZmZiZTQxYTQyMzQ0NTU2MjI3YWE4MDZhM2NiZjUuanBn.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 874abc6a94982dcf142e6b53fc1589ff578b760966a738766d5f0066c6741dbd

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 07:26:13 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 8413370367661260803
accept-ranges: bytes
content-length: 43273
expires: Fri, 16 Jul 2021 07:26:13 GMT

GET
H2 200 aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOS8yLzhlYWVkYTY1NDUwZmM5NjQ1ZDViNjM4OGUyYzQ0YTkyLmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/ 9 KB
9 KB 1191ms
1189ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOS8yLzhlYWVkYTY1NDUwZmM5NjQ1ZDViNjM4OGUyYzQ0YTkyLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 3d44c7e3f4a2a94bad0da6eb43938696afbc8f2a58cb8a74c71200875a0f8bad

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 07:13:12 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 4997451025182869590
accept-ranges: bytes
content-length: 9203
expires: Sat, 17 Jul 2021 07:13:12 GMT

GET
H2 200 aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvYi8zL2NlYTYyMTk4OGJkYjlkZDI2ZTNlOWEyYTgwMjhlYmIzLmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/ 5 KB
6 KB 1101ms
1100ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvYi8zL2NlYTYyMTk4OGJkYjlkZDI2ZTNlOWEyYTgwMjhlYmIzLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 756a4617cc8422cc1474c9e67bcf9eec18604e0e4e4d4217a1384de409636b3b

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 07:13:17 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 15523486822218307410
accept-ranges: bytes
content-length: 5513
expires: Sat, 17 Jul 2021 07:13:17 GMT

GET
H2 200 aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvYS83LzY3OTIzNWY4OGMxYWVhNDJjM2U2MmQyNjRjZTc1NmE3LmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/ 6 KB
6 KB 894ms
891ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvYS83LzY3OTIzNWY4OGMxYWVhNDJjM2U2MmQyNjRjZTc1NmE3LmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 4de2d3b0129049642fc1f0f54a49aa96e79de7c2e3ccf077c5da5ed21437eb79

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 10:58:57 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14687582097806041818
accept-ranges: bytes
content-length: 5950
expires: Thu, 15 Jul 2021 10:58:57 GMT

GET
H2 200 aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOC85L2RkZDM3MGE2NTgwNmE2MTk3NjY0ZDhmYWQxYWRmMTg5LmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/ 9 KB
9 KB 368ms
366ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOC85L2RkZDM3MGE2NTgwNmE2MTk3NjY0ZDhmYWQxYWRmMTg5LmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 20e9dd5a44bfc6b252fc8aa780dd10f4f60eb0fa45fe3de96fcc81b963224b0c

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:05:49 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14432394755782312648
accept-ranges: bytes
content-length: 9021
expires: Tue, 13 Jul 2021 13:05:49 GMT

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 2 KB
1 KB 266ms
250ms Fetch
application/json 61.91.93.188
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getJooxSidebarEntries&variables=%7B%22channel%22%3A%22music%22%2C%22categoryIds%22%3A%5B929%5D%2C%22limit%22%3A4%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a93e9d353550365d8fc4242253f46aef6a8c21a8%22%7D%7D

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-188.static.asianet.co.th

Software

nginx /

Resource Hash

e23a9250c7455b9e53738ce705913e613af48255184dba0b4847f7561d1a6c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 17 Jun 2021 15:22:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Origin
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://www.sanook.com
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 275ms
274ms Preflight 61.91.93.188
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),

Reverse DNS

61-91-93-188.static.asianet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.sanook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 17 Jun 2021 15:22:41 GMT
Connection: keep-alive
Access-Control-Max-Age: 300
X-Cache: BYPASS
Vary: Origin
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security: max-age=15724800; includeSubDomains;

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9E81 42 B
64 B 67ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfIi18B-FjuQ8eO90DhfJqnp964YtLCpAPZ_GtT6c7C16nUbrtW4KQ-q8MvFqJEpQodJP5sco-EHneMoXmMX6BN2b45XNt6xMuZaot2HQ&sig=Cg0ArKJSzG4NVlCKnmFIEAE&id=lidar2&mcvt=1184&p=344,108,789,238&mtos=1184,1184,1184,1184,1184&tos=1184,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2209700283&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623943359955&dlt=0&rpt=414&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 527E 0
0 58ms
56ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrt_ZfCeXLZldgw83_IClsa3SScOTRVozL59dKAYSN1RBfq9QHXG5vLMb17vcTcY1GlGIbBELuludwvljRGHJMn53HsgSfLcY1DaRr6HHArQaSzQmUyoqt2OoQAlU1AZ0T_Oa_2vvHu4EXTyTrgB55k5GaPfiP5lJHFeMB8KLzHKx9ok9e2f1Y9SxzSMDJxQx3-YGRwlj9c-Sc1tPB9vNpHoMvvy9JFQGz0G7pSlw_OhUgRME0poNtG1w-xWM2uwK_2WqPelj-xYS0HZwhSWDaZsuI8cBtgYFiJCLwguNgtvPfqQ5bim1UPl0my6CGJkbleqC2ccE0GmDbIQ&sai=AMfl-YRPOWTZvbNmbsQZsjgJpt6Obc-KIW3KKl2hjSTJZ0DqKXXT7pKafeJCauO9-tu9lowIrJY1zA7jsPt_zTXy74U8nSs9WzY469jLlRYb1E1PEqmgjxUKFW-h823eI9I0&sig=Cg0ArKJSzAzTAXr86VEoEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Jun 2021 15:22:41 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92F1 0
0 55ms
53ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBjkrqPfRg33zXFMnH6vumDaoxtHrawU3EJtwvXkGdC3fOR0rphxGaIvzLOrS7xay655ufqosrGUjfN_Pq4JUexcGlqbVLIXNz5-x19QwdZsrP-RHEMriAkgoS3omjVXec0foHrxbkBpZJKoVlyO-POBEebSpEe0_DonmWrfWT6az8CvZwpTMoUw2w_JEFkNS2dsWkSbM_Ns8bCmvmIQa4gvzEddUXH4uHSnm4SjPjuvORdm4Nf4nhBcnTOTAQJ1dwRVEAF-h0F0JW-lDCqrcseR5V_Eg6gls3DxTlz2bHmnnHbig&sig=Cg0ArKJSzMeTS2BERxSxEAE&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 92F1 85 KB
30 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 12:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:48:14 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92F1 122 KB
37 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:41 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 527E 73 KB
28 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:41 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 527E 10 KB
8 KB 20ms
18ms XHR
application/json 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061505&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f7b5d1e9db0177888752dd0c53ca76d1f2e94b4831052b5a3c465fefac7bf2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7970
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/722837/54927600/ Frame 3E66 48 KB
14 KB 183ms
75ms Script
application/javascript 52.17.202.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/722837/54927600/skeleton.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.202.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f0871f0a815917ca984a52c4bdb7834994310b382aca767fffc2ae96bf9cdfb0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: gzip
x-server-name: app05.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 3E66 111 KB
39 KB 78ms
37ms Script
text/javascript 2a00:1450:4001:808::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Jun 2021 14:41:42 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/elements/html/ Frame 3E66 8 KB
3 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dtl2X51e3HAK0NRHQ94m0GVYUXleu8-ktpZ72IJ8u1qTC9EnaxE00SarFszrDwCidHaqlYE4yJ48GOjLPu6w1SWaYpWM-Zf5nrJMdmBdtyvpZeFUiyPd81uOS5OM839TL3sKckXdZ-ydXW6JV4AGGMyPwFbw&dbm_d=AKAmf-Cg4o1eBLHPF-MbsYWdgM0cCXOnrcZFZes0-e0vzbXkXc9mg9MjAhsZpMs6jdarOxO-_1gKCcX_jyI3PGYyGNMexbUDd_swBHEPdgeroSepqCVw6x9XRl3nJ4u5fQWmx_5iMMvjRVdqBnJlaCKEzgX_cfR4ncvPBPFWWchBHZQJ-dP-RhKcG1xwiIUn_2yoQLHxztMLQK5pw181XuJoSdycUCm9VcUYfszoSK45C2pKhm4e68SFKN8Tj3IBIZji0GpdPK1WKONLeFohbknOjH1567RQmyuZYbh7KsfpH4GcYSrdoU1O0jf4eCzLNhIkQ6JlXo7tZ9ZRs_sSUmik9sOm1IOWbNYGz4-sI0msEAvBNcjNLnX1tIigbrYnfl2gJVHK2_Bdf_8jf0tY_yqomu7H3zC2OfTGzCCYVQ7bnkgTc9EJzC4zuUyuIBOjomiW9QjUq1mpYjDaB9F0BhrzSVfS45qEOjvTmiybQlFNZb8hkrf1isNOiu_TZL90blp9fj6Q95YoQtUkhdtE4u5WJwIqBJ1xPVBqbwkMdPkMJWuwFnU508IrpTmjZ773qKOLw7C76d0gaVEDHzO_7eLozDzE7psAP1IlZvfohuCQFHuqYjUsPjbbQiKGpqICAGWGmcea9P7Sbqhi71kTyDmnnAozsW3ltOnPaaGEfjC3sDIv0XITLddfJY5y7bkKoT3KhsEmcN7pWBzJYEWtESvksWJqkj07K9hN1kp01lUaeNq10ugL3Pkbp40tuEaLSYXy2TLYJkey6YVvsPIVc6IMOvM0KjONNqMgwgmQ5DB4YiF65GCjgTsz30S_LIB1t7XvuV6enJB_OT0udVzdq1e445BTs5UVUFxuNQEL_UvuEx2wnfoGvQ96UocatrFtNUchozR3eEL20qPpQ_hRDb3nLVe16n1ko3kxKeaOeOrbtDFQtbR26vSXKVD_i2ElmUOodyxto_Rhz94oQ6UzHM6CMuMy6ExpJ3nBnQXTSjDYGlhqcdghMwndOCgLIeQJKNb3Fiys9qkHApavGe6pVu2_olmiVTDZMw9sJT3OZuJSY_7DnKvmKrb6OUYD688Ylg6-bPqmsOcp5wzKBkEXBPEw-gcE4mcN3HQh2qIUfGl19idChLOsSLZ33jdpU7uHmwXan7JQJ3lamHK7-t0uOkGJoG13mASqGbUzd5lk9yf1l6-IplX4FiHZSrS6COnWWGVpS0vTpmXOF-7zU8jDTHXoNK7NOJKgSFhzt-RrvwQBJ4hkvzxt-xcgTlZp8NJK_GWNSlsimoPJhmrqzRCvusxVahCb1ysfH3IjTjp6kBTmSznMattPNdz7kWL5zSjRxc5UXnpPg-8fX593Gims6EiTuoYxp6gHRy3ct_wPuaq34LT24_iumkkwu2ViCmSAcVjanj8WfS6sfM4AhvHUD89dbB-FSFaI25UF7ciaNe-ndzcx3Y94X0RvAYWtwOpfd4Whke0D_3StVRtJaG2FQQYqHK_cnfUPEQIkIwpImJFgfrHatPP1Lbb4zp3kM0Rsc4IgEbQZSkg_R6DLMffZVntQ2lzV53Z9HPy3jMNzr1BlnTY6TAYblyWLUfSdFUSR0w3XjVmrqqNyQ0PRhFpI2YQ_4Y_aXGrh2om45hXE4Ih_Xwq6CyrP8vOzB23xveF8zCBiXBoG7Hx-I5sD54bRFp_FQdEoNc964r3wLRhLS3BAA3sZ5BhV6a_qJ1-54xLdYquazvIrX5LmR7Q2xKJfTra42tRrHCUNEYzXksMl8wqJTTrt0pCp5Q2fuyxXwZ5OZOKJprdmJSagls3u6FNhbT9zlfTTEOhecrST4V0DHgo9GklTKd3THCtK2nBYtCbRzyERelHVTjjROjCSpPYx9KWI3dW8PeUL0biq_SHpjXL-YTfsycpa77m9uEfxXm-j_JzA6bQpWMrYxLfZ-bHbWcZj1Fpwp_FBCZ3RXirGDhW6wuXcxbaZkEeLt14eXpOJEh3tXI6o61sKId8iMlLSkIv_tCmccnw2RooG-CjMZa_JV8zvtkcCh3M-fs_HOLNxlm3iNcUK-DpK-fTABZEAhsG5lWzkZgRrwhsk_tsiPLSbRgO9B9sJ3l0WKCqOsKnQ99mUcQrjN8lzRUtpQRunJrMYki9mF-sgJ7ewfktXaEa-ehWN5L4QS-pPXlgC_7F5ZaUJzviOap0ltYsizYB-tsGgv-Xx9hAxVvlhfBZ0xckIT11HPXU87pwfOJD1RaRy0zfDiOnSn5C2Eh8SNRdDTELd_wcJyqdyKgArEaXUyqg0XzsyfdkBv8y5D52XYOu3roVbC-sSmHJgjEWI7OkuNWcQzjeAeK2uVBt6wpJAAXwbEwI9f8wmKVo02rIgz_o45iF7r1aEy-DETwDUmLF9zPsKhQ_2CkgGwaGqU7dyawoE8vHFyYH1CY7Y4Zw77AaWwI-FDVxk3mXlQC4G_zywOSaCK-ibRfGBZOBBEP-cr7A0qc0j_Qn4OB3w0bUSjULW8536UrrYSu4f2cehyUKuKbZmHxnnizJ1MZYuLEz6qN_XcsL94gE-Vpvj2bEO8Y-db4Yj1DqNVzTE6Wv6HYye14LOoU-c59cDSDyZvp_tIYZeU5Z5J8SKJdg5CknvDDX4b-pbXZNW4quVBrivy3rQB8Lqw7DiPky97QbNUXp3jpn1jhXIOJVIM8Wfr9hRKVdqD7dob6B5v8aKEX62RnTLQ8mAXF27KELCXlTr-mu7yl0vwGKcORgVgra_XUDDxPhgYyfiuBbeEvQGvdWmWwxQi_qlyKCei2Em6meGUcw1sI2ZNOP9Ic2BY1aieduoAgkCB6HWcatNmfbHE-gGHkOhpy5QzBFNx1y0MvKsnjXohNkDchum9qm4Mx0qpx6bW5B9NLziDVDZIsjIYJPBt6EF8ccknm4SaqlKrnrLOHobicMzGTHqPjqEiII50Dtt7DKy4td7QL2MNub99cS-i1ckbraSPpWs51zmkw&cid=CAASEuRoXy37hcHJhWGq4a2u23hyyg&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:18:37 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/ Frame 3E66 22 KB
8 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a39d2ec9bcdaae22f3c1e9ce78d608ccb743b7c52d072d01475e69fd4ef32f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 1523618549969485492
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:18:32 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CE14 611 B
316 B 53ms
47ms Document
text/html 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUlgK9MDBhh5v1q1yBkRT-I4cVR7Gv0vVVuP5XbLtaVG91sIMwSvA1Y22ikIg0s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 17 Jun 2021 15:22:41 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C20A 43 KB
21 KB 52ms
47ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bzd5gyW9GaeeCmm3cKsIXEsCtHzoM9nX83-ads_LOJncAbLeNNq0fENDdR_oszbACEhvMaRFaxOwySCjTm8PaBv_-muDGll_p7a-lBS6oi33m-fR_tKMvY9jqqsXE9Rn2pqbVTRtiOziN_vXtZEe9QXGhGGA&dbm_d=AKAmf-CucHDyVevtvXz5USWEImCMZiRUY0WP6mJPgzqdSyz2qeYr6BiXtf5SrFD3ZqmaQWntckRI9r1Eu9kNb3dpElzIRUjDakexfIppbohovsjveT19J-1zXznFgk0Q9x8Xz6OPssEkRxV_T5JgCvPuPtq6-Ty23BXjoKz8CPm91UV1yANYkmgHlMGdew7EO60nWeIugFmO_68T1VUvgiMEYwjALWa8XQIco_gulhooGnnr7y5qiMd3SShuO-ckX9avd1XhJR_O8q-hr4PIcdNzC__QuQtc2Trp6DXLxOttXX_Ze1Ru-BQnAf_FlaiGA-BQ4p9whDTL52bugqZqoLr_xT9x_If90y2RMOjEUHTH6ufb1DuWLX92c6HJcZQJbsPM_QqyNTf6VM_d-3dTnWLrgUGRN4A1fnbD-Z95NPA-GpXeR4Y0X5dQ19KfrtqoKUHcCVEdITJVEGRDTsGO5-hnmGtafzXYwZHVaLkQjwILYdfIETDuU3AVSCbEIubPhRSyugooyUP97SsvE_EAwuEkCKFlvo5R5Y4EeW_lNIBlPTC2Mitxh0GCkQokPjRnbovyvL0hKdtSkbLeolwdACuyWHl9uNO1Xky6x3047ag4LcjRDGlf7puxzNuMj4MzNtb4SL-tGr7vAikfFh_qsZZ_LhYZP54fqetQvUzhYb7Gzy3bwq0mlZjgdDrixslVEoKzecgCJxKeOIlTOirUT-zefhS-umaQxaMouznhYUh6r6rabDx_gRSfxelj3QBbOmv-X0Ob1JJxhPFr-LPeh8dL0kfBbYYef4xSbyJUJedq0EJJWYEDjN52AqMkn8PO4lzqBhVK-il5qMq1pEEebnj6MH1I0EUGJ2aGQsGc6fVQuabnWKuF4Wz7jZQzlVEm3gb5g47QkE7I3QtsgtiFX6vjVJXsXnniFAW8NOH9OF8ZwFEN57xOBXU1ScFiO2CEknw4aDrV05jheWf-jCuKtpffS_Oosh-mAaMBmfmyHjtOkWmiaLz-pxdirnVe8NWTzupAa_Rlp7RYoqMrz--GzMLOhI_FQ7BgYtbPtT9ssl1iXiqJq7GLSAObEW6C6ZmYjor6j8kzr9AN4plSSIuHFvUs1_8LWj2s7kOHhfmxqSsRqixQcKSItLL4VVOp13n-6DfQKFZFKdwTBDD6q0A1-H3M8CzY7fO0zuKYNrvee57gOaY-xzI9pDyG2WPawOzSV47w6nVpqVPE18Usb0_xQZrnYOxtJO2fnmo8r1zov1WPYottZCIVr1KvTRLGYN8JtkcKFdcEj3D0HcHl1-OAxOAtgpIsD_Hu8nH0vyfZoK7vx7mDefuEWoNsviV52xU4wIQZvypOoXHdiq0ecKSk5heqrwM_ucIIeEWDgpPnUrkxoU9M3bFczpk_XjJnEhfy0bVmMdkbwsAxEPlBJEJYHnFoLEz9_rZBNhJsW9x5jVd3JzzrSyBmKEUYC86HL9oc0RyXzXVJMwHxQwszKGEuXB2fP8-Qya40GMYGN5C_IsZvKu_EONNCuzPYNNLkJXseV5XNjS_rCHXM7GwD0XGPZl3rrLDSW9lebTMiPTSbiRZi_5v_10pztms9bqMyOuVuS9PRD4CQm0Bcw46AQQw7znLi-JRIdzg6Ny4NFcqZ1jmD3Liex_fPkFmSyvhWpOl3cLnERXV3_AmMIDzJcVRhI5KCC-430lulMYtbN3b9vIPgkiZu-UX9SP6DvHwUnCBDtbacSGcHgztbsky8PAwdW-IJVoQUXXW--7y05x7kpXqMvxzoU9MHjqGX_k5jWy4gX2ed9DJZLuBr0svhCG9UErfnKpp4AcAdHdpQCCyIn4q3uH2qHbGbouaLiniFKInMN64ocisCFH9LKs4sIvAaYyPAN_I3kakU7ndLScWOlayKrWRLzvKr8p7Q-MtUoYNT0yY61w0mB8vEsAmaxif3gHjiqsZjuDOoRHJFKgjR9YTR_tgXeN2eSciH2Jbv0sfOi-NXOSOkrtI_gSbn15HHKmCF_cPSCRDrjfP4SzRzUsK-0-bPnia6hRRL40Lln_9V8Hv-hoZtQrJEwRE3QfyNQfXAWBNKxH-OW2qKd1F0iM89ByIbyIL_BZF_MmRLi9fTl3Q_keHAliUywocqljW50QNQCFBoE5OrgImn5YMvp6FIA7LU0H0TkR4_a1IivdSVlHyMtF7MqLYy3ljTQcgGcxXHRpQBvLdRnL9SiUp4hsCRmDL3RiL4RSvIr-Oidz9BpC9VfsfhsiOei61lxYIgvNfHoDsZITklZZzHNExsUSIxm5Iw_DCkFlv8z7XzSn9VpemslRnL91zdJwY81HJSEBoebD32iSGm0FECHpZamO75sulJGAQAXvFcyF3Epmqd155i91oxqnsN0WiaWQNx-qhnaGgm_Fgr8R-lFXN8u828ddlcxl-WNyde-j530ZG3OZYSBD5yt6TYdlJhUo-vTB1QRdfB2bOPXCU1z5N7FxG7vIznl0Vm6rm1hNRXasLeVaieH-UL4GCTecSIZEyfUvOm8G-JeWQhV6zW_-qJXVR5xn8RMB1tw9Ekgwl05cdi0a0GsbefsdFSiRKPW27OWah_6W8aXbXz1y6Fb0285vpDpDKkEGYfy3wsAMO-Jeumtxo_nET1KQ2ct2a9RSxvPbhLE2X4Rw6mdJgu-wEGyT9MXqYBfRBbsrLt29JfhfR3gXlEoupTDD1F10BJZjKZrTPhWFO_og47umpp2qklkNI5xRyLqBlo456s04kj2Qz0J9A_Xti7_9KJUo6l3ejmrIzt5vAWhEXV0gp25oZVRfwehPPnZ76XMe94H_oIrH3VbPDzbv9c1yn1FcynEEYuSr1wLOY4nTPPUTlWBUX3zk5rpXBgx4fJ_UxqLPdRZ1QmsvnduMt7XFezPLArbnayrF75ctCefKLZtkyzK18SfticE9ayuRSyQ4sAZvq-agaq5_UdhKy5zJV4wqqy9rW4aDwqrF2iDVyYNCAFjiFZWdFQv3Nn5t3x77U&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

aa8ed414357cc5d42fb3b8530b68f3964b43bb585ffd80c65055a91af19c2b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21102
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C20A 42 B
63 B 53ms
45ms Image
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRcEyvyfzUtkA7tY3l3D4RtUwqwP0l0-Nqs51NXkrMP8kvhKjFSCGNsv1tHsaxsFw3S9XbOwnB8DO2xcYHcxYPgOon9UDCGkdd1Y-bS16-IKPFEKg

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame C20A 3 KB
1 KB 45ms
38ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/window_focus_fy2019.js

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:22:18 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C20A 122 KB
37 KB 44ms
39ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:41 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame C20A 13 KB
6 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:22:07 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
181 B 137ms
30ms XHR
text/plain 185.64.189.226

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 132ms
31ms XHR
text/plain 185.64.189.226

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 131ms
31ms XHR
text/plain 185.64.189.226

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 141ms
41ms XHR
text/plain 185.64.189.226

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 153ms
53ms XHR
text/plain 185.64.189.226

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 161ms
62ms XHR
text/plain 185.64.189.226

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 161ms
62ms XHR
text/plain 185.64.189.226

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 527E 17 KB
6 KB 27ms
17ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:41 GMT

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame C6C5 170 B
188 B 33ms
30ms Image
image/png 142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C6C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1

43 B
931 B

35ms
35ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C6C5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMtowX6-fDkfLuTo.m8DqwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2

43 B
1 KB

36ms
31ms

Image
image/gif

2.18.234.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 17 Jun 2021 15:22:42 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92F1 0
0 75ms
60ms Fetch
image/gif 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs22fVnjVG6sGQRJ3v5wIvi-REQtdHgJLdcaML-M_1IZTGRY_qkmKAaj-LMdRFMDr7b4CVZHZATZa6Gr3MijtIFwrDGlI-l8krEXXqhkr5ucICHtdFhCNUDz7ScYyE-YRaj1QSLbm5b0tIoBI-PeMp9Rs7aMgQ40Rh6jAsdK-wR87gU7Q4ifBKKxoJ--AzjWJKQ6Da7CGbsXceElED523CbblVNCuAl08kIMiOZuODqOy3swJuYEPaUc7S_Qopyau2CNP-9g80q9fNCMmJZZDWUCayEElclnnEYMu9S68hoCuweq3j8Q&sig=Cg0ArKJSzH9W40T30KCKEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN (),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 17 Jun 2021 15:22:41 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 9862
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
824 B

41ms
36ms

Script
text/html

185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN (),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:42 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid: be5dd20b-6ce3-4862-86a2-4d9d4618b051
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:41 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid: 0291adb5-e1cf-4c7e-8068-ab375b626472
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 6489
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
823 B

45ms
40ms

Script
text/html

185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN (),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:42 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.46:80
AN-X-Request-Uuid: 595f0260-1e9b-4dfe-85ab-1c1cb3fa73c7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:41 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid: c81e99b2-d7b3-41e5-aec4-658fab573111
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/ Frame C20A 22 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bzd5gyW9GaeeCmm3cKsIXEsCtHzoM9nX83-ads_LOJncAbLeNNq0fENDdR_oszbACEhvMaRFaxOwySCjTm8PaBv_-muDGll_p7a-lBS6oi33m-fR_tKMvY9jqqsXE9Rn2pqbVTRtiOziN_vXtZEe9QXGhGGA&dbm_d=AKAmf-CucHDyVevtvXz5USWEImCMZiRUY0WP6mJPgzqdSyz2qeYr6BiXtf5SrFD3ZqmaQWntckRI9r1Eu9kNb3dpElzIRUjDakexfIppbohovsjveT19J-1zXznFgk0Q9x8Xz6OPssEkRxV_T5JgCvPuPtq6-Ty23BXjoKz8CPm91UV1yANYkmgHlMGdew7EO60nWeIugFmO_68T1VUvgiMEYwjALWa8XQIco_gulhooGnnr7y5qiMd3SShuO-ckX9avd1XhJR_O8q-hr4PIcdNzC__QuQtc2Trp6DXLxOttXX_Ze1Ru-BQnAf_FlaiGA-BQ4p9whDTL52bugqZqoLr_xT9x_If90y2RMOjEUHTH6ufb1DuWLX92c6HJcZQJbsPM_QqyNTf6VM_d-3dTnWLrgUGRN4A1fnbD-Z95NPA-GpXeR4Y0X5dQ19KfrtqoKUHcCVEdITJVEGRDTsGO5-hnmGtafzXYwZHVaLkQjwILYdfIETDuU3AVSCbEIubPhRSyugooyUP97SsvE_EAwuEkCKFlvo5R5Y4EeW_lNIBlPTC2Mitxh0GCkQokPjRnbovyvL0hKdtSkbLeolwdACuyWHl9uNO1Xky6x3047ag4LcjRDGlf7puxzNuMj4MzNtb4SL-tGr7vAikfFh_qsZZ_LhYZP54fqetQvUzhYb7Gzy3bwq0mlZjgdDrixslVEoKzecgCJxKeOIlTOirUT-zefhS-umaQxaMouznhYUh6r6rabDx_gRSfxelj3QBbOmv-X0Ob1JJxhPFr-LPeh8dL0kfBbYYef4xSbyJUJedq0EJJWYEDjN52AqMkn8PO4lzqBhVK-il5qMq1pEEebnj6MH1I0EUGJ2aGQsGc6fVQuabnWKuF4Wz7jZQzlVEm3gb5g47QkE7I3QtsgtiFX6vjVJXsXnniFAW8NOH9OF8ZwFEN57xOBXU1ScFiO2CEknw4aDrV05jheWf-jCuKtpffS_Oosh-mAaMBmfmyHjtOkWmiaLz-pxdirnVe8NWTzupAa_Rlp7RYoqMrz--GzMLOhI_FQ7BgYtbPtT9ssl1iXiqJq7GLSAObEW6C6ZmYjor6j8kzr9AN4plSSIuHFvUs1_8LWj2s7kOHhfmxqSsRqixQcKSItLL4VVOp13n-6DfQKFZFKdwTBDD6q0A1-H3M8CzY7fO0zuKYNrvee57gOaY-xzI9pDyG2WPawOzSV47w6nVpqVPE18Usb0_xQZrnYOxtJO2fnmo8r1zov1WPYottZCIVr1KvTRLGYN8JtkcKFdcEj3D0HcHl1-OAxOAtgpIsD_Hu8nH0vyfZoK7vx7mDefuEWoNsviV52xU4wIQZvypOoXHdiq0ecKSk5heqrwM_ucIIeEWDgpPnUrkxoU9M3bFczpk_XjJnEhfy0bVmMdkbwsAxEPlBJEJYHnFoLEz9_rZBNhJsW9x5jVd3JzzrSyBmKEUYC86HL9oc0RyXzXVJMwHxQwszKGEuXB2fP8-Qya40GMYGN5C_IsZvKu_EONNCuzPYNNLkJXseV5XNjS_rCHXM7GwD0XGPZl3rrLDSW9lebTMiPTSbiRZi_5v_10pztms9bqMyOuVuS9PRD4CQm0Bcw46AQQw7znLi-JRIdzg6Ny4NFcqZ1jmD3Liex_fPkFmSyvhWpOl3cLnERXV3_AmMIDzJcVRhI5KCC-430lulMYtbN3b9vIPgkiZu-UX9SP6DvHwUnCBDtbacSGcHgztbsky8PAwdW-IJVoQUXXW--7y05x7kpXqMvxzoU9MHjqGX_k5jWy4gX2ed9DJZLuBr0svhCG9UErfnKpp4AcAdHdpQCCyIn4q3uH2qHbGbouaLiniFKInMN64ocisCFH9LKs4sIvAaYyPAN_I3kakU7ndLScWOlayKrWRLzvKr8p7Q-MtUoYNT0yY61w0mB8vEsAmaxif3gHjiqsZjuDOoRHJFKgjR9YTR_tgXeN2eSciH2Jbv0sfOi-NXOSOkrtI_gSbn15HHKmCF_cPSCRDrjfP4SzRzUsK-0-bPnia6hRRL40Lln_9V8Hv-hoZtQrJEwRE3QfyNQfXAWBNKxH-OW2qKd1F0iM89ByIbyIL_BZF_MmRLi9fTl3Q_keHAliUywocqljW50QNQCFBoE5OrgImn5YMvp6FIA7LU0H0TkR4_a1IivdSVlHyMtF7MqLYy3ljTQcgGcxXHRpQBvLdRnL9SiUp4hsCRmDL3RiL4RSvIr-Oidz9BpC9VfsfhsiOei61lxYIgvNfHoDsZITklZZzHNExsUSIxm5Iw_DCkFlv8z7XzSn9VpemslRnL91zdJwY81HJSEBoebD32iSGm0FECHpZamO75sulJGAQAXvFcyF3Epmqd155i91oxqnsN0WiaWQNx-qhnaGgm_Fgr8R-lFXN8u828ddlcxl-WNyde-j530ZG3OZYSBD5yt6TYdlJhUo-vTB1QRdfB2bOPXCU1z5N7FxG7vIznl0Vm6rm1hNRXasLeVaieH-UL4GCTecSIZEyfUvOm8G-JeWQhV6zW_-qJXVR5xn8RMB1tw9Ekgwl05cdi0a0GsbefsdFSiRKPW27OWah_6W8aXbXz1y6Fb0285vpDpDKkEGYfy3wsAMO-Jeumtxo_nET1KQ2ct2a9RSxvPbhLE2X4Rw6mdJgu-wEGyT9MXqYBfRBbsrLt29JfhfR3gXlEoupTDD1F10BJZjKZrTPhWFO_og47umpp2qklkNI5xRyLqBlo456s04kj2Qz0J9A_Xti7_9KJUo6l3ejmrIzt5vAWhEXV0gp25oZVRfwehPPnZ76XMe94H_oIrH3VbPDzbv9c1yn1FcynEEYuSr1wLOY4nTPPUTlWBUX3zk5rpXBgx4fJ_UxqLPdRZ1QmsvnduMt7XFezPLArbnayrF75ctCefKLZtkyzK18SfticE9ayuRSyQ4sAZvq-agaq5_UdhKy5zJV4wqqy9rW4aDwqrF2iDVyYNCAFjiFZWdFQv3Nn5t3x77U&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a39d2ec9bcdaae22f3c1e9ce78d608ccb743b7c52d072d01475e69fd4ef32f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 1523618549969485492
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:18:32 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/elements/html/ Frame C20A 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 15:18:37 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C20A 0
592 B 127ms
63ms Ping
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssq3SyRunOVUp57OPew088gBDCbfcD79lyOYle_gDWHelhOwHIMRwFmHXLt_GG7Y7ffBhBPzUoUtQXRtOqPBzN-7emFrOQ1yNjd9YFtfZl_JizsQMsoOz5pm1d0IEtPLmmTEy6eUhFLu59SGPG9qAFKbrQ4LI1Vz5yokBz5weEb1lkb1NN4E-V6buZG7GcqCqlQlp1m-VujHRwpTD7i-9fcc71BkmYp1HylFPoReY7noM3wDytf-hnD8LWvEebRmaTsHizF0HfGnafZ53LVIdjw-vreTTCO73QBTcYfJWC1r6BXifPZGK3DppK-jiluPyynkA7nLO3coyO7REQ-hw9RmsXe3TDkftUXqxRA-94nvGGADyyAoZ-8Qap42to61s3Kn8qsXYld_EnrPYWwbWNUtSWYcHGWEd4yhOGyB-ecdZDrcFrGmFrWBpgo6Tj0-WqnCWA6TBEJo9NomiAuN0CGH-8BjeUZUMuOFsCQXIDQ0myiIUoBwOpS3788zwlinvVadica7O4ZZOF7H53Er9MujDW8w7F6oqTYDeuFVrUYkvmKB6iJDlxt7elD_PEMlrcJmOJ5zyCyBtR9dEWRobzTQbShLqmPtYLDupZKNM4wvYsEUkkFdtpe8naTXTFwDPAoBciX8rsR86uBzofCDcf_jWQlLHbvZDlzBnq4xq85kkeuUjfFgf022GguoxkjA4KuRN5oQ7CIQdeXigVUElkFyDndLy34MSSBYXftKKqdjeDNiwtg2hkfIiQJlMb7WdOw7EbnS03lUntBJLV6tlRpx2j2Tr7o6UGSP5oQBTTd_6hifc_VuI5nLx14-5xYubnaLGu5TyWdN1zDpKq8P13h77G-lCiXE71eTubgiGJCX3sHN_G4PdWbsWwCgr2Y3kIwPStnpYL_f1qcaQTTMhgHltSlpjNCzF_D7PRZMfHscNo891C7kavW6xs3tO0lHHdvfWV0iF8QhXv5tzlf5uvEbSy8__sh2mPx9fezvIAX5hfIZWzX1LsteYPd1IcDZESyBDSCZcoiUwU_PpQsQXoqino-koTaIPGY8AI5cGSsWDdYCUn1sSMw7fHbut9XA6cmsUgeJadzTZqi3yMHbxPE2vLckYAgDy8YugkRfsqkPpWRzx-PmRq2BJhdgHz4FfHpaEnfKkedpn4ZfuZu-PAMKOuP9GPCuYTp&sai=AMfl-YSoA8T0LamEDvAJCb6SbNRXUt9Gz8f7AEtbeHqmcFwxb63k3BLm22enrlPAVXxoESO4TxIXyO6EWrA7Lm6haCiXx_QMI2CZJsanL___Ps5w08WuJKa7O7blIsy-I4sFyWkoKl4iKbu5jOuxG49c_vC77ciUKQ&sig=Cg0ArKJSzJ_aLdbwW9OUEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210615.26868&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN (),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 17 Jun 2021 15:22:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C20A 41 KB
15 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:41:42 GMT

GET
H3-29 200 x-alps_300x250_DE.jpg
s0.2mdn.net/10662377/ Frame C20A 52 KB
52 KB 54ms
18ms Image
image/jpeg 2a00:1450:4001:808::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10662377/x-alps_300x250_DE.jpg

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b349c8bfd7eec7cb879275d711f5efb8e849546f5d822090c928bbb9841d136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 12:59:23 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 May 2021 15:59:14 GMT
server: sffe
age: 8599
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53286
x-xss-protection: 0
expires: Fri, 18 Jun 2021 12:59:23 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/ Frame 5471 74 KB
18 KB 20ms
12ms Document
text/html 2a00:1450:4001:808::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

af5e9b35433ec684aea2833e3650071a7a8592889b74142df73fa84c22c15b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 18234
date: Thu, 17 Jun 2021 09:07:30 GMT
expires: Fri, 18 Jun 2021 09:07:30 GMT
last-modified: Wed, 26 May 2021 09:40:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 22512
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3E66 0
61 B 90ms
63ms Ping
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUP9Mzwt_Oq1qZ9t0y1RNJTOkybI-JTCsbJbncB8Nvtd_ih1YH-haYgZrUpNiAgg7XfwLw1gzrVFBu3daHjAFiJw8rKAGX4AXfLSQHapNIjmIqA-awhAb9SOS3Jcq3iLrXk_xrHkhNtDHJhWKlxtNa_hK1ZDLFlHy-ppHg96GB7ydATq9EXZ0L4xAddED3F1yv_0hIDJwClHhvFCSVQLa4MohWQcRbMhAelgy9vMgVgNB2gvvPLo_b6NZKnRZFpDsD3lcZk-a_l1O_JENH-Msmw58TQFoqsj5a2U-_TGyVYXhvoV6rnU_qjri8qK7hBz6r1L5h1X8wVZU3aMrk5n93msesJuM75o6vj-RRuqSI1QOlBct6MRLpHkLCyd8cdiUw_jo69NUkbLbTHDjlbgtNCJ6xnV_qcj9Qr0dFS8GYYjDZHTSEHLog7lFiYkwPzy-xI-QELvvB45D7iUMVzhkcECg9Y6CJT4vfTacM7GUAg9frseQifwMHEEEksUMKafCrc1hQ9SMpZZPFkndnfe7JSKHI2NDcApql2ACJ175c8_zow_ynXApUFItOV3Ax9SHvyzJUscxzuw2TReFGaP-LvvGaIxVGAWeRonaxZAp9nkTmj5UlIs7nwpKLx_w2LkW6IK4b6e-i9pEf3e7oHi7KljXifqNVHVLJ4RctQWt5fw5vtS8yeLvLSoI9gdGePMRrmZrJP1PMOxPTNwc5Ex333RAEbx3S3Ucr1UoX1gv7kzFAFLy6NXFefXkirsFa95GXb3K2VAogTBge46ASJpIf8xCECvPV-qrG7e8tEyDli3WGXXq7vXtLNBGkYa_yIZH3TBgDnXmQ0mPLR8wzC7BsNp-qKYiGEpO2TDClpXUmf5JkTgjYnGfn6zwkbna5ea_YDTXVmz64vDlxuOjfO9lAHReF1y-bGa7i4-3xDs7eSqK64PSGYk7VO5sY3lTk91k8V4JDnZD7tYA2WRwqpLTBmb-nkvESKP7L7fAyUI-VSa7UXRcasbrTfodahHnMEDZ34sVrT7Cg-OFgO4Ax_0sFM96C8QKVvMVb2ueccSeUHaTFmJHLiT7GOYysQBYYXqaK69F5sgamzTuBPm3JRwkjNcbNIyft7YgVviTjXqgS2kaCEZPwcrKSiscH_v1pxgXQ6JU&sai=AMfl-YTa6BN6QgffdoYvvu0NhbK5uhDJz9jCmSxsnxMvjmdC5HMut4paYt0KOq6--dXTmzhT-kKZq76y2tNESh9rehXKp7vAsHCjKiURM72lmoa719IuivPN2H5wLv5nieglIP8Fhghip0Gjj6m16lt9vhTLrJB7-Q&sig=Cg0ArKJSzCSPzqHcugAdEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=377&cbvp=1&cstd=373&cisv=r20210615.97896&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN (),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 17 Jun 2021 15:22:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3E66 41 KB
15 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:41:42 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8752 1 KB
749 B 12ms
6ms Document
text/html 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 17 Jun 2021 11:20:29 GMT
expires: Fri, 18 Jun 2021 11:20:29 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 14533
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3E66 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fca6af4fb10a144d6759ed63c196455d44d235616391d3532c7d0d364ef71cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 0E18 12 KB
0 12ms
9ms Document
text/html 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 17 Jun 2021 15:15:58 GMT
expires: Fri, 17 Jun 2022 15:15:58 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame E019 783 B
0 16ms
16ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w1/YmZN9Kzl4K7GMH8k61Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=217=QHeT_jf030FMtDXffOIWr2M9BVUImWyU6y1rwjY9EZSZhhQlQLXfRWYGY_ccS5njJ7XwEfXlpFkwr4CMp6jbp8V-2wju4sUlk7BZ8gGWewHzc9mZ2nu0YBuPC5u6JXE3nVXroiBVN-lEglH7d7GghEOfgTfJ6KUYLZ40YMaIcCo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

expires: Thu, 17 Jun 2021 15:22:42 GMT
date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-w1/YmZN9Kzl4K7GMH8k61Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame 3E66 183 KB
58 KB 178ms
75ms Script
application/javascript 52.215.97.146

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/722837/54927600/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.97.146 Dublin, Ireland, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CE14
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAaIGtuwl4lVfvbvucyj74s&google_cver=1

43 B
1023 B

41ms
29ms

Image
image/gif

185.33.221.13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAaIGtuwl4lVfvbvucyj74s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN (),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:42 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid: 0bc212b7-5233-45a0-bcbc-eaac764f97f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAaIGtuwl4lVfvbvucyj74s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CE14
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1MDI5NjM5NTk0OTU0NTE2Ng%3D%3D

170 B
188 B

31ms
28ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1MDI5NjM5NTk0OTU0NTE2Ng%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:42 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: c9cb026b-b21c-4195-b353-51dd41441215
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1MDI5NjM5NTk0OTU0NTE2Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CE14
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDbY8X6sLH3EZaEStJpB_3M&google_cver=1

43 B
106 B

30ms
27ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDbY8X6sLH3EZaEStJpB_3M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDbY8X6sLH3EZaEStJpB_3M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame CE14
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmFmZjA5MWYtNjA2My0yNDQ5LWQwN2QtZTkxOTlkMTVkZmY5

170 B
188 B

42ms
41ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmFmZjA5MWYtNjA2My0yNDQ5LWQwN2QtZTkxOTlkMTVkZmY5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 17 Jun 2021 15:22:42 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmFmZjA5MWYtNjA2My0yNDQ5LWQwN2QtZTkxOTlkMTVkZmY5
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame C20A 0
23 B 79ms
53ms Ping
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN (),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI2ODkvbGFpX2t1YW5saW5fMS5qcGc=.jpg
s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/ 6 KB
6 KB 364ms
363ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI2ODkvbGFpX2t1YW5saW5fMS5qcGc=.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: d1587636a9c7a7b7b4d2195816df56f74691d6f79aada1fa9dd165a604f18055

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 11:43:06 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 1110864929564959740
accept-ranges: bytes
content-length: 6077
expires: Sat, 17 Jul 2021 11:43:06 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI2ODUvYnRzLmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/ 10 KB
10 KB 195ms
195ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI2ODUvYnRzLmpwZw==.jpg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 2e024d2635ce2f90bbdfbb28275fb07356861355cc41a1fbbd941090b4f1500d

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 12:18:11 GMT
x-cache-lookup: Cache Hit, Hit From Inner Cluster
server: Lego Server
age: 0
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 2589938892929008195
accept-ranges: bytes
content-length: 10160
expires: Sat, 17 Jul 2021 12:18:11 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 621A 22 KB
8 KB 12ms
12ms Document
text/html 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 17 Jun 2021 14:41:43 GMT
expires: Fri, 17 Jun 2022 14:41:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1DC8 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 17 Jun 2021 14:41:43 GMT
expires: Fri, 17 Jun 2022 14:41:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc-script-v2.min.js Show response
sal.isanook.com/dc/ 25 KB
11 KB 237ms
235ms Script
application/javascript 61.91.94.132
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software: nginx /
Resource Hash: 3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length: 25278
date: Thu, 17 Jun 2021 15:22:42 GMT
content-encoding: gzip
last-modified: Mon, 16 Nov 2020 11:46:30 GMT
server: nginx
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10744
expires: Sat, 17 Jul 2021 15:22:42 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F48A 1 KB
749 B 26ms
26ms Document
text/html 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 17 Jun 2021 11:20:29 GMT
expires: Fri, 18 Jun 2021 11:20:29 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 14533
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C20A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e307cbea956bb4cd15b157afe146353365f7769055929cc41171eff14706ee55

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 527E 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 92F1 0
0

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 52ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3a

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1623943362.dop136.fr8.t,1623943362.cds244.fr8.hn,1623943362.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H3-29 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 5471 28 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Jun 2021 14:41:43 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8752
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-...

43 B
468 B

180ms
167ms

Image
image/gif

2606:4700::6812:d05

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 660d46626ebb4e3e-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
cf-request-id: 0abc2a517e00004e3eee143000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 660d46611ba84e3e-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abc2a50aa00004e3ef109e000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPPZE_GrIzrtp_t6KDjDZXk&google_cver=1&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1h...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5

170 B
188 B

40ms
40ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 17 Jun 2021 15:22:43 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: s/kUg+JniRaQnXc4LCsAAA==

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELXT67Y1z5Tuuk1hUs410nM&google_cver=1&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkF...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hiEeHY2VQiObXZJwxtNttQ2&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx

170 B
188 B

79ms
29ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hiEeHY2VQiObXZJwxtNttQ2&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 17 Jun 2021 15:22:42 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hiEeHY2VQiObXZJwxtNttQ2&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx
x-host: tde-deliveryengine-production-84b97f78fc-9n4gv
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_cver=1&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&google_hm=dk1zU2F5UjhFRXI2SS1s...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:43 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKy_HT9X754iB58CvdCtUmg&google_cver=1&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8&google_hm=ODE5ODMwNDk...

170 B
188 B

28ms
28ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8&google_hm=ODE5ODMwNDkzNTY4MzE0NDMxNg%3D%3D

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8&google_hm=ODE5ODMwNDkzNTY4MzE0NDMxNg%3D%3D
date: Thu, 17 Jun 2021 15:22:42 GMT
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ
https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQ...
https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZWE0MGEzNjctNzRjNC00NGFlLTllZWEtOTlkZGUyOGI5YjUw

170 B
188 B

37ms
31ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZWE0MGEzNjctNzRjNC00NGFlLTllZWEtOTlkZGUyOGI5YjUw

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZWE0MGEzNjctNzRjNC00NGFlLTllZWEtOTlkZGUyOGI5YjUw
date: Thu, 17 Jun 2021 15:22:42 GMT
x-envoy-upstream-service-time: 3
server: istio-envoy
content-length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 8752 0
12 B 52ms
51ms Image
text/html 142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4o5gAWFG4zDup4Wa6pvfsfwmd_MEZ6kPuS00IWigqe-5QTj4b7v-7NtSUNk8WVEWl8knrpQ

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3E66 0
23 B 91ms
91ms Ping
image/gif 142.250.186.98

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN (),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

passback_970x250.js Show response
static.adsafeprotected.com/ Frame 3E66
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/722837/54927600/skeleton.js?adsafe_url=https%3A%2F%2Fwww.sanook.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F279139b216d50708ee96d298a4ab7a8d.safeframe.google...
https://static.adsafeprotected.com/passback_970x250.js

3 KB
1 KB

85ms
78ms

Script
application/javascript

52.215.97.146

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_970x250.js
Requested by: Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.97.146 Dublin, Ireland, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 17:25:27 GMT
server: nginx/1.16.1
age: 270784
etag: W/"094948b2d1170876fb8e76e432d87da6"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_970x250.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 42ED 82 KB
21 KB 84ms
84ms Script
application/javascript 52.215.97.146

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.97.146 Dublin, Ireland, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 2849309
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame CE5B 0
260 B 156ms
30ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 12:29:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3E66 43 B
216 B 335ms
109ms Image
image/gif 35.173.0.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=722837&asId=f091177f-b027-386e-5353-567f607fc2a4&tv=%7Bc:fOtaXy,pingTime:-2,time:776,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:993,bdZ:1177,beA:1514,beZ:1516,mfA:2096,cmA:2098,inA:2098,inZ:2103,prA:2103,prZ:2129,si:2178,poA:2179,poZ:2193,cmZ:2193,mfZ:2193,loA:2221,loZ:2224,ltA:2288,ltZ:2288%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:970,h:250,t:661%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:777,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:661,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B191~1%5D,as:%5B191~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sABCQNm+11%7C121%7C122%7C123%7C124%7C125%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c%7C1d*.722837-54927600%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1f2%7C1f3,idMap:1d*,rmeas:1,rend:0,renddet:na,sinceFw:109,readyFired:true%7D&br=u
Requested by: Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.0.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
x-server-name: dt39.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame F48A
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEIIz5Aw4ZIcg9Az7X1mytAw&google_cver=1&google_push=AYg5qPJRbrMaHMxipd0BAdtHkggVBuDrjjfkxF-BwkDVa_oSz519kzqjsmkSw_F9XO0Y9tPrUjVDI_PAwEFNrrZfbcX-b1q...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJRbrMaHMxipd0BAdtHkggVBuDrjjfkxF-BwkDVa_oSz519kzqjsmkSw_F9XO0Y9tPrUjVDI_PAwEFNrrZfbcX-b1q592Y&google_hm=NTU0NjkxNzE3...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
814 B

175ms
66ms

Image
image/gif

193.0.160.129

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN (),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 15:22:43 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEJ2NoYAdRQBUkEq5MFNnR5k&google_cver=1&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpT...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA

170 B
188 B

64ms
61ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA
Date: Thu, 17 Jun 2021 15:22:42 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2999
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEL5ooMy-duwDhXQ8Kr12aso&google_cver=1&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW5ZaFdKZjNCZ3VYNVpoY3cyakxZQQ%3D%3D&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_...

170 B
188 B

62ms
61ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW5ZaFdKZjNCZ3VYNVpoY3cyakxZQQ%3D%3D&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW5ZaFdKZjNCZ3VYNVpoY3cyakxZQQ%3D%3D&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY
date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 242
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_cver=1&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1t...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1t...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&google_hm=dk1zU2F5UjhFRXI2SS1sV...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:43 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 235
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain

https://google-sync.rutarget.ru/sync?google_gid=CAESEMqc9XIntouNY9GUOhWVClQ&google_cver=1&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOt...
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Zzdyb3FzMW1FMWZN&google_ula=2046794&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0...

170 B
188 B

172ms
171ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Zzdyb3FzMW1FMWZN&google_ula=2046794&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOtRz6c

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Zzdyb3FzMW1FMWZN&google_ula=2046794&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOtRz6c
Date: Thu, 17 Jun 2021 15:22:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET

pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhT...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE&google_hm=95f5116d-8660-49f1-8d4...

170 B
188 B

28ms
28ms

Image
image/png

142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE&google_hm=95f5116d-8660-49f1-8d4e-61cc2201e743

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:43 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE&google_hm=95f5116d-8660-49f1-8d4e-61cc2201e743
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame F48A 0
12 B 89ms
83ms Image
text/html 142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZkHI8DsOuKsGD-fC_rW_YFwcy4gh84DuNYx9bICzKbc-3CMaIejkTZOeaUTosx3lLdAun

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN (),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame 621A 14 KB
6 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 14:45:46 GMT

GET
H3-29 200 970x250_1.jpg
s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/ Frame 5471 95 KB
95 KB 81ms
74ms Image
image/jpeg 2a00:1450:4001:808::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/970x250_1.jpg

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

92cda8cd6907fe242599f75e1dcca214ea3a56ffc20de464274671cfa7e84359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 11:31:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 09:40:15 GMT
server: sffe
age: 13885
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97446
x-xss-protection: 0
expires: Fri, 18 Jun 2021 11:31:17 GMT

GET
H3-29 200 970x250_.jpg
s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/ Frame 5471 94 KB
95 KB 94ms
89ms Image
image/jpeg 2a00:1450:4001:808::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/970x250_.jpg

Requested by

Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

018f975cac19b045936b6b2f51927fa51e9d60c11f795c5caea12383ba66efdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:30:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 09:40:15 GMT
server: sffe
age: 6737
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96736
x-xss-protection: 0
expires: Fri, 18 Jun 2021 13:30:25 GMT

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DC8 14 KB
6 KB 69ms
66ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 14:45:46 GMT

GET
H2 200 IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame 3E66 28 KB
29 KB 56ms
53ms Image
image/png 52.215.97.146

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by: Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.97.146 Dublin, Ireland, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
last-modified: Wed, 14 Apr 2021 17:24:57 GMT
server: nginx/1.16.1
age: 174936
etag: "9d3f43da9d0d0679ec0dfea58b2f1d45"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28949

GET
H2 200 query Show response
global.cloud.netacuity.com/webservice/ 535 B
407 B 163ms
45ms XHR
application/json 54.72.136.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.136.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 7955771d2fe473ec86fe88d6eaf05702eacabb3887252305d6cd3675e5bebcae

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 17 Jun 2021 15:22:43 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
content-length: 247
vary: Accept-Encoding
content-type: application/json;charset=UTF-8

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3E66 42 B
64 B 88ms
44ms Fetch
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWFxFK-Mfqutcre-VnVbwqXtJe3yo-bEY71lhJr036ki3a_8DfW2EeVV3Bkk1vqTaHbMI37sq03RFzas8V_UO73YW34TGxU6eWBPSMCC3E-STpXykQeh285v8&sai=AMfl-YR17BDFVYHaqKHKDl_-wiB1Sg4Z90CawfoVNabBDzk7OQWYBStTh2f-JR51RPHAFdN0OvlLHm4ev70BzxtCgRnPZO0Mm8mqqlU2a8OUBVoAhcJwuKHm0k9DAlk&sig=Cg0ArKJSzDp5aVUVPLwhEAE&cid=CAASEuRoXy37hcHJhWGq4a2u23hyyg&id=lidar2&mcvt=1029&p=75,315,579,1285&mtos=983,983,1029,1029,1029&tos=983,0,46,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2010139517&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623943360639&dlt=171&rpt=2&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3E66 43 B
215 B 109ms
109ms Image
image/gif 35.173.0.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=722837&asId=f091177f-b027-386e-5353-567f607fc2a4&tv=%7Bc:fOtb3O,pingTime:-10,time:1164,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623943363310%7C%7Cf82613ef85b4e231f35fbb691d5fce2f%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ce6635336451eca9e44bb54ad100d9835%7C%7C4540936df24fa1cdf41ca763d3f339dd%7C%7C63688266d639c35768133f976481c182%7C%7Ca7307b20a433ebfe4b3ed2dba4c508ba%7C%7C30580f651499e42c5f4addd0d4361d63%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:1429,ecd:86,tsecr:41%7D%7D%7D
Requested by: Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.0.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
x-server-name: dt45.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 6 KB
3 KB 40ms
13ms Script
application/javascript 34.107.231.31
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

bed19ef32432a609feca36d2bc6b49255d34674724d5c03ec4b790c4d73d550c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 09 May 2021 19:55:21 GMT
server: nginx
age: 2423
etag: W/"b83f21b3b86f8c5af4a60b50b2412f5f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=3600
timing-allow-origin: *
alt-svc: clear
content-length: 2692

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 436B 4 KB
4 KB 34ms
34ms Script
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31602563&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: 25d8e265f2cc90dc5767f18d5e03f9a2b9b2e4d08e0f299b0f70d9e68f95d998

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 90ms
17ms Script
application/javascript 151.101.14.110

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1071.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "a1a545c95f313a230157b47dca555c25"
x-amz-request-id: DM30SWKKVC6S9RTW
x-cache: HIT
content-length: 9086
x-amz-id-2: PB2dZdkBAg3MOl6rQOIJs4rDAwkQxHHgoudypaqkid0YQ+oThDmxYru0sr4ENZXjvzCv3wU/M1w=
x-served-by: cache-fra19131-FRA
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1623943364.525231,VS0,VE0
date: Thu, 17 Jun 2021 15:22:43 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 145

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E00C 2 KB
2 KB 23ms
22ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.sanook.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2283
set-cookie: uid=f1eeef4e-a390-433c-b855-fed511f9a93c; expires=Fri, 17 Jun 2022 15:22:42 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Thu, 17 Jun 2021 15:22:42 GMT
content-length: 1129

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061502&st=env

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c00442991f84b40f39671db850b3a2a446442fa9c2053ee17963c2eaba1ebc2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 15:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7954
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 17 Jun 2021 15:22:43 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CA70 4 KB
4 KB 31ms
31ms Script
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32580438&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: c3378aee23a57a68806cea8a91688a6d01be7ae6b16b1915ba93e1a0613ab17c

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8C1E 4 KB
4 KB 61ms
59ms Script
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68826605&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: c3378aee23a57a68806cea8a91688a6d01be7ae6b16b1915ba93e1a0613ab17c

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C20A 42 B
64 B 53ms
47ms Fetch
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9ZzJK_LExj6kzbRtBsC2evjzHTuAQhkUMboM-MFibFQ61ijsmcfP9MlbyOJC9aV47JrWsZplzhM2OeaeHV5Ha2Qc52LtaCbvhPGcauCad87Ek3jLtQOWpJ0Y&sai=AMfl-YSKM0_Hw8xVfoSe2-xIHmdpCMVkCOKLQA-YdNsuMjoOa8zi8Up0IZ58bOoocNAXCNVmTDPz_YWMWkjFbbjoQVco-7jy1oNjyO-Ufiuo6diApa3HeThexM_uoxQ&sig=Cg0ArKJSzMI9qyiu5wVtEAE&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&id=lidar2&mcvt=1040&p=924,1045,1178,1345&mtos=0,1040,1040,1040,1040&tos=0,1040,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3191418387&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623943361062&dlt=190&rpt=2&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame DBDA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507

35 B
468 B

100ms
37ms

Document
image/gif

37.157.2.236

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=5565809440969734050; expires=Mon, 16 Aug 2021 15:22:43 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sat, 17 Jul 2021 15:22:43 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQ_CdaLqhO_hSk787uGVrU&google_cver=1

42 B
283 B

38ms
32ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQ_CdaLqhO_hSk787uGVrU&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:455
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQ_CdaLqhO_hSk787uGVrU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 436B 43 B
611 B 26ms
24ms Image
image/gif 159.253.128.188

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN (),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 16 Jun 2021 15:22:43 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4EF0
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417

42 B
211 B

33ms
32ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; SPugT=1623932986; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; PugT=1623943363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-5706252579533875417; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat: lhrpug003:0:547
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5565809440969734050

42 B
380 B

76ms
76ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5565809440969734050
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:523
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5565809440969734050
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&gdpr=0&gdpr_consent=

42 B
340 B

25ms
24ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:403
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 17 Jun 2021 15:25:05 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 17 Jun 2021 15:25:04 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c59c16a-1a06-4cb4-be13-f1834f838c79

42 B
449 B

29ms
26ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c59c16a-1a06-4cb4-be13-f1834f838c79
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:319
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c59c16a-1a06-4cb4-be13-f1834f838c79
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8306
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

42 B
110 B

28ms
23ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KRTBCOOKIE_27=16735-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&16736-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23019-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23114-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; KRTBCOOKIE_80=22987-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&16514-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&23025-CAESEG2Ng1EThtomNH5wavw6Ko4; KRTBCOOKIE_57=22776-1807299555491511333; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; SPugT=1623932986; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; PugT=1623943363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:42 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat: amspug011:0:470
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
expires: Thu, 17 Jun 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3035
date: Thu, 17 Jun 2021 15:22:43 GMT
content-length: 205

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7050296395949545166&gdpr=0&gdpr_consent=

42 B
211 B

76ms
75ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7050296395949545166&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:437
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:43 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.146:80
AN-X-Request-Uuid: ccb1fb71-215c-4bfa-ab4d-51bf38929415
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7050296395949545166&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz

42 B
430 B

66ms
66ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:442
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=1ddc91a8-187f-4ea7-bd36-48da481362fd&expires=1&user_group=5&ssp=pubmatic&bsw_param=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

55ms
55ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:415
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 17 Jun 2021 15:22:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame EE39
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677

42 B
366 B

66ms
65ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KRTBCOOKIE_1101=23040-6974783621786957973; PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KRTBCOOKIE_27=16735-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&16736-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23019-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23114-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; PugT=1623943361; KRTBCOOKIE_153=19420-dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X&KRTB&22979-dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X; KRTBCOOKIE_80=22987-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&16514-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&23025-CAESEG2Ng1EThtomNH5wavw6Ko4; KRTBCOOKIE_57=22776-1807299555491511333; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; SPugT=1623932986; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:42 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6974783634662422677; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:42 GMT; path=/ PugT=1623943362; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:42 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat: amspug016:0:431
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 17 Jun 2021 15:22:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6974783634662422677; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677

GET
H/1.1

200
OK

cookie-sync Show response
match.prod.bidr.io/ Frame C95F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACdl07BltIAADHiFrJ8dQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add

43 B
430 B

52ms
52ms

Document
image/gif

52.209.246.140

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.246.140 Dublin, Ireland, ASN (),

Reverse DNS

ec2-52-209-246-140.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AACdl07BltIAADHiFrJ8dQ; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Thu, 17 Jun 2021 15:22:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-8474b759f8-f8gpb
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=6MGEpDBlvsC4;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 12-Jun-2022 15:22:43 GMT;Max-Age=31104000;SameSite=None pb_rtb_ev=3-17oy|7dN.0.AACdl07BltIAADHiFrJ8dQ;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Fri, 17-Jun-2022 15:22:43 GMT;Max-Age=31536000;SameSite=None INGRESSCOOKIE=240b531c64ff9bc3; path=/; HttpOnly; Secure; SameSite=None
location: https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

64ms
63ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:428
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 17 Jun 2021 15:22:43 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2998
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=

42 B
232 B

37ms
34ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:516
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:42 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 436B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8LpOp72pR8KVluWsa-_FBw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

63ms
61ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=122487
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sat, 19 Jun 2021 01:24:10 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7da860cb-68c1-4400-b4d2-4193ed8c6ff0

0
128 B

26ms
24ms

Image
text/plain

185.64.189.114

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 17 Jun 2021 15:25:05 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 17 Jun 2021 15:25:04 GMT

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 436B 35 B
248 B 30ms
28ms Image
image/gif 146.59.148.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=214&mapped=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.59.148.16 , France, ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjBCQTRFQTctQkRBOS00N0MyLTk1OTYtRTVBQzZCRUZDNTA3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

62ms
61ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:392
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 436B 43 B
704 B 72ms
72ms Image
image/gif 2a00:1288:110:c305::8000

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kjcy56tE2uVTps1MbfEO6dUKUkJnWY4-~A&gdpr=0&gdpr_consent=

0
128 B

65ms
63ms

Image
text/plain

185.64.189.114

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kjcy56tE2uVTps1MbfEO6dUKUkJnWY4-~A&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 17 Jun 2021 15:22:43 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kjcy56tE2uVTps1MbfEO6dUKUkJnWY4-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=

1 B
235 B

67ms
67ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:428
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1623943364.729888,VS0,VE0
x-served-by: cache-hhn4059-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2751009170363871789&gdpr=0&gdpr_consent=&us_privacy=

1 B
172 B

67ms
67ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2751009170363871789&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:507
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2751009170363871789&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 436B 0
103 B 13ms
12ms Image
text/plain 2a02:fa8:8806:16::1400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame CA82 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 17 Jun 2021 15:15:58 GMT
expires: Fri, 17 Jun 2022 15:15:58 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9850 783 B
532 B 64ms
61ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

461301b0bc46c1f0f8eebfdb301d3976e7e65c5f5ecf3e1e684f1008ded4fd75

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qigMvEh70fwKnYH64FIYtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=217=QHeT_jf030FMtDXffOIWr2M9BVUImWyU6y1rwjY9EZSZhhQlQLXfRWYGY_ccS5njJ7XwEfXlpFkwr4CMp6jbp8V-2wju4sUlk7BZ8gGWewHzc9mZ2nu0YBuPC5u6JXE3nVXroiBVN-lEglH7d7GghEOfgTfJ6KUYLZ40YMaIcCo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.sanook.com/

Response headers

expires: Thu, 17 Jun 2021 15:22:43 GMT
date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qigMvEh70fwKnYH64FIYtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 8f062114d3 Show response
bam.nr-data.net/1/ 57 B
274 B 512ms
120ms Script
text/javascript 162.247.242.19

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=9064&ref=https://www.sanook.com/&be=2240&fe=8858&dc=2536&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1623943354585,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:597,%22c%22:597,%22s%22:607,%22ce%22:1221,%22rq%22:1221,%22rp%22:1428,%22rpe%22:1629,%22dl%22:1431,%22di%22:2536,%22ds%22:2536,%22de%22:2536,%22dc%22:8858,%22l%22:8858,%22le%22:8865%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN (),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 30F6
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
88 B

26ms
23ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; PugT=1623943362; SPugT=1623943362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: text/html; charset=utf-8
x-lat: amspug018:2:212
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=619388b2-c341-4fda-ae75-7c252c51bf01; path=/; domain=csync.loopme.me; Expires=Sat, 17-Jul-2021 15:22:43 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Thu, 17 Jun 2021 15:22:43 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 79D9
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7419099741
https://sync.1rx.io/usersync/tradedesk/3c59c16a-1a06-4cb4-be13-f1834f838c79
https://sync.targeting.unrulymedia.com/csync/RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003

42 B
269 B

24ms
24ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; KRTBCOOKIE_466=16530-eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0; PugT=1623943362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003&KRTB&17107-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat: amspug010:0:459
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Thu, 17 Jun 2021 15:22:44 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003%22%7D; path=/; expires=Fri, 17 Jun 2022 15:22:44 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
etag: RX3e12531d9bdc4cc1a017682926c3b39d003

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 524F
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6

42 B
295 B

33ms
32ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; PugT=1623943362; SPugT=1623943362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat: lhrpug011:0:464
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Thu, 17 Jun 2021 15:22:43 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=2uoHxe3WuQKCVYKp51E6W_g6; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 2212 42 B
1009 B 94ms
63ms Document
image/gif 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0abc2a54a500004e6ded1de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 660d46676f934e6d-FRA

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 4B97 43 B
408 B 193ms
81ms Document
image/gif 173.231.180.197

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 17 Jun 2021 15:22:43 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H3-29 200 i.match Show response
a.tribalfusion.com/ Frame 90E1 43 B
802 B 204ms
177ms Document
image/gif 2606:4700::6812:d05

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: a.tribalfusion.com
:scheme: https
:path: /i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aPntmIwZcF1eoXarpfrgWYUdbIlZa6ZaDZdx5nociTcWxCnfr52dZdvnFUba4ogLxShwIs06rvLOrMfycH4WMrRFd2Ks1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aOnvQwSyZaRGRT8vnQ2fP6iKCfUfCuiZdX5FoUm7crGZcRXFZaTdLcWsMZcJ7NHTolKo2wXEt3YmJnkcJyoVZd00mLZc1kyO4ZbNdwZbnJOPlMCRcQx2qnZbRl; path=/; domain=.tribalfusion.com; expires=Wed, 15-Sep-2021 15:22:43 GMT; SameSite=None; Secure; ANON_ID_old=aOnvQwSyZaRGRT8vnQ2fP6iKCfUfCuiZdX5FoUm7crGZcRXFZaTdLcWsMZcJ7NHTolKo2wXEt3YmJnkcJyoVZd00mLZc1kyO4ZbNdwZbnJOPlMCRcQx2qnZbRl; path=/; domain=.tribalfusion.com; expires=Wed, 15-Sep-2021 15:22:43 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0abc2a54a300004aaab5aa6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 660d466768aa4aaa-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0246
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219

1 B
87 B

58ms
58ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; PugT=1623943363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:42 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat: amspug015:0:327
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-8474b759f8-rq74x
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=xYHBXYjvvZBG;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 12-Jun-2022 15:22:43 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=8dc9a4781239c016; path=/; HttpOnly; Secure; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame D26F
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
52 B

27ms
27ms

Document
text/plain

199.232.137.44

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Thu, 17 Jun 2021 15:22:43 GMT
via: 1.1 varnish
x-served-by: cache-hhn11571-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1623943364.929295,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 17-Jun-2022 15:22:43 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Thu, 17 Jun 2021 15:22:43 GMT
via: 1.1 varnish
x-served-by: cache-hhn11571-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1623943364.837558,VS0,VE56
x-vcl-time-ms: 56
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 0481 0
39 B 104ms
101ms Document
text/plain 169.197.150.7

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN (),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Thu, 17 Jun 2021 15:22:43 GMT
server: b

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame 335B
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

50ms
49ms

Document
image/png

35.227.248.159

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN (),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1623943364152; TapAd_DID=ab7fde0e-3e3d-4d0b-ba3f-f6dcda905f68
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 17 Jun 2021 15:22:44 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.36.v20210114)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Thu, 17 Jun 2021 15:22:44 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1623943364152;Expires=Mon, 16 Aug 2021 15:22:44 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=ab7fde0e-3e3d-4d0b-ba3f-f6dcda905f68;Expires=Mon, 16 Aug 2021 15:22:44 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.36.v20210114)
via: 1.1 google
alt-svc: clear

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 78AC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=

42 B
211 B

56ms
55ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; PugT=1623943363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:42 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_107=1471-uid:uVXSSrX61LTTQT5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/ PugT=1623943362; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:42 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat: amspug006:0:444
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Thu, 17 Jun 2021 15:22:43 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=uVXSSrX61LTTQT5; Domain=.w55c.net; Expires=Sun, 17-Jul-2022 15:22:43 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 17-Jul-2021 15:22:43 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B4EA
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4

42 B
218 B

24ms
24ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; KRTBCOOKIE_466=16530-eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0; KRTBCOOKIE_594=17105-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003&KRTB&17107-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003; PugT=1623943362; KRTBCOOKIE_279=22890-dd2704a8-cf7f-11eb-9754-ed51a704cc59&KRTB&23011-dd2704a8-cf7f-11eb-9754-ed51a704cc59
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_860=16335-YwRIQ_olQm1kwyD-lacPdSV4iZ4; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat: amspug012:0:403
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Thu, 17 Jun 2021 15:22:45 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
Set-Cookie: sa-user-id=s%3A0-63044843-fa25-426d-64c3-20fe95a70f75.6OP5lCFnBj1QIseyldskbDJW773IDR9CeGTiciHaKQc; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-63044843-fa25-426d-64c3-20fe95a70f75%24ip%2437.120.137.158.BQChWUze%2FND7EOZuFLe448tTS3NYv4bTOVfY1LR4WUo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 159
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 98B7
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1

1 B
68 B

26ms
24ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; SPugT=1623932986; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; PugT=1623943363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:42 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat: amspug016:0:413
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: text/html
content-length: 154
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
expires: Wed, 16 Jun 2021 15:22:43 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame 024D 0
114 B 1388ms
118ms Document
text/plain 38.27.122.101

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.101 Chestertown, United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: match.bnmla.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 17 Jun 2021 15:22:45 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame CA70
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31

7 B
86 B

298ms
46ms

Image
text/plain

185.64.189.249

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:44 GMT
content-length: 7
content-type: text/plain; charset=utf-8

Redirect headers

date: Thu, 17 Jun 2021 15:22:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame CA70
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=

42 B
601 B

158ms
74ms

Image
image/gif

77.243.60.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Hjørring, Denmark, ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
frontend-id: 10
location: /pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame CA70 95 B
200 B 24ms
22ms Image
image/png 2606:4700:10::6816:1957

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 660d46675bcb16e6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0abc2a5493000016e6ebace000000001

GET
H2

204

/
loadm.exelator.com/load/ Frame CA70
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0
https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

0
2 KB

62ms
61ms

Image
text/plain

54.78.254.47

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN (),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 17 Jun 2021 15:22:43 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CA70
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166

42 B
110 B

36ms
31ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:274
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:44 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid: c6bbd709-e7c1-4986-b242-4eada65cd634
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CA70
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d9ce3f4b-c468-411d-8427-001fa7f18f4e

42 B
224 B

61ms
58ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d9ce3f4b-c468-411d-8427-001fa7f18f4e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:353
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d9ce3f4b-c468-411d-8427-001fa7f18f4e
date: Thu, 17 Jun 2021 15:22:43 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CA70
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd1550d8-cf7f-11eb-a11f-7b7d63553c25&gdpr=0&gdpr_consent=

1 B
371 B

63ms
61ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd1550d8-cf7f-11eb-a11f-7b7d63553c25&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:414
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd1550d8-cf7f-11eb-a11f-7b7d63553c25&gdpr=0&gdpr_consent=
Date: Thu, 17 Jun 2021 15:22:43 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: dd1550d9-cf7f-11eb-a11f-7b7d63553c25

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 8C1E
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31

7 B
87 B

375ms
45ms

Image
text/plain

185.64.189.249

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:44 GMT
content-length: 7
content-type: text/plain; charset=utf-8

Redirect headers

date: Thu, 17 Jun 2021 15:22:43 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 8C1E
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

124ms
45ms

Image
image/gif

77.243.60.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Hjørring, Denmark, ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:41 GMT
frontend-id: 2
location: /pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 8C1E 95 B
177 B 63ms
62ms Image
image/png 2606:4700:10::6816:1957

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 660d46676c0b16e6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0abc2a54a6000016e6ce3c6000000001

GET
H2

204

/
loadm.exelator.com/load/ Frame 8C1E
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0
https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

0
2 KB

62ms
60ms

Image
text/plain

54.78.254.47

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN (),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 17 Jun 2021 15:22:43 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B962
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
88 B

26ms
24ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; PugT=1623943362; SPugT=1623943362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:42 GMT
content-type: text/html; charset=utf-8
x-lat: amspug015:2:248
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=af353b54-dc66-4afc-94f3-a9af18406a74; path=/; domain=csync.loopme.me; Expires=Sat, 17-Jul-2021 15:22:43 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Thu, 17 Jun 2021 15:22:43 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6056
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5263073156
https://sync.1rx.io/usersync/tradedesk/3c59c16a-1a06-4cb4-be13-f1834f838c79
https://sync.targeting.unrulymedia.com/csync/RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003

42 B
347 B

24ms
24ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; KRTBCOOKIE_466=16530-eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0; PugT=1623943362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003&KRTB&17107-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:41 GMT; path=/ PugT=1623943361; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:41 GMT; path=/
x-lat: amspug009:0:290
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Thu, 17 Jun 2021 15:22:44 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003%22%7D; path=/; expires=Fri, 17 Jun 2022 15:22:44 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
etag: RX3e12531d9bdc4cc1a017682926c3b39d003

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1D19
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6

42 B
295 B

33ms
31ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; PugT=1623943362; SPugT=1623943362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat: lhrpug012:0:394
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Thu, 17 Jun 2021 15:22:43 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=2uoHxe3WuQKCVYKp51E6W_g6; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 33C3 42 B
132 B 89ms
33ms Document
image/gif 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0abc2a54eb00004e6dd2305000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 660d4667d8894e6d-FRA

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame A95F 43 B
408 B 198ms
40ms Document
image/gif 173.231.180.197

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 17 Jun 2021 15:22:43 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8C1E
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166

42 B
110 B

25ms
24ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:43 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:262
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 17 Jun 2021 15:22:44 GMT
X-Proxy-Origin: 37.120.137.158; 37.120.137.158; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid: 79cb1052-f37d-41d1-906e-ed5177258f3a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8C1E
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_9de1c230-afe0-4737-be5b-a35c97fd4049

42 B
224 B

60ms
58ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_9de1c230-afe0-4737-be5b-a35c97fd4049
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:364
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_9de1c230-afe0-4737-be5b-a35c97fd4049
date: Thu, 17 Jun 2021 15:22:43 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H3-29 200 i.match Show response
a.tribalfusion.com/ Frame 02F4 43 B
760 B 352ms
298ms Document
image/gif 2606:4700::6812:d05

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: a.tribalfusion.com
:scheme: https
:path: /i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aPntmIwZcF1eoXarpfrgWYUdbIlZa6ZaDZdx5nociTcWxCnfr52dZdvnFUba4ogLxShwIs06rvLOrMfycH4WMrRFd2Ks1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 17 Jun 2021 15:22:44 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aInvQwqkaHbBykt9ZbOaRehHFnOZd7utJ1Va1TBIaHWZaOhY3Xqxs5DFHiGHlP71mx54LZaUQZdn0yh8ZaPZa5i02NfKZdKvC5Dx5iEUnJSibYVUnf2qnWvc; path=/; domain=.tribalfusion.com; expires=Wed, 15-Sep-2021 15:22:44 GMT; SameSite=None; Secure; ANON_ID_old=aInvQwqkaHbBykt9ZbOaRehHFnOZd7utJ1Va1TBIaHWZaOhY3Xqxs5DFHiGHlP71mx54LZaUQZdn0yh8ZaPZa5i02NfKZdKvC5Dx5iEUnJSibYVUnf2qnWvc; path=/; domain=.tribalfusion.com; expires=Wed, 15-Sep-2021 15:22:44 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0abc2a54e600004aaab5aad000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 660d4667d9d24aaa-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D023
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219

1 B
68 B

52ms
51ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; PugT=1623943363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:42 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat: amspug017:0:378
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-8474b759f8-78x9q
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=kPsjcOHq5U6w;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 12-Jun-2022 15:22:43 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=fdf77391205c62cc; path=/; HttpOnly; Secure; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame A001
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

29ms
27ms

Document
text/plain

199.232.137.44

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Thu, 17 Jun 2021 15:22:43 GMT
via: 1.1 varnish
x-served-by: cache-hhn11571-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1623943364.927205,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 17-Jun-2022 15:22:43 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Thu, 17 Jun 2021 15:22:43 GMT
via: 1.1 varnish
x-served-by: cache-hhn11571-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1623943364.838038,VS0,VE8
x-vcl-time-ms: 8
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 7E0C 0
16 B 108ms
104ms Document
text/plain 169.197.150.7

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN (),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Thu, 17 Jun 2021 15:22:43 GMT
server: b

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame 6CF2
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
154 B

50ms
50ms

Document
image/png

35.227.248.159

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN (),

Reverse DNS

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1623943364152; TapAd_DID=ab7fde0e-3e3d-4d0b-ba3f-f6dcda905f68
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 17 Jun 2021 15:22:44 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.36.v20210114)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Thu, 17 Jun 2021 15:22:44 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1623943364151;Expires=Mon, 16 Aug 2021 15:22:44 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=8f0c3083-cd0d-4c6a-89bf-9cab81bb5569;Expires=Mon, 16 Aug 2021 15:22:44 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.36.v20210114)
via: 1.1 google
alt-svc: clear

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 61FC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=

42 B
211 B

25ms
24ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; PugT=1623943362; KRTBCOOKIE_107=1471-uid:uVXSSrX61LTTQT5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat: amspug020:0:436
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Thu, 17 Jun 2021 15:22:43 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-00d497958362b52d3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=jteJnx0x1LTTQT5; Domain=.w55c.net; Expires=Sun, 17-Jul-2022 15:22:43 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 17-Jul-2021 15:22:43 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8C1E
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd2704a8-cf7f-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=

1 B
216 B

24ms
24ms

Image
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd2704a8-cf7f-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 15:22:42 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:394
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd2704a8-cf7f-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
Date: Thu, 17 Jun 2021 15:22:43 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: dd2704a9-cf7f-11eb-9754-ed51a704cc59

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BAF7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4

42 B
375 B

35ms
34ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; KRTBCOOKIE_466=16530-eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0; KRTBCOOKIE_594=17105-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003&KRTB&17107-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003; KRTBCOOKIE_279=22890-dd2704a8-cf7f-11eb-9754-ed51a704cc59&KRTB&23011-dd2704a8-cf7f-11eb-9754-ed51a704cc59; KRTBCOOKIE_860=16335-YwRIQ_olQm1kwyD-lacPdSV4iZ4; PugT=1623943363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:44 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_860=16335-PPncS4S2S8dPJuyRudL8PCV4iZ4; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:44 GMT; path=/ PugT=1623943364; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:44 GMT; path=/
x-lat: amspug002:0:427
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Thu, 17 Jun 2021 15:22:45 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
Set-Cookie: sa-user-id=s%3A0-3cf9dc4b-84b6-4bc7-4f26-ec91b9d2fc3c.iqWfoC%2FBQlIAO3YIo04%2Fr5skV%2BsuE450LkT%2Fygby4Ts; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-3cf9dc4b-84b6-4bc7-4f26-ec91b9d2fc3c%24ip%2437.120.137.158.xCy2BHrq5BdS8ZzjECQXh%2BdltUH76yuWDvsKQY1ZOOI; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 159
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F8C4
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1

1 B
68 B

62ms
60ms

Document
text/html

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; PugT=1623943363; SPugT=1623943363
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 17 Jun 2021 15:22:41 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:41 GMT; path=/
x-lat: amspug006:0:599
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Thu, 17 Jun 2021 15:22:43 GMT
content-type: text/html
content-length: 154
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
expires: Wed, 16 Jun 2021 15:22:43 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame 6CFA 0
114 B 1358ms
120ms Document
text/plain 38.27.122.101

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.101 Chestertown, United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: match.bnmla.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 17 Jun 2021 15:22:45 GMT
Content-Length: 0
Connection: keep-alive

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DC8 0
20 B 45ms
41ms Image
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHkQ-wWjLYJryEKTH3gP2iLvICAAAAAA4AeAEAg&bg=!ISKlImbNAAZktE7iZLQ7ACkAdvg8WmPyVBn6q4xLi_cikytx4Vv9y5NPJTc0G0_0XMGX1f7fLqJr9QIAAAMvUgAAACBoAQcKAEtXuM52xY7za5Zb4Jh1dVe9owfoYYa0eKmr3FQbbtjs9RpFx-gUWPQ5IMcgtt5aidzgtW-qLOIGvUOKP1u51E4F6c15FVvQvP42QjeZAsSp0NMlrWFTtjJTmQUYcIjBzD2VVgP5cs8ta0pFAsepGfXMz0-oBMr_eK9GiHl5c3p3pgu8imvmyf91YDaDbGPb0_tjcilMGDV6MDPX7TLuMHB1wFGj2IKRF2oq1V45vI2nKkmW0Z0FRGVAyA77WM4hbcIlsMYLJzqnMab6PVYRHcOFlX0GHDwoth8V36fdNiESx9qYEg6oezvDiIgGLv1c4lSu1b_MrRtS8yMakY_TUpIqCwA0rl5vXJnwSGTNp1a71Qs5r_2m_acJVTG2zGWIVK7EjrBp92C6a4rc29HD6x5YGq04LTvFxgsfox3pr4IAV7CX9FcSRxz0zHzDYAEfDddd68eBsL1zoLYOyouWxnxsLE4W4gPHRFfaI_pVUkQwjPcRfMNDWxYpJu3C4FEwbhCcy2j7D_O6JzzyE72PSXmnLsunysfXPR0l8ubwa8h5fxHtj4J7feKEnN44cQ5DxrxlMfHmaVWwPLmKxJICswvFKnBflDd5ZuZAeF3tm-Wzljg1877sr8SlMBiUfofinc_UHxZ0Vov25UvchAx-iHNiRGIQfnIiQ3cWSzQjRS0xlq_-T12l6x2xKiDaUUw73vzqKxAxVbhevh24RCfPy4WMvp3VZhOpAo19-BZ6c__5IG1MEubucfR6NQ9UOqUudPH-WWltmN_K4xe5uKCR846GSWZuLaLCFvSbWjtdeL9h4RBjS4HL2eQSDrqBhFRTXy3_FvemJn1uPqp0oBlkGz9k-ZnEiMBkg3u6NlG7vrrkRr6cPH4TOdlzBgC5rm6lZ99FSFRvZBFsOuTNGuPzYnj-tb4AwCi5GjVgCqP4IvAprFZrN423TX9hxYGdExU47MmzsB1WjaxrXRgi6RikSfGvW26EiIkvXWLZNjqAwwgu3aSLY9qhlduFixjrcA2DDLn2psE_ksPLZfN4P-YuVCBXItY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame CA82 14 KB
6 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 14:45:46 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 621A 0
20 B 89ms
88ms Image
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0QCIwWjLYN7kKZaMjuwPtpypyAYAAAAAOAHgBAI&bg=!tbaltvLNAAZktE7iZLQ7ACkAdvg8WlYJzQ5bcXP1qh2J1UwDvagn1kTmvenZlbyWTczC7NR675tUoQIAAAPFUgAAAENoAQeZAslNMupwSz_QFPvQr9rFT3KZvmOp6H6dItPhhEqnqqjfpgHLx1QEjgvppzzXxEwQLFq5mr_8mc5KrVeVMo47ol_lf0OD01CwgsoHr9WAQkSGx_g57nbbUMcnjcwV-XbxhOF94uzcNN6zCKJ1Q2yPe3JA5F1khXHYOvwWrEOTeMPpmjV7G7n152S38-Ez5WdDzOoq-1PSwB30vnHgwU9crWK8YEgF6Hcd4MeIiqlgVj39QMNelFV4_Ss02cuKFFzb4htLKYo67b_GZtAWNjcBtaYGm1R361wwR83XQKnEUyLOQwgWiJLBxOStzgURDJZ29vO0ezNrZi5mavJDi_4wq-YS7aHkTpzX1diD-BsDIQM8NFCpHD51BweJ2HjTzQ1cJcVQ2_2t7YoZwn9AJdnsiIDMGmpCS57w2B4ZxrOLzZE4a2bgG83K15SLd4qFKYSmF44EuTHZRJ_fczTF4qoYtDyRkqFuV4qFuupc1oL6TZb59FZ9QZGuc0xUoGmYUUEq2yMHDXSBICHbvmFA6S0KWcrGZYMSyWpTpywiRpg4GR5nH-OmSrgbcNslnEJVmW7OKZCk0IZnsJTs6P7zjk-D_xNyvrB15yVbLis9AhtFJ41eQ9LH2YcO_CV_d0_BCpFebNd364TeG2a2FYUVom9ThG6YWvjZ9xFTCHMSkkxE59F7CTFeX2h9iQROVFEpdFD8kFZ87E-cIcuiVH7At9UXF9lWmu8AIq85310QBMj--Yofqj5CSBZqvJUS3b4BfBb3IthOFWYXjDRu-ZIowhW0qdzNp2H9GdwP-JyMFMTxczeovGP7vKREKlOfj_XtZ9GjRLXpTU-SSNeZf0bivBoVRL-IvxZ2JlkO5aCPR760UEN6Z6s3P0JsfdNjYiXYNEMewDzCFErjNLHtk7luyV4OHGiCiXCCgCYWxy3NHIzgt4kzzBgdQVZZOUD_qA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061502&jk=2247514414496879&bg=!CAulC0_NAAZktE7iZLQ7ACkAdvg8WnGuOxbAxXV6eUglWIqz8RDvNNPhVZsJ-8ndMsrRxH-n2hjxUAIAAAEWUgAAACdoAQcKAE8YzBPVr5BxEc2Ji6uygFRYwI6mJs5TrUC2iL66UG9-tY4EaUKzS9jIPl9iLt9l9sGZAScR915Lmba8iqU70OlXJGs9h3EtpVc-2ZRWxJAHmQJyDR-f6klXEJPnUHvG0Y2QyVioeezhiw0uCQhNdtJOsdB6kBKMQoznXwi8Qihxc2sCoAQ1IwgcC39XHJLeXU7GO1zUehwwTNijBQzeb-zoFoJAGZuGTY3jJYwbGMYL70uuxKPZXFUBcEdttTkVb7gW1jYGLqkDbjIfJbip0loQtxgNjOp4qvOk9xaD7se7dmmxayrIU7Ov4Nk5OYFfoZzDiGsfa9glVufbOTfKxkaKOTkCJDeusL7ReiLSwr8pwqATKq-SxAk0B0b2xhTE9QF7C8DYh5j1aPSL_bdODZhYSqVgbMkwHEqZnnHej397tGImrG6Smw_E5_RsQrEmfBu_PimWfmg2WrgPe4VCWIVYrjTnTP8WG1tYxWBgdW09wfxjQHIPJPvyQ4647xxAWl2rbkkUALvHACHnGpCCzc8vA_7y9W2afPGI9eF6aC7H44LpDzxJVwkwLPova7a0DRsKBDsLmjuB6X_G43Jtcq900UsZcY9ky8O7ugu6imn1ewSxVmVWD-VPmFjaTJNfdRWQz0hRSNxlVImf_cDPjq1AdLAdoAE9AzxmZSsKtilwiPoCJJSvrGCE3x9qFN3q4BUgG_X8VQOFM8c1CGA32LlUPPXVGauiengFkjR64e8jyM2gsO-8S6XR1mapT_j3kKzCNmg79CaSW353qEhX22nf1qmsw76nlx7VPZfvDlGQMjy1bz2pJ7i3M-1Myi3QOsBgzAZnHZw7hQr2Vc7mnYU8wKWWMVumaNhOktuNycTZutRUDPGLuyt_sPVNY7ZbKHH0_vr67n2NI99fc7KWD_kizu9NglJrlNyuXu-xremyq-BP8j8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 436B 0
128 B 32ms
31ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 12:29:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame CA70 0
128 B 32ms
31ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 12:30:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 8C1E 0
48 B 41ms
28ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 12:29:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 jquery-1.8.3.min.js Show response
s.isanook.com/sh/0/js/ 91 KB
33 KB 195ms
195ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/26e57cc433838abc0ffd5e04c06d69731b5dc4e8.88ab629e351d2314d04e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:03:40 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 93636
server: Lego Server
age: 0
etag: W/"PSA-aj-0IhQ85x_cu"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2591997
x-nws-log-uuid: 4255842866101613741
accept-ranges: bytes
content-length: 33384
expires: Mon, 12 Jul 2021 10:03:38 GMT

GET
H2 200 aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzMjEvc2Fub29rX3RodW1ibmFpbF8xMjAweDcyMC0yLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/ 35 KB
35 KB 446ms
446ms Image
image/jpeg 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzMjEvc2Fub29rX3RodW1ibmFpbF8xMjAweDcyMC0yLmpwZw==.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 9a9ed77e0dfc82bcf6b2ced632c3e0cdd52a0f248e51d15e6a0df9b565ce9d57

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:33:02 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9227439063357177525
accept-ranges: bytes
content-length: 35984
expires: Sat, 17 Jul 2021 14:33:02 GMT

GET
H2 200 sanook-notification.1.0.3.min.js Show response
s.isanook.com/no/1/js/ 2 KB
1 KB 207ms
207ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/26e57cc433838abc0ffd5e04c06d69731b5dc4e8.88ab629e351d2314d04e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 03:31:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 2114
server: Lego Server
age: 19180
etag: W/"5d9c5150-842"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 7592077822159251744
accept-ranges: bytes
content-length: 1054
expires: Fri, 16 Jul 2021 03:31:24 GMT

GET
H2 200 sanook-notification-v1.017b.css
s.isanook.com/sh/0/cs/ 3 KB
1012 B 224ms
224ms Stylesheet
text/css 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/cs/sanook-notification-v1.017b.css
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 01:31:54 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
x-original-content-length: 3433
server: Lego Server
age: 19202
etag: "5d9c5105-d69"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-nws-log-uuid: 16716344316700645614
accept-ranges: bytes
content-length: 825
expires: Fri, 16 Jul 2021 01:31:54 GMT

GET
H2 200 socket.io.min.1.0.js Show response
s.isanook.com/no/1/js/ 42 KB
14 KB 224ms
224ms Script
application/javascript 150.109.191.116
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/no/1/js/socket.io.min.1.0.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 09:03:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
last-modified: Wed, 18 Sep 2013 05:33:33 GMT
server: Lego Server
age: 25400
etag: W/"52393b2d-a942"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 11042817808511769201
accept-ranges: bytes
content-length: 14046
expires: Fri, 16 Jul 2021 09:03:22 GMT

GET
H2 200 dc_oe=ChMI2ta8ufye8QIVpKN3Ch12xA6JEAAYACC3_LBIQhMIptHzuPye8QIVhsp3Ch0nogQp;met=1;&timestamp=1623943373441;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 3E66 42 B
515 B 95ms
52ms Image
image/gif 142.250.185.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2ta8ufye8QIVpKN3Ch12xA6JEAAYACC3_LBIQhMIptHzuPye8QIVhsp3Ch0nogQp;met=1;&timestamp=1623943373441;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN (),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 15:22:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
notification.sanook.com/socket.io/1/ 71 B
309 B 1153ms
232ms XHR
text/plain 203.151.133.54
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://notification.sanook.com:8403/socket.io/1/?t=1623943374989
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 203.151.133.54 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
Software: /
Resource Hash: 25591a0a7c5fe51adcf3c0af8c69de1b1c8af0b89ba4a186c7b3ba6d6fb9302c

Request headers

Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.sanook.com
Date: Thu, 17 Jun 2021 15:22:56 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p3.isanook.com
URL: https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjAUMUwojztFhc_GsuXcDq8z4iM5unKuCbw3MKRv6xqFXipSMGbBHMsApJYB_uIoOfsOoW_r1_Uetm-372CQ7oeKQq1fqIwuGhizavyS8&sig=Cg0ArKJSzO_iRnXaa0zaEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=345054422&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1623943359912&dlt=0&rpt=691&isd=0&msd=0&esd=0&r=u

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviKmU5rNRBGg7m8ywpGHc1adkoJhtk96sHfAMlsYHbcL_pWAm121NeYHZ_GkDeyop2Ze5ezYgqx-DtKRo-A2tqwvNZPBboE9GCoswmVzg&sig=Cg0ArKJSzByZeiGNtfdBEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1033481451&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1623943361618&dlt=0&rpt=356&isd=0&msd=0&esd=0&r=u

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA

Verdicts & Comments Add Verdict or Comment

488 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:05:46	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 12:36:55	Name: IDE Value: AHWqTUlgK9MDBhh5v1q1yBkRT-I4cVR7Gv0vVVuP5XbLtaVG91sIMwSvA1Y22ikIg0s
.casalemedia.com/	1970-01-19 19:07:09	Name: CMST Value: YMtowWDLaMIA
.casalemedia.com/	1970-01-20 03:51:19	Name: CMRUM3 Value: c460cb68c1276003030001_60cb68c155db9&2d60cb68c22760CAESEAnPssy-LS_j6Wht0GjCmBs
.casalemedia.com/	1970-01-19 21:15:19	Name: CMPS Value: 3269
.bidr.io/	1970-01-20 04:34:16	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 04:34:16	Name: bito Value: AACdl07BltIAADHiFrJ8dQ
.criteo.com/	1970-01-20 03:51:19	Name: uid Value: f1eeef4e-a390-433c-b855-fed511f9a93c
.casalemedia.com/	1970-01-20 03:51:19	Name: CMID Value: YMtowX6-fDkfLuTo.m8DqwAA
.adnxs.com/	1970-01-19 21:15:19	Name: uuid2 Value: 7050296395949545166
.pubmatic.com/	1970-01-19 21:15:19	Name: DPSync3 Value: 1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232
.casalemedia.com/	1970-01-19 21:15:19	Name: CMPRO Value: 1117
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_57 Value: 22776-1807299555491511333
.ads.pubmatic.com/	1970-01-19 19:07:09	Name: KCCH Value: YES
.pubmatic.com/	1970-01-19 21:15:19	Name: KADUSERCOOKIE Value: F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_336 Value: 5844-4690034062060225801
.ads.pubmatic.com/	1970-01-19 19:07:09	Name: repi Value: 1
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_218 Value: 22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4
.openx.net/	1970-01-20 03:51:19	Name: i Value: d53ce58c-0093-451a-9f4b-7b4833d02264\|1623943362
.pubmatic.com/	1970-01-19 21:15:19	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-19 21:15:19	Name: SyncRTB3 Value: 1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67
.adnxs.com/	1970-01-19 21:15:19	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb8un`42!1yIE`fS1ueD1W-044)d+]UfZpnqHSB.X8j)>+`g@-$KrV>Y<92=)m7l/>mvP(hw9P-HC_#tu$@*0vu$
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_153 Value: 19420-dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X&KRTB&22979-dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_27 Value: 16735-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&16736-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23019-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23114-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187
www.sanook.com/	1978-01-11 21:31:40	Name: uuid Value: 2b853fd6-006e-3713-7793-a2beabac36fc
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_1101 Value: 23040-6974783621786957973
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_377 Value: 6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec
.pubmatic.com/	1970-01-19 19:48:55	Name: PugT Value: 1623943361
.pubmatic.com/	1970-01-19 19:48:55	Name: SPugT Value: 1623932986
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_22 Value: 14911-2845108476452106797
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_188 Value: 3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_391 Value: 22924-7444902178821496912&KRTB&23263-7444902178821496912
.sanook.com/	1970-01-20 04:27:19	Name: __gads Value: ID=4f93ea7983d9efb8:T=1623943359:S=ALNI_MZUzxxtEaWwd6tOXOlp3IrMUC19vA
.pubmatic.com/	1970-01-19 21:15:19	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 19:48:55	Name: KRTBCOOKIE_80 Value: 22987-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&16514-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&23025-CAESEG2Ng1EThtomNH5wavw6Ko4

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6) Message: [GPT] Cannot find targeting attribute "crt_pb" for "/4899711/www.sanook/desktop/all/indexpage/billboard".
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6) Message: [GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/www.sanook/desktop/all/indexpage/billboard".
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6) Message: [GPT] Cannot find targeting attribute "crt_pb" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6) Message: [GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6) Message: [GPT] Cannot find targeting attribute "crt_pb" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6) Message: [GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	log	URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1) Message: Calling handler function
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://www.sanook.com/
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.0029296875 ms
console-api	log	(Line 17439) Message: Country1CH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
a.teads.tv
a.tribalfusion.com
a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.avads.net
ads.playground.xyz
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.u1sf.com
aud.pubmatic.com
avd.innity.com
avd.innity.net
b1sync.zemanta.com
bam.nr-data.net
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cdn.izooto.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eu-u.openx.net
fw.adsafeprotected.com
global.cloud.netacuity.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.sanook.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img-as.fsanook.com
js-agent.newrelic.com
js-sec.indexww.com
loadm.exelator.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
notification.sanook.com
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-eu.andbeyond.media
rtb.gumgum.com
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.pubmatic.com
tencentth-d.openx.net
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
cm.g.doubleclick.net
p3.isanook.com
pagead2.googlesyndication.com
101.33.11.45
101.33.11.88
104.111.224.62
119.81.216.16
13.248.242.197
142.250.185.130
142.250.185.162
142.250.185.226
142.250.186.98
146.59.148.16
150.109.191.116
150.109.206.145
151.101.113.108
151.101.114.49
151.101.14.110
159.253.128.188
162.247.242.19
162.55.6.210
169.197.150.7
172.105.199.172
173.231.180.197
178.162.133.149
178.250.0.163
178.250.0.165
178.250.2.146
178.62.202.251
18.156.0.31
18.210.5.212
184.30.21.51
185.29.135.233
185.33.220.244
185.33.221.13
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.226
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.107
193.0.160.129
198.148.27.140
199.232.137.44
2.18.233.180
2.18.234.21
2001:4de0:ac18::1:a:3a
2001:678:cb4:bbbb::11
203.151.133.54
213.155.156.181
213.19.147.44
216.58.212.162
23.22.239.72
23.37.38.181
2606:4700:10::6816:1957
2606:4700:20::681a:ad1
2606:4700::6812:d05
2606:4700::6812:d841
2620:116:800d:21:51e4:db4b:4436:b305
2620:119:50e1:101::6cae:b25
2a00:1288:110:c305::8000
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c04::9b
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:16::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.66.135.160
34.107.231.31
34.251.173.19
34.98.107.212
35.156.158.150
35.173.0.225
35.190.0.66
35.201.96.126
35.205.207.25
35.227.248.159
35.244.159.8
37.157.2.236
38.27.122.101
51.178.20.139
51.68.39.188
51.89.21.20
52.17.202.120
52.209.246.140
52.215.97.146
52.30.14.23
54.72.136.29
54.78.254.47
61.91.93.188
61.91.94.132
61.91.94.198
65.9.82.63
66.155.71.149
70.42.32.127
72.21.206.140
77.243.60.138
77.245.57.78
80.64.106.148
85.114.159.93
87.98.228.78
018f975cac19b045936b6b2f51927fa51e9d60c11f795c5caea12383ba66efdd
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0517939adf31a748c050f6346b0b33a4f702b7cd49600c0dfb4664a67c965fc3
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
07a4456a253eafbae8ca967f6d8d80c531d8140f55b767aabf9bfcc32255a381
097fd71be450d266fde4a961b060bbe7e758e051c2a06c7888e444b96ea67d63
0a419d02e11deedca8f2782c692be6185d0f1e588d4d747d992323c9a2f1ff70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdebf332d3618da868300642219a30c2c7b807728685b8986379a318ecf5fdf
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d5a51d1cfd4c9c94ea57f6c8f1706883b9303735fffb5f72b229d5493417fd0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13fddc04b2c9562fc41facd921cdf8eeace3f4e7f954374f3934cfad44a880bb
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b
15980f681ddb5e251b4e0ad65b79173af6f042e2d33edb41d496c3c276eb6a6e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16b6712bb0e8b96ef51ee1898e487bbf652b4ac82436e77efb82bbd73106cbbb
170c0ad9b955a9af6dc766e12b8a199e45d9d58769ed8114774720fb147f74b4
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1923d80074cb1c0adebc7cf62681da3dc1502b06f7f8b03ddcd8d20a7d6047b8
1955fdb95aa4534a05fee4a3084e36f30857e4f39d2ff5aca46f632928365d00
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377
1acc2adcaf6ce530c15df6381743228c4f04c87001bec4e9f2b5fb9bd7f4ac08
1db5deb58a44fcc8f03e499f735494523624ae54c8b710cdb3af91536e79de19
1e05c513890dfe5ed032afd2ef6aa8621f8cc1cd231b3094472cfa795d01b4f2
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db
1fca6af4fb10a144d6759ed63c196455d44d235616391d3532c7d0d364ef71cb
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78
20e9dd5a44bfc6b252fc8aa780dd10f4f60eb0fa45fe3de96fcc81b963224b0c
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23
25591a0a7c5fe51adcf3c0af8c69de1b1c8af0b89ba4a186c7b3ba6d6fb9302c
25d8e265f2cc90dc5767f18d5e03f9a2b9b2e4d08e0f299b0f70d9e68f95d998
28fc16368231dc391eaf63180d2f3c469e8a8e8a8237121c9eca7b4285188c48
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2c003389936cf0796514f0d6dd1a6254e7cf80241452c93ce135c13401057872
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e024d2635ce2f90bbdfbb28275fb07356861355cc41a1fbbd941090b4f1500d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
313bc1d183c3afddcbdbcc4974b7b52a294d6048abfbf22f8f458eb07f5f68ec
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a
346b47cc32af221672e98b0ec2811bc32b5cc578fe7de77118d80e1cd6d3e294
35b684a020b50c10e1b42cc6d725b0a4db17190f26eb6a93ce8a9527dfc775c9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
391b9bd107cd37096dc2ed770bb52e4f34d577f54dee4319f563ea482ce6f8b6
3d44c7e3f4a2a94bad0da6eb43938696afbc8f2a58cb8a74c71200875a0f8bad
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db55ba67b886a7c0d4f317b266a3f19f5aff866f08f7978a739c6bcd76c9811
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4145b1c3dc67dbf7e7633324f42330d2467ccb902d874494695567ca2dac42f0
43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
4510c424b1e231feccf2d713061ef7b73829f075a9f91a75e49dd3556051d5a3
461301b0bc46c1f0f8eebfdb301d3976e7e65c5f5ecf3e1e684f1008ded4fd75
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4996a083825c331e56e13372d3eb0660679a2c19b84032b9bcc6eb1e0792f569
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c28c0bea0fa5730a0a1c07a00d822c5cfcbba07c9619f92595f733f4732a761
4de2d3b0129049642fc1f0f54a49aa96e79de7c2e3ccf077c5da5ed21437eb79
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecfa657a94c57109985f7d07882a68936fe311340910a2f592ebd80a1c82906
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51748a5942d66b489df0745ec6fb22fd8930d2b62fc06c448a1bd3168b5d99c3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
56350012a78fa8493bcb38fe6e0e06a29c70582ed2ab2d45a6babdef2b195c9e
56e6ed5bbbb9077c8bfdda4d8ca32afff6c7368bb1ade4a6f57ecf3a26df870c
57aad0eb32478aac681048ab9824a8b427c40d19e85897db861bb403f8f13c7b
5800186dfe1f045bf506a3981070d552a8d1da1d9ef16899e1987e57102e7092
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5d23cbd2a9a33bd91cc49c18cec7e2ea6c1b0650c19c418d533c0c9083cad8e5
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0
60fad079dc91b61a311881988011fcfee25a6f5e9899a937e6e7294c5bd0c442
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5
62689a2ba5327bbf1d225f66c3de6506816831bbdb326864992abaab063e2a66
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
678bca8a699320e0bd46136b88ee78c9e5525d9f81a809383e8b6a909fcede5b
69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ab30c05860dc5426ee66e700ae6c5a5ede1ac7d4432b6580f93661f33994ff1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c44405ab70a28ddb28bb5930646a069e59076fcd530ac435f6350f14a1ead72
6da2d71f0662c4f3dfab496c7a7e5510cc2ceab4725452758669f68cd3ffc95a
6f4edf42f57ab049ff5c1e111189c998762737248dca9a5556ef97cc2210ea67
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
756a4617cc8422cc1474c9e67bcf9eec18604e0e4e4d4217a1384de409636b3b
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
788113b5149e8260aecd7fc881e07f3be400bf8ae53f04135f54d46e0d9d5d17
7955771d2fe473ec86fe88d6eaf05702eacabb3887252305d6cd3675e5bebcae
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7a636173433040eaadd28a28bb7b07173bd735977615b9b783d25e915c231666
7b0f134d3c5fc97ef8feb1488957d50fb3fe61134848ad8c7e4a292c73d1071a
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f90dcd0fba90d90c2bb4b845ecacdfb21873fef07fc57d931fce0a5a43f4a40
8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea
822bd9d006dbb6645f5d81a7ecd887f2ac3b966c3ac98ef6c4e3964c5d568b15
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840af75bc8b3a5fbc16c4871c3f1a15c95fa59abd76f2a6fbed17718e2c29884
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
874abc6a94982dcf142e6b53fc1589ff578b760966a738766d5f0066c6741dbd
896cf85f87c399105e58561f2c31b353ef3fc91b6180d5cb92ffa376a723b371
8b64e9644f2f8cf98b093aec08032e56ebc4becf2b6768eaf24163a423dae655
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
92cda8cd6907fe242599f75e1dcca214ea3a56ffc20de464274671cfa7e84359
92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97072232e06c3504d24e712480dc926fedf5c77a8c23737c673982ebcb725540
97366ccdc6b19deea73abc010d5f78af83b22403e122129e1ed250d2ba35f004
97dd2b26c7e555d537095fb4147d2d8cf99fd87e8135246b92dbfa1acb62d913
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d6a9fabcf841ba995fe8b71f1c9c1e960f6df646a0e73cbdd08fb1f8913e69
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9a9ed77e0dfc82bcf6b2ced632c3e0cdd52a0f248e51d15e6a0df9b565ce9d57
9c361370e5b93024f75c586ec20a5692f4a4e7dbe2ef15905b75cd47d74dfceb
9cdfcda365e1b66d3f880c979ac8cdc83e178cef320c33c75f53b55f3e3c1c18
9eab4bc0eec58056c3b00a50a62561731b2620c59302f501f34ba4de6421aa31
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a38be1af053ab88f66edd53f84ef3df0d69c2447ccb801d17d62ee74e03fcf2e
a39d2ec9bcdaae22f3c1e9ce78d608ccb743b7c52d072d01475e69fd4ef32f34
a3efab061ef483ca4d6d0ead3c0b415ddba24a57d55366f89738c12b5da174b8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad
a6bcc9a15c4f7b2e65d2b24ef72efa9e373791cf4bd9576c78a9c53009a9aadf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9b0042ee62511bb68c172c7281de2e2e392790dad297d85055e98be565930bc
aa8ed414357cc5d42fb3b8530b68f3964b43bb585ffd80c65055a91af19c2b2d
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
ae0940a8bbb0d579de4f4cdfb221b8addc01275d7d1327c06e00689f42a22c29
aefa474da0458e44b73f36cee85fbcb2acd8bf5b571748f454c8a45161ba000f
af5e9b35433ec684aea2833e3650071a7a8592889b74142df73fa84c22c15b2d
afab4cddb39ebfcfd288a219afa7f3d2713c0f23c7469506b235b9a90a8ebd31
b02098980576153147ea9762d8aeaaec7447decca7bddc419a1e7b333583de46
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152
b30a5db854ba342c274c09d698a14b5e44e33659edce46b9f74784f7fa21955d
b349c8bfd7eec7cb879275d711f5efb8e849546f5d822090c928bbb9841d136f
b48893b6aa61aa39b43f18ef69b68f3b160c0e4372edd8f05c078b7025bfb93f
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30
be5f112e2769401e53cb3336a1ff34d48469c5b2a8a2f3940ae41c725bd0d19d
bed19ef32432a609feca36d2bc6b49255d34674724d5c03ec4b790c4d73d550c
bf693376bfcfc1b85adad412d8ca798a23092967b57fa68f6109443572f15342
c00442991f84b40f39671db850b3a2a446442fa9c2053ee17963c2eaba1ebc2b
c07d8d1de782177a97372172e2c5dfed7946b584afe569e2353fb158715743dd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3378aee23a57a68806cea8a91688a6d01be7ae6b16b1915ba93e1a0613ab17c
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cc139102469d1642b0d6deb4bbdb6ac89a2ba409d24c24a96ed6bfd288072c9a
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f
ce0a25dc618c0bfbc4bd472a7ffad89c9c2f386b3f0d9e396b0a70bced07ed26
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d14abb44a7716fc2800014e868021b15da2b75db9703de98e54ed31de56a4241
d1587636a9c7a7b7b4d2195816df56f74691d6f79aada1fa9dd165a604f18055
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a
dc8acdb75d8e5a18b6c02d03a842bf4383df926b7a4aad907614a037e5eaa277
dca1f4e2612b116221b7c2544644cf400809ec7a2e5c4d5f1b6569536eceba87
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df5748b46d35365a88c5de066e301538b0326e3ec1324300bfa160cc26abfdc2
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e1eea1640a99dad163f68e61551270bfe0548820de1463cf1acb8fe4e7c53c00
e23a9250c7455b9e53738ce705913e613af48255184dba0b4847f7561d1a6c37
e307cbea956bb4cd15b157afe146353365f7769055929cc41171eff14706ee55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e4f23332d4748e331a4d57b5d6007ba7af36ca5bda105942ed74f68ce365f144
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e6a40ab2403813d5a0a4eaa2156a8514276bff4df070c9211e10960151878276
e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f
e8246b428a5957d64eca65688abc8ab94b252835cded7bc43ca1ad0db5b3666d
ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d
ea97cb8133264d34a7c9a2969e45ea82b20956ec88c1b8bb4892fda102f4c6f7
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4e71e9a2ab98f6494be890955e6426a21459dd86f030cce59f05e61b9b5016
f0871f0a815917ca984a52c4bdb7834994310b382aca767fffc2ae96bf9cdfb0
f0b002f3bbd864cec1fe3869c5add1468504ef19e6593bb5fb5c3a498c3edb9e
f4531c23652f58a8c6e1bf3b03517515df38ebdd06ac48f69432ac02bca3b5b6
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f694d27b06b472d3776ce0fa1c5449e90ed98eaac957785afd6321e3ed4e1e04
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
f7b5d1e9db0177888752dd0c53ca76d1f2e94b4831052b5a3c465fefac7bf2b4
fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e
fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b
fec554dc67cf85228a5b76981f07b368a75d285eddd3d67f2537eb61fd6d9f10

www.sanook.com Open in urlscan Pro 61.91.93.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

445 Requests

99 %HTTPS

25 %IPv6

88 Domains

128 Subdomains

86 IPs

14 Countries

3985 kBTransfer

12156 kBSize

35 Cookies

28 Outgoing links

Redirected requests

445 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sanook.com Open in urlscan Pro
61.91.93.188 Public Scan

Screenshot
Live screenshot

Full Image

445
Requests

99 %
HTTPS

25 %
IPv6

88
Domains

128
Subdomains

86
IPs

14
Countries

3985 kB
Transfer

12156 kB
Size

35
Cookies

445 HTTP transactions
5 data transactions