URL: https://www.sanook.com/
Submission: On June 17 via manual from CA

Summary

This website contacted 86 IPs in 14 countries across 88 domains to perform 445 HTTP transactions. The main IP is 61.91.93.188, located in Thailand and belongs to TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH. The main domain is www.sanook.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 27th 2021. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 61.91.93.188 7470 (TRUEINTER...)
84 150.109.191.116 132203 (TENCENT-N...)
3 2a02:2638:1::3 44788 (ASN-CRITE...)
4 150.109.206.145 132203 (TENCENT-N...)
1 2a00:1450:400... 15169 (GOOGLE)
2 101.33.11.88 132203 (TENCENT-N...)
3 61.91.94.132 7470 (TRUEINTER...)
2 2a03:2880:f02... 32934 (FACEBOOK)
7 2.18.233.180 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.226 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 8 2a00:1450:400... 15169 (GOOGLE)
1 17 2a00:1450:400... ()
1 3 2a02:2638::1c ()
2 178.250.2.146 ()
1 2a00:1450:400... ()
3 2a00:1450:400... ()
20 216.58.212.162 ()
1 3 65.9.82.63 ()
3 104.111.224.62 16625 (AKAMAI-AS)
1 5 119.81.216.16 36351 (SOFTLAYER)
7 14 185.33.221.13 ()
1 61.91.94.198 7470 (TRUEINTER...)
7 185.64.189.112 ()
6 178.250.0.165 ()
3 23.37.38.181 ()
2 10 35.244.159.8 ()
3 77.245.57.78 36057 (WEBAIR-IN...)
3 184.30.21.51 ()
1 2a00:1450:400... ()
3 2a00:1450:400... ()
4 2a00:1450:400... ()
1 2606:4700::68... ()
1 51.89.21.20 16276 (OVH)
3 5 52.30.14.23 ()
6 9 13.248.242.197 ()
3 12 2.18.234.21 ()
2 101.33.11.45 ()
2 151.101.113.108 ()
20 2a00:1450:400... ()
5 2a00:1450:400... ()
20 2a00:1450:400... ()
4 185.64.190.78 ()
6 6 185.29.135.233 ()
3 3 2620:116:800d... ()
5 8 37.157.2.236 ()
17 33 142.250.185.162 ()
4 4 213.155.156.181 1299 (TELIANET ...)
14 185.64.190.80 ()
1 2 178.250.0.163 ()
2 2 85.114.159.93 ()
2 36 185.64.189.110 ()
3 5 52.209.246.140 ()
3 185.64.189.114 ()
4 5 146.59.148.16 ()
1 4 2606:4700:10:... ()
2 4 159.253.128.188 ()
2 2a00:1288:110... ()
2 3 18.156.0.31 ()
3 3 151.101.114.49 ()
4 5 35.156.158.150 ()
2 2 2001:678:cb4:... ()
2 2a02:fa8:8806... ()
3 3 178.62.202.251 ()
3 3 66.155.71.149 ()
1 2 72.21.206.140 ()
3 169.197.150.7 ()
2 2 51.178.20.139 ()
1 2a00:1450:400... ()
1 2 52.17.202.120 16509 (AMAZON-02)
6 2a00:1450:400... ()
7 185.64.189.226 ()
4 142.250.186.98 ()
4 52.215.97.146 ()
1 2001:4de0:ac1... ()
1 4 2606:4700::68... ()
1 1 2620:119:50e1... ()
1 1 35.190.0.66 ()
4 4 70.42.32.127 ()
1 1 185.86.137.107 201081 (SMARTADSE...)
3 3 35.205.207.25 15169 (GOOGLE)
4 185.64.190.81 ()
2 35.173.0.225 14618 (AMAZON-AES)
1 2 193.0.160.129 ()
1 1 172.105.199.172 63949 (LINODE-AP...)
1 1 80.64.106.148 ()
1 1 178.162.133.149 ()
1 54.72.136.29 16509 (AMAZON-02)
1 34.107.231.31 15169 (GOOGLE)
1 151.101.14.110 ()
1 1 51.68.39.188 16276 (OVH)
3 3 198.148.27.140 ()
1 162.247.242.19 ()
2 2 162.55.6.210 ()
6 6 213.19.147.44 ()
2 2 87.98.228.78 ()
2 2606:4700:20:... ()
2 173.231.180.197 ()
2 4 199.232.137.44 ()
2 4 35.227.248.159 ()
4 4 3.66.135.160 ()
2 2 18.210.5.212 ()
2 38.27.122.101 ()
4 4 35.201.96.126 ()
2 185.64.189.249 ()
2 4 77.243.60.138 ()
2 4 54.78.254.47 ()
2 2 34.98.107.212 ()
2 2 185.33.220.244 ()
2 2 34.251.173.19 16509 (AMAZON-02)
2 2 23.22.239.72 14618 (AMAZON-AES)
1 142.250.185.130 ()
1 203.151.133.54 4618 (INET-TH-A...)
445 86
Apex Domain
Subdomains
Transfer
91 isanook.com
s.isanook.com
p3.isanook.com
sal.isanook.com
2 MB
84 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
t.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
311 KB
65 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
376 KB
45 googlesyndication.com
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com
ade.googlesyndication.com
240 KB
18 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
49 KB
13 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
13 KB
13 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
5 KB
11 google.com
www.google.com
adservice.google.com
1 KB
10 openx.net
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
3 KB
9 adsrvr.org
match.adsrvr.org
4 KB
9 googletagservices.com
www.googletagservices.com
300 KB
8 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
124 KB
8 adform.net
c1.adform.net
4 KB
8 sanook.com
www.sanook.com
graph.sanook.com
notification.sanook.com
50 KB
6 2mdn.net
s0.2mdn.net
308 KB
6 mathtag.com
sync.mathtag.com
3 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
4 KB
5 onaudience.com
pixel.onaudience.com
2 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 ampproject.org
cdn.ampproject.org
101 KB
5 crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
2 KB
5 innity.com
avd.innity.com
3 KB
5 google.de
www.google.de
adservice.google.de
2 KB
4 exelator.com
loadm.exelator.com
6 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 tapad.com
pixel.tapad.com
996 B
4 taboola.com
trc.taboola.com
match.taboola.com
1013 B
4 1rx.io
sync.1rx.io
2 KB
4 zemanta.com
b1sync.zemanta.com
2 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
3 KB
4 simpli.fi
um.simpli.fi
2 KB
4 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
1 KB
4 de17a.com
d5p.de17a.com
1 KB
3 contextweb.com
bh.contextweb.com
2 KB
3 avads.net
ads.avads.net
871 B
3 deepintent.com
match.deepintent.com
99 B
3 sitescout.com
pixel-sync.sitescout.com
2 KB
3 bidtheatre.com
match.adsby.bidtheatre.com
2 KB
3 everesttech.net
sync-tm.everesttech.net
957 B
3 quantserve.com
pixel.quantserve.com
1 KB
3 teads.tv
a.teads.tv
856 B
3 andbeyond.media
rtb-eu.andbeyond.media
832 B
3 innity.net
avd.innity.net
13 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 google-analytics.com
www.google-analytics.com
55 KB
3 criteo.net
static.criteo.net
39 KB
2 ipredictive.com
sync.ipredictive.com
1 KB
2 gumgum.com
rtb.gumgum.com
671 B
2 playground.xyz
ads.playground.xyz
724 B
2 bnmla.com
match.bnmla.com
228 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 adgrx.com
cm.adgrx.com
816 B
2 ad4m.at
ad4m.at
1 KB
2 erne.co
green.erne.co
649 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 loopme.me
csync.loopme.me
391 B
2 rfihub.com
p.rfihub.com
a.rfihub.com
2 KB
2 dyntrk.com
gu.dyntrk.com
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 dotomi.com
pubmatic-match.dotomi.com
207 B
2 turn.com
ad.turn.com
1 KB
2 adition.com
dsp.adfarm1.adition.com
1002 B
2 fsanook.com
img-as.fsanook.com
112 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 facebook.com
www.facebook.com
312 B
2 googleadservices.com
www.googleadservices.com
15 KB
2 facebook.net
connect.facebook.net
99 KB
2 truehits.in.th
lvs2.truehits.in.th
4 KB
1 nr-data.net
bam.nr-data.net
274 B
1 nrich.ai
dsp.nrich.ai
489 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 adlooxtracking.com
p.adlooxtracking.com
3 KB
1 netacuity.com
global.cloud.netacuity.com
407 B
1 sonobi.com
sync.go.sonobi.com
849 B
1 rutarget.ru
google-sync.rutarget.ru
578 B
1 appier.net
a.c.appier.net
556 B
1 smartadserver.com
ssbsync.smartadserver.com
456 B
1 travelaudience.com
ads.travelaudience.com
611 B
1 linkedin.com
px.ads.linkedin.com
728 B
1 jquery.com
code.jquery.com
30 KB
1 googleapis.com
ajax.googleapis.com
30 KB
1 id5-sync.com
id5-sync.com
532 B
1 izooto.com
cdn.izooto.com
1 KB
1 u1sf.com
api.u1sf.com
407 B
1 googletagmanager.com
www.googletagmanager.com
42 KB
445 88
Domain Requested by
84 s.isanook.com www.sanook.com
s.isanook.com
36 simage2.pubmatic.com 2 redirects ads.pubmatic.com
33 cm.g.doubleclick.net 17 redirects eu-u.openx.net
googleads.g.doubleclick.net
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
www.sanook.com
20 tpc.googlesyndication.com www.sanook.com
securepubads.g.doubleclick.net
cdn.ampproject.org
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
20 pagead2.googlesyndication.com securepubads.g.doubleclick.net
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.sanook.com
20 securepubads.g.doubleclick.net www.googletagservices.com
www.sanook.com
securepubads.g.doubleclick.net
14 image2.pubmatic.com ads.pubmatic.com
14 ib.adnxs.com 7 redirects www.sanook.com
acdn.adnxs.com
googleads.g.doubleclick.net
9 match.adsrvr.org 6 redirects www.sanook.com
eu-u.openx.net
ssum-sec.casalemedia.com
9 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
8 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
8 c1.adform.net 5 redirects eu-u.openx.net
ads.pubmatic.com
8 www.google.com 2 redirects www.sanook.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 t.pubmatic.com www.sanook.com
7 hbopenbid.pubmatic.com www.sanook.com
7 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.sanook.com
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
7 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
6 s0.2mdn.net www.sanook.com
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
s0.2mdn.net
6 sync.mathtag.com 6 redirects
6 graph.sanook.com s.isanook.com
6 bidder.criteo.com www.sanook.com
static.criteo.net
5 x.bidswitch.net 4 redirects ads.pubmatic.com
5 pixel.onaudience.com 4 redirects
5 match.prod.bidr.io 3 redirects ads.pubmatic.com
5 us-u.openx.net 2 redirects eu-u.openx.net
googleads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 avd.innity.com 1 redirects avd.innity.net
www.sanook.com
4 loadm.exelator.com 2 redirects
4 uipglob.semasio.net 2 redirects
4 visitor.fiftyt.com 4 redirects
4 pm.w55c.net 4 redirects
4 pixel.tapad.com 2 redirects ads.pubmatic.com
4 sync.1rx.io 4 redirects
4 simage4.pubmatic.com ads.pubmatic.com
4 b1sync.zemanta.com 4 redirects
4 static.adsafeprotected.com fw.adsafeprotected.com
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.sanook.com
4 um.simpli.fi 2 redirects ads.pubmatic.com
4 d5p.de17a.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
3 bh.contextweb.com 3 redirects
3 ads.avads.net 3 redirects
3 a.tribalfusion.com 1 redirects ads.pubmatic.com
3 match.deepintent.com ssum-sec.casalemedia.com
ads.pubmatic.com
3 pixel-sync.sitescout.com 3 redirects
3 match.adsby.bidtheatre.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 ups.analytics.yahoo.com 2 redirects ads.pubmatic.com
3 mwzeom.zeotap.com ads.pubmatic.com
3 sync.crwdcntrl.net 3 redirects
3 image4.pubmatic.com ads.pubmatic.com
3 pixel.quantserve.com 3 redirects
3 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
3 a.teads.tv www.sanook.com
3 rtb-eu.andbeyond.media www.sanook.com
3 tencentth-d.openx.net www.sanook.com
3 htlb.casalemedia.com www.sanook.com
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 www.google.de www.sanook.com
3 gum.criteo.com 1 redirects static.criteo.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.sanook.com
3 sal.isanook.com www.sanook.com
3 static.criteo.net www.sanook.com
2 sync.ipredictive.com 2 redirects
2 rtb.gumgum.com 2 redirects
2 secure.adnxs.com 2 redirects
2 ads.playground.xyz 2 redirects
2 aud.pubmatic.com
2 match.bnmla.com ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 match.taboola.com ads.pubmatic.com
2 trc.taboola.com 2 redirects
2 cm.adgrx.com ads.pubmatic.com
2 ad4m.at ads.pubmatic.com
2 green.erne.co 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 csync.loopme.me 2 redirects
2 dt.adsafeprotected.com 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects www.sanook.com
2 gu.dyntrk.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 ad.turn.com 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
2 dsp.adfarm1.adition.com 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 acdn.adnxs.com ads.pubmatic.com
2 img-as.fsanook.com www.sanook.com
securepubads.g.doubleclick.net
2 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 eu-u.openx.net ads.pubmatic.com
eu-u.openx.net
2 adservice.google.de securepubads.g.doubleclick.net
2 mug.criteo.com www.sanook.com
2 www.facebook.com www.sanook.com
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 connect.facebook.net www.sanook.com
connect.facebook.net
2 lvs2.truehits.in.th www.sanook.com
1 notification.sanook.com www.sanook.com
1 ade.googlesyndication.com
1 bam.nr-data.net js-agent.newrelic.com
1 dsp.nrich.ai 1 redirects
1 js-agent.newrelic.com www.sanook.com
1 p.adlooxtracking.com www.sanook.com
1 global.cloud.netacuity.com www.sanook.com
1 sync.go.sonobi.com 1 redirects
1 google-sync.rutarget.ru 1 redirects
1 a.c.appier.net 1 redirects
1 a.rfihub.com www.sanook.com
1 p.rfihub.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 s.tribalfusion.com 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
1 code.jquery.com www.sanook.com
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 bcp.crwdcntrl.net ssum-sec.casalemedia.com
1 a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 spl.zeotap.com 1 redirects
1 id.crwdcntrl.net www.sanook.com
1 id5-sync.com www.sanook.com
1 cdn.izooto.com s.isanook.com
1 api.u1sf.com s.isanook.com
1 stats.g.doubleclick.net www.sanook.com
1 www.googletagmanager.com www.sanook.com
1 www.sanook.com
445 128
Subject Issuer Validity Valid
*.sanook.com
DigiCert TLS RSA SHA256 2020 CA1
2021-05-27 -
2022-06-27
a year crt.sh
*.isanook.com
DigiCert SHA2 Secure Server CA
2020-09-14 -
2021-10-15
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-04-14 -
2021-07-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA
2021-02-12 -
2022-02-27
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-04-14 -
2021-07-12
3 months crt.sh
*.google.de
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
www.google.de
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA
2021-05-12 -
2022-05-17
a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA
2020-11-11 -
2021-12-12
a year crt.sh
*.u1sf.com
DigiCert SHA2 Secure Server CA
2020-01-21 -
2022-03-16
2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2
2021-02-22 -
2022-03-26
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
teads.tv
R3
2021-06-14 -
2021-09-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-14 -
2021-08-14
a year crt.sh
*.id5-sync.com
R3
2021-06-01 -
2021-08-30
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.fsanook.com
DigiCert SHA2 Secure Server CA
2019-09-19 -
2021-12-22
2 years crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4
2021-05-10 -
2022-06-11
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.match.prod.bidr.io
Amazon
2021-02-26 -
2022-03-27
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-29 -
2021-09-22
6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-22 -
2021-09-15
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2019-06-19 -
2021-08-31
2 years crt.sh
s.amazon-adsystem.com
Amazon
2020-08-28 -
2021-08-20
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2020-04-09 -
2022-06-08
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-24 -
2021-08-16
3 months crt.sh
fw.adsafeprotected.com
Amazon
2020-09-09 -
2021-10-09
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-05-17 -
2021-08-09
3 months crt.sh
static.adsafeprotected.com
Amazon
2021-01-06 -
2022-02-04
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
dt.adsafeprotected.com
Amazon
2021-04-22 -
2022-05-21
a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-18 -
2022-06-18
2 years crt.sh
*.cloud.netacuity.com
Amazon
2021-04-11 -
2022-05-10
a year crt.sh
p.adlooxtracking.com
GTS CA 1D4
2021-04-30 -
2021-07-30
3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-05-21 -
2022-04-10
a year crt.sh
*.onaudience.com
Certyfikat SSL
2021-05-28 -
2022-05-28
a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-24 -
2022-03-26
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA
2020-10-05 -
2021-11-06
a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2
2021-01-06 -
2022-02-07
a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020
2021-03-09 -
2022-04-10
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-02 -
2022-06-07
a year crt.sh

This page contains 70 frames:

Primary Page: https://www.sanook.com/
Frame ID: 3C05D93BA752A170C29B023598203C67
Requests: 193 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 1153AA14EB5491792181B37F3AA22F54
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html
Frame ID: 60CCF4B19D946B94A38A59B715D48428
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CE5B268026548EDD24171553BBBC4569
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 436BC52C14A0AF657E9FD9ACB5994C0A
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CA7025513D3642F03D93670CE168BEEF
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8C1E91FE52F8E4865B2550645184F458
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 596848880CD20B05CC081696E2CAED9D
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B9B7B2568D9DAD6C7F15D32B639C1CBE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst82rgK6UPA6WrmV8Wf_nejjg8h2wJDkjbRbFo8tgyzHbFDdzd1_F7lRtakzVUlgMv5VxJ24OqsKREy5D-9dxpp3LxL6ovzrRZIeUOcwqa18eeIDnCJRVK3VgJSCkUedWeG-pwHatYWrARQ-ZzlZjEpiOr5P_XrJXWPZOcPgV4hK5hTXoU2wyIB0KJF_GrTHfTeLkbn7g48nthoMyH5iJRy0T3kt84-R0z3xOzHX0yasIg9dbVkkr5_eczXo_NVXQZ-SfawB1okXltx81_BZP8O77OQFuOW-WirJG20eni-C7MNsmb0pMSvhokeeNILmbDWXjwcNeRAMjo&sai=AMfl-YTRDVPTFkt2TTHVFmI2c2xIgJUKqSIjdpVEjqZeDnhmui8JWZeGK7nRXDLr3_x4Lb1bbEFvQuFE0x_MxeoC4xNzK5D0o6ISPjwFvrdXTr1Q36Unj_-fBa0KEA6Mtlhq&sig=Cg0ArKJSzOsEGln1pk8cEAE&urlfix=1&adurl=
Frame ID: 527E0810D2B9538DDBA0398F285862D4
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuN5DUbpKWd6TJSrL5bZ_e-oQlSeuzPsgUD2FR-rgTmqDaRNdjIqXiqrtEeFGKPrG6ElZwttH_AkW-CHmoG88qa0CIeSP-8nOJmJiO8RHVlwbtXdZKm_PP0x5J9oTq-J2aMPCzDvoW1QZwM7s6YyX4zCH1h-134RMZPAXUUWsPHKq6Ytv-SPKb4ShEOgbLwMfs6z9aKdECl7LQl5edBuvt0UUrcdxeJWCnpL3H6joJRF2e67kWqzTnTpfN1Lh99hsZxGETRT8JgiLRjd1YeHVPXJlTr2ims24WrhwWpbaD5K2uy1SUbBZPplPDrJnZsR5yFNFPc6ESHuPbLqM&sai=AMfl-YRUYIBRtYfYpIF1E4M2jS2WDVT8CytGaVtBL4s4KF4-y_oyfZoV6F09Lfrato_BXLWmXG4iTiRpbcZpVCnvu4f1p0vLxcTNf-PtgqUxLj_9er0-MPjTt6WY35G1GBM&sig=Cg0ArKJSzHv9DZEwbT4EEAE&urlfix=1&adurl=
Frame ID: 9E81CA2E1EAF0E60CD06828BD9BB0D97
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6489DE85BDB40E05FC5D7058F1FAE3D0
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 98624F898995DF581CA2A54A582FE087
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 95529A4C03C1FA730212CBD3C8B782A8
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B1B8604C14829945662BE54A4E37BE41
Requests: 10 HTTP requests in this frame

Frame: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3E6684926DE5A4C0F81C4DE7B7A0BEA9
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNgoQjK7e7oJ0ps1uhJciZlbX7EzVaa7-ZQdobtBCw3GtZgiBmM8R3MMO76JLPgfe16vabzm8DivCNd_c_v8_0hSiQyBK3JNiyM6Bd2nJJF2kZScuCa2EOZvcxBwzLdRJQ8TwVPrcmcoKPR-qukeKjZMLypnNUnstbof3ZM_o5wMd4dVyW2WTmAm8s9OUfHe2KP4EsEYZaOWi-xe1JHBhS_UCjgxVgLFM8zf9cscx_I_1oGLJb5nmmJVLo1OX-zYShwvvAP0iY4seTucRd5JW7mf1XPKqR4Qy1SmRvccK6kXviEKluUBOjppmtVU8IxLD7C6A&sig=Cg0ArKJSzJ222hVtfXFOEAE&adurl=
Frame ID: 33C023EF9067E52CFDBCA0AE08D7B7A3
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=AE364A24-AEF4-4146-A1D8-E917BB7839CF
Frame ID: B9C616402E8AB06AD7C4CE1B3B29D9D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
Frame ID: 2329AC2785BEBCF33F012D17E058F1AE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 28D90CE4E72E0EB5C1C6B5241EA11226
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973
Frame ID: B171AC702410A6BECD924FDBF684859D
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 2CAD09D037A549E6F98F9BEBF46470B0
Requests: 1 HTTP requests in this frame

Frame: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C20A82B54C50E14294FCF5143342892C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
Frame ID: C6C5EE724F405F48F5D22EAB0823817F
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBjkrqPfRg33zXFMnH6vumDaoxtHrawU3EJtwvXkGdC3fOR0rphxGaIvzLOrS7xay655ufqosrGUjfN_Pq4JUexcGlqbVLIXNz5-x19QwdZsrP-RHEMriAkgoS3omjVXec0foHrxbkBpZJKoVlyO-POBEebSpEe0_DonmWrfWT6az8CvZwpTMoUw2w_JEFkNS2dsWkSbM_Ns8bCmvmIQa4gvzEddUXH4uHSnm4SjPjuvORdm4Nf4nhBcnTOTAQJ1dwRVEAF-h0F0JW-lDCqrcseR5V_Eg6gls3DxTlz2bHmnnHbig&sig=Cg0ArKJSzMeTS2BERxSxEAE&urlfix=1&adurl=
Frame ID: 92F15CABB277C5C18AB4D18A5DCC5A27
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
Frame ID: CE14E94CD59BE3B2F8DFC59A9293697C
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
Frame ID: 547144CFBD66B7710FBF00FC6ADC1A40
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 875280620E46FDFAEA5DA8266B94F45B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 0E182A542F3F17F3564C0EF98F19DA28
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E01976674A62C7BE3B0332EA62365479
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 621A6477ABEEBE2FAF4B521FAFEB3204
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1DC8D51BD694BA698CD11770ECBD1A3B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F48A03FDD064006954DECEE0D6172922
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 42EDBF5FBF7A7752B780E47345DF05B7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: E00CD8F41966F83233EF527ABF6EAD6A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Frame ID: DBDA7F296D9B7E5F8A4DB72FBD1AF92D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
Frame ID: 4EF062C770C40630D104CDA2653A484F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 8306CC71362B8054AC76903C60A73316
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677
Frame ID: EE391173286050FFEADDFF308C484A01
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add
Frame ID: C95FD7C8737ABA4CD4D42B7BC40BADA0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: CA8274DD3171A26F12724E6FF87AE6C4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9850B5F9FCBC5FE3FD17395713A6762F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 30F609AC540E3A8ED55DBD196B542AA9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Frame ID: 79D9F0C2555C357288D00BEC210D3780
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Frame ID: 524FED93FE10CE61C48EA7AE7CF8F813
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 2212079A7C4EECAFD5CACF60B2DE5B97
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4B9772E26ADD64D4D82DE58FB3AA5C88
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 90E1340CFCCFFBDD42944DC715FF72E3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
Frame ID: 02461BD933D3F31E9DA27C4069A58F0A
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: D26FDFA80FC75AE2BD7189FC82D26710
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 048137FDE475FD1EACF702E937B7B403
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 335BA9DD87A1AE66E85D9D2A53FFBAF0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
Frame ID: 78AC8DD8EAD54E4F18841DD095A95EDB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
Frame ID: B4EA1DE85DA9AAF39FC860FB18099A5D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
Frame ID: 98B785ACA82145F5FFDFF62676133D23
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 024DAD6DC394000D5BFFBEC783364BE4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: B962359BA505E9634E2862ACCF7F8DDA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Frame ID: 6056896E21880B6E000A39FF880C6314
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Frame ID: 1D19EFBB492E3FBA4F71605EFECEB158
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 33C3ECB05B74FD41797CFFF6572F88AB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A95F8170C70DCBEE69DF95E7B8CA1E31
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 02F495C915C9A1F4E7E4FAD23D7C6723
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
Frame ID: D023A4510B6694A16FE4B89046441EBF
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: A0014AEC75B5AB6743566A6D745B90D4
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 7E0CDF3D9F582411347F895E3066BD1E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 6CF25E2969BC707EA613787CA6441ACA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
Frame ID: 61FC495525C4D9EF4DF3E335063D6B0F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
Frame ID: BAF7900FFB105560AF01DF83E4371618
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
Frame ID: F8C49E1397324ED898329E66244B3044
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 6CFAC5135AE2A6477A35903B5E342E34
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

445
Requests

99 %
HTTPS

25 %
IPv6

88
Domains

128
Subdomains

86
IPs

14
Countries

3985 kB
Transfer

12156 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=stCIh3xYRTIxY3F1ak5xZGtIQkRCK1BBVjhMWUpwZFNHZ1FETkdsMnJ3U1pDSXBsVGNuMHJRSnkySjFwYU9KcTc3bzlnV1g1T01EVElwUkdoN00vdElGZjVEaDIrQmJKUEJ4ekJKUFVRRmphMVVDVjBEejZRVnYvUHVjYm11aHBYSDVsZEUvay9nRXJodmdhd0RDUHFQQ3VHclpYQjBlalIrYTRNV25ZRFRENVljQUFMQmpoaUMzMEVYMU1aYjJMc05rWDBRYitVSDJNZlo1dVlQU0RFU1prZWZQT1R0bVJsT3RnbE9yTHBnQUdaSDVZPXw&cppv=2
Request Chain 74
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&sscte=1&crd=&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vN4opfby8TWChS45id81ps5mynAe6ToW6cA HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&cid=CAQSKQCNIrLMiHw3hTN2xoGVsoqsuwD11mtoK5qzdxu_425sscOFTARLf8af&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vNwkQ3lV373667WzkKonOpWeVE-DYgi6XxA&random=1292834463&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&cid=CAQSKQCNIrLMiHw3hTN2xoGVsoqsuwD11mtoK5qzdxu_425sscOFTARLf8af&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vNwkQ3lV373667WzkKonOpWeVE-DYgi6XxA&random=1292834463&resp=GooglemKTybQhCsO&ipr=y
Request Chain 85
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
Request Chain 89
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1623943358480 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1623943358480 HTTP 302
  • https://avd.innity.com/sync/?partner=appnexus&token=1807299555491511333&type=cookie&itmcb=1623943358480 HTTP 302
  • https://avd.innity.com/bounce/?%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D1807299555491511333%26type%3Dcookie%26itmcb%3D1623943358480
Request Chain 192
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b2260cb-68c0-4d00-aa4f-2877330b7187
Request Chain 193
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yopam8qCWsnRgl-fz9wUyc6KAJvRjwzBz4jJMZ9Z
Request Chain 194
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEFedekC2nKNQxgvrLvPyvg&google_cver=1
Request Chain 208
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
Request Chain 210
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973
Request Chain 211
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZGwwN0JsdElBQURIaUZySjhkUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZGwwN0JsdElBQURIaUZySjhkUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rjZKJK70QUah2OkXu3g5zw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b2260cb-68c0-4d00-aa4f-2877330b7187
Request Chain 214
  • https://pixel.onaudience.com/?partner=214&mapped=AE364A24-AEF4-4146-A1D8-E917BB7839CF HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=31c436ec425565a261519396812994a7 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=31c436ec425565a261519396812994a7 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=3c59c16a-1a06-4cb4-be13-f1834f838c79&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=3fff020ad3aeb4a2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zcluid=3fff020ad3aeb4a2&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHUtp-hsbQ-80Rlv6vsxnhE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zcluid=3fff020ad3aeb4a2&zdid=1332
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUUzNjRBMjQtQUVGNC00MTQ2LUExRDgtRTkxN0JCNzgzOUNG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2Ng1EThtomNH5wavw6Ko4&google_cver=1
Request Chain 218
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7444902178821496912
Request Chain 219
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&gdpr=0&gdpr_consent=
Request Chain 220
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0432562f-926e-4677-88ae-c9807d3e9cec
Request Chain 221
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1807299555491511333&gdpr=0&gdpr_consent=
Request Chain 223
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=&verify=true
Request Chain 224
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X
Request Chain 225
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YMtowAAB4BFG9AA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=&_test=YMtowAAB4BFG9AA4
Request Chain 226
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 227
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2845108476452106797&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 229
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 230
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
Request Chain 232
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 249
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&cm_dsp_id=85&ixi=1&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMtowX6-fDkfLuTo.m8DqwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
Request Chain 250
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&dcc=t
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECuujU694ixr7sc2AdBLyQQ&google_cver=1
Request Chain 254
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_60cb68c155db9&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60cb68c155db9
Request Chain 255
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1
Request Chain 295
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMtowX6-fDkfLuTo.m8DqwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
Request Chain 297
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 298
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAaIGtuwl4lVfvbvucyj74s&google_cver=1
Request Chain 313
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1MDI5NjM5NTk0OTU0NTE2Ng%3D%3D
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDbY8X6sLH3EZaEStJpB_3M&google_cver=1
Request Chain 315
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmFmZjA5MWYtNjA2My0yNDQ5LWQwN2QtZTkxOTlkMTVkZmY5
Request Chain 328
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 329
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPPZE_GrIzrtp_t6KDjDZXk&google_cver=1&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5
Request Chain 330
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELXT67Y1z5Tuuk1hUs410nM&google_cver=1&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hiEeHY2VQiObXZJwxtNttQ2&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx
Request Chain 331
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_cver=1&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=
Request Chain 332
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s
Request Chain 333
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKy_HT9X754iB58CvdCtUmg&google_cver=1&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8&google_hm=ODE5ODMwNDkzNTY4MzE0NDMxNg%3D%3D
Request Chain 334
  • https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ HTTP 302
  • https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ&av_tc=True HTTP 302
  • https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZWE0MGEzNjctNzRjNC00NGFlLTllZWEtOTlkZGUyOGI5YjUw
Request Chain 337
  • https://fw.adsafeprotected.com/rfw/st/722837/54927600/skeleton.js?adsafe_url=https%3A%2F%2Fwww.sanook.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f091177f-b027-386e-5353-567f607fc2a4,c:fOtaVH,sl:na,em:true,fr:false,mn:app05ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sABCQNm+11%7C121%7C122%7C123%7C124%7C125%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c%7C1d*.722837-54927600%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1f2%7C1f3,idMap:1d*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:663,oid:dba2122f-cf7f-11eb-8352-02bf2b86cc68,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_970x250.js
Request Chain 341
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEIIz5Aw4ZIcg9Az7X1mytAw&google_cver=1&google_push=AYg5qPJRbrMaHMxipd0BAdtHkggVBuDrjjfkxF-BwkDVa_oSz519kzqjsmkSw_F9XO0Y9tPrUjVDI_PAwEFNrrZfbcX-b1q592Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJRbrMaHMxipd0BAdtHkggVBuDrjjfkxF-BwkDVa_oSz519kzqjsmkSw_F9XO0Y9tPrUjVDI_PAwEFNrrZfbcX-b1q592Y&google_hm=NTU0NjkxNzE3OTYxNTU2NjIxMg== HTTP 302
  • https://a.rfihub.com/cm?pub=445&google_error=5
Request Chain 342
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEJ2NoYAdRQBUkEq5MFNnR5k&google_cver=1&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA
Request Chain 343
  • https://a.c.appier.net/gcm?google_gid=CAESEL5ooMy-duwDhXQ8Kr12aso&google_cver=1&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW5ZaFdKZjNCZ3VYNVpoY3cyakxZQQ%3D%3D&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY
Request Chain 344
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_cver=1&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=
Request Chain 345
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEMqc9XIntouNY9GUOhWVClQ&google_cver=1&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOtRz6c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Zzdyb3FzMW1FMWZN&google_ula=2046794&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOtRz6c
Request Chain 346
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA
Request Chain 347
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE%26google_hm%3D%5BUID%5D&google_gid=CAESEEffduR2rR80SjovEtyXpM4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE&google_hm=95f5116d-8660-49f1-8d4e-61cc2201e743
Request Chain 366
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQ_CdaLqhO_hSk787uGVrU&google_cver=1
Request Chain 369
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
Request Chain 370
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5565809440969734050
Request Chain 371
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&gdpr=0&gdpr_consent=
Request Chain 372
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c59c16a-1a06-4cb4-be13-f1834f838c79
Request Chain 373
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 374
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7050296395949545166&gdpr=0&gdpr_consent=
Request Chain 375
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz
Request Chain 376
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=1ddc91a8-187f-4ea7-bd36-48da481362fd&expires=1&user_group=5&ssp=pubmatic&bsw_param=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 377
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677
Request Chain 378
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACdl07BltIAADHiFrJ8dQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add
Request Chain 379
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 380
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8LpOp72pR8KVluWsa-_FBw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 382
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjBCQTRFQTctQkRBOS00N0MyLTk1OTYtRTVBQzZCRUZDNTA3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 386
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kjcy56tE2uVTps1MbfEO6dUKUkJnWY4-~A&gdpr=0&gdpr_consent=
Request Chain 387
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=
Request Chain 388
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2751009170363871789&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 393
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 394
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7419099741 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3c59c16a-1a06-4cb4-be13-f1834f838c79 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Request Chain 395
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Request Chain 399
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
Request Chain 400
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 402
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 403
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
Request Chain 404
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
Request Chain 405
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
Request Chain 407
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
Request Chain 408
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 410
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 411
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Request Chain 412
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d9ce3f4b-c468-411d-8427-001fa7f18f4e
Request Chain 413
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd1550d8-cf7f-11eb-a11f-7b7d63553c25&gdpr=0&gdpr_consent=
Request Chain 414
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
Request Chain 415
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 417
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 418
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 419
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5263073156 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3c59c16a-1a06-4cb4-be13-f1834f838c79 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Request Chain 420
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Request Chain 423
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Request Chain 424
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_9de1c230-afe0-4737-be5b-a35c97fd4049
Request Chain 426
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
Request Chain 427
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 429
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 430
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
Request Chain 431
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd2704a8-cf7f-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
Request Chain 432
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
Request Chain 433
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1

445 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.sanook.com/
655 KB
44 KB
Document
General
Full URL
https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
2c003389936cf0796514f0d6dd1a6254e7cf80241452c93ce135c13401057872
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Host
www.sanook.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 17 Jun 2021 15:22:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
SN-Cache-Status
HIT
X-Ua-Device
desktop
X-Ua-Type
human
X-Ua-Key
cover_display
X-Ua-Exp
notset
X-Ua-isExpReadpage
0
X-Ua-shouldPass
0
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
styles.e0e44015.chunk.css
s.isanook.com/sr/0/_next/static/css/
35 KB
8 KB
Stylesheet
General
Full URL
https://s.isanook.com/sr/0/_next/static/css/styles.e0e44015.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 04:24:16 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 04:22:04 GMT
server
Lego Server
age
0
etag
W/"60c2e4ec-8b78"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3253967863699819155
accept-ranges
bytes
content-length
7608
expires
Sun, 11 Jul 2021 04:24:16 GMT
b0367955a9a22d497ae9f047ae41e4de2ed7a4ff.e122f107.chunk.css
s.isanook.com/sr/0/_next/static/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://s.isanook.com/sr/0/_next/static/css/b0367955a9a22d497ae9f047ae41e4de2ed7a4ff.e122f107.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:26 GMT
server
Lego Server
age
0
etag
W/"60cab7fa-1bcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5247882518870446213
accept-ranges
bytes
content-length
1707
expires
Sat, 17 Jul 2021 03:01:38 GMT
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/
1 KB
739 B
Script
General
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:30:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 May 2018 08:30:09 GMT
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4456861139284919682
accept-ranges
bytes
content-length
548
expires
Sat, 10 Jul 2021 00:30:53 GMT
publishertag.js
static.criteo.net/js/ld/
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:36 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:10:01 GMT
server
nginx
etag
W/"60b79139-1d469"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 18 Jun 2021 15:22:36 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/
375 B
494 B
Script
General
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
etag
"5296e90f-177"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4229368660577808802
accept-ranges
bytes
content-length
266
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/
0
0

aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjY0MTMvc2Fub29rX3RodW1ibmFpbF8xMjAweDcyMC0yLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/
48 KB
48 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjY0MTMvc2Fub29rX3RodW1ibmFpbF8xMjAweDcyMC0yLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
0cdebf332d3618da868300642219a30c2c7b807728685b8986379a318ecf5fdf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:37:00 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9704448732454481573
accept-ranges
bytes
content-length
49303
expires
Sat, 17 Jul 2021 14:37:00 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjU5NDkvaGgoMSkuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
8 KB
8 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjU5NDkvaGgoMSkuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
0517939adf31a748c050f6346b0b33a4f702b7cd49600c0dfb4664a67c965fc3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:13:34 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12680104328118780543
accept-ranges
bytes
content-length
8519
expires
Sat, 17 Jul 2021 03:13:34 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ2ODUvbmV3cHJvamVjdC0yMDIxLTA2LTE0dDE1MjcuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
7 KB
7 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ2ODUvbmV3cHJvamVjdC0yMDIxLTA2LTE0dDE1MjcuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
28fc16368231dc391eaf63180d2f3c469e8a8e8a8237121c9eca7b4285188c48

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17830982326303460875
accept-ranges
bytes
content-length
6766
expires
Sat, 17 Jul 2021 13:05:33 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYxMTMvcF9zcG9ydC0yMDIxLTA2LTE3dDA4NDcxOS41LmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
7 KB
7 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYxMTMvcF9zcG9ydC0yMDIxLTA2LTE3dDA4NDcxOS41LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e8246b428a5957d64eca65688abc8ab94b252835cded7bc43ca1ad0db5b3666d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12598655647001952075
accept-ranges
bytes
content-length
7020
expires
Sat, 17 Jul 2021 13:05:33 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzNjEvMy5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
5 KB
5 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzNjEvMy5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1db5deb58a44fcc8f03e499f735494523624ae54c8b710cdb3af91536e79de19

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
943973715651314486
accept-ranges
bytes
content-length
5431
expires
Sat, 17 Jul 2021 13:05:33 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjY0MDkvY29sbGFnZS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
5 KB
5 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjY0MDkvY29sbGFnZS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
57aad0eb32478aac681048ab9824a8b427c40d19e85897db861bb403f8f13c7b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3574380567058784662
accept-ranges
bytes
content-length
5366
expires
Sat, 17 Jul 2021 13:05:33 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjU3MzMvYWhyMGNobTZseTl6bG1senl3NXZiMnN1eTI5dGwuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
8 KB
8 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjU3MzMvYWhyMGNobTZseTl6bG1senl3NXZiMnN1eTI5dGwuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
35b684a020b50c10e1b42cc6d725b0a4db17190f26eb6a93ce8a9527dfc775c9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5155563371685744760
accept-ranges
bytes
content-length
8483
expires
Sat, 17 Jul 2021 13:05:33 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYyNjkvaWtlYS1mcmFuY2UtZXNwb2luYWdlLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
6 KB
6 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYyNjkvaWtlYS1mcmFuY2UtZXNwb2luYWdlLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
822bd9d006dbb6645f5d81a7ecd887f2ac3b966c3ac98ef6c4e3964c5d568b15

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:07:24 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13181305171543617849
accept-ranges
bytes
content-length
6352
expires
Sat, 17 Jul 2021 14:07:24 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjUxMzcvdG5ob21lMTczLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
7 KB
7 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjUxMzcvdG5ob21lMTczLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a9b0042ee62511bb68c172c7281de2e2e392790dad297d85055e98be565930bc

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1791791341540624312
accept-ranges
bytes
content-length
7517
expires
Sat, 17 Jul 2021 13:05:33 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzNDEvcGFnZS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
7 KB
7 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzNDEvcGFnZS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
0a419d02e11deedca8f2782c692be6185d0f1e588d4d747d992323c9a2f1ff70

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:46:59 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-e7fKb4cXE2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9586012501154775118
accept-ranges
bytes
content-length
7121
expires
Sat, 17 Jul 2021 14:46:59 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzMjUvc3VwZXJyb2JvdHdhcnMzMCgxKS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/
8 KB
8 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzMjUvc3VwZXJyb2JvdHdhcnMzMCgxKS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
6da2d71f0662c4f3dfab496c7a7e5510cc2ceab4725452758669f68cd3ffc95a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:05:33 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17897306351427325249
accept-ranges
bytes
content-length
7787
expires
Sat, 17 Jul 2021 13:05:33 GMT
category.js
s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/common/
627 KB
141 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/common/category.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f694d27b06b472d3776ce0fa1c5449e90ed98eaac957785afd6321e3ed4e1e04

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:26 GMT
server
Lego Server
age
0
etag
W/"60cab7fa-9cbb2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1473059306492301862
accept-ranges
bytes
content-length
143700
expires
Sat, 17 Jul 2021 03:01:38 GMT
_app.js
s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/
329 KB
71 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e4f23332d4748e331a4d57b5d6007ba7af36ca5bda105942ed74f68ce365f144

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:26 GMT
server
Lego Server
age
0
etag
W/"60cab7fa-52584"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6777891473923322336
accept-ranges
bytes
content-length
72524
expires
Sat, 17 Jul 2021 03:01:38 GMT
webpack-c2835681ae534c98c119.js
s.isanook.com/sr/0/_next/static/runtime/
7 KB
3 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
aefa474da0458e44b73f36cee85fbcb2acd8bf5b571748f454c8a45161ba000f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:26 GMT
server
Lego Server
age
0
etag
W/"60cab7fa-1a77"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
7512266034075117294
accept-ranges
bytes
content-length
3029
expires
Sat, 17 Jul 2021 03:01:38 GMT
framework.a8c446334694403b7af5.js
s.isanook.com/sr/0/_next/static/chunks/
136 KB
45 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework.a8c446334694403b7af5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
2
etag
W/"60c30c39-220b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12893592859627111705
accept-ranges
bytes
content-length
46310
expires
Mon, 12 Jul 2021 10:03:38 GMT
23e5d2c346b06b9b422377979e9d2b603549eff2.6ee61761ec68b3509c52.js
s.isanook.com/sr/0/_next/static/chunks/
6 KB
3 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/23e5d2c346b06b9b422377979e9d2b603549eff2.6ee61761ec68b3509c52.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:26 GMT
server
Lego Server
age
0
etag
W/"60cab7fa-1995"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2858541267574609461
accept-ranges
bytes
content-length
2469
expires
Sat, 17 Jul 2021 03:01:38 GMT
5466013ee3cffe5a81a798f6d0b046865c48b9c3.72cd02f786ed330dfcb4.js
s.isanook.com/sr/0/_next/static/chunks/
7 KB
3 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5466013ee3cffe5a81a798f6d0b046865c48b9c3.72cd02f786ed330dfcb4.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f0b002f3bbd864cec1fe3869c5add1468504ef19e6593bb5fb5c3a498c3edb9e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-1def"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6640209789358359330
accept-ranges
bytes
content-length
2559
expires
Sat, 17 Jul 2021 03:01:38 GMT
44926a7f1e8cb8f1946a9c35158bbb3821565aa9.f730df8e8b37583cb0b9.js
s.isanook.com/sr/0/_next/static/chunks/
13 KB
5 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/44926a7f1e8cb8f1946a9c35158bbb3821565aa9.f730df8e8b37583cb0b9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ef4e71e9a2ab98f6494be890955e6426a21459dd86f030cce59f05e61b9b5016

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:37:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
"60cab7f9-320a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16344534111472676981
accept-ranges
bytes
content-length
4709
expires
Sat, 17 Jul 2021 03:37:15 GMT
ec5612319a13e9c7fdfde79a1c6bbfecea985630.b7595c8340c8fcd5e360.js
s.isanook.com/sr/0/_next/static/chunks/
47 KB
18 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ec5612319a13e9c7fdfde79a1c6bbfecea985630.b7595c8340c8fcd5e360.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:32:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
48628
server
Lego Server
age
0
etag
W/"60cab7f9-bdf4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8254320922870505806
accept-ranges
bytes
content-length
17763
expires
Sat, 17 Jul 2021 03:32:42 GMT
94e5ba8261a97cca262d92b9023a9666455748f6.e4725ddb2c84cda01172.js
s.isanook.com/sr/0/_next/static/chunks/
150 KB
46 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/94e5ba8261a97cca262d92b9023a9666455748f6.e4725ddb2c84cda01172.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-2565e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5646124381316404426
accept-ranges
bytes
content-length
47008
expires
Sat, 17 Jul 2021 03:01:38 GMT
415cc29571e0b905875e9f49f07a94737275e6fa.7a1a2b2083b0c66bf6e7.js
s.isanook.com/sr/0/_next/static/chunks/
40 KB
14 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/415cc29571e0b905875e9f49f07a94737275e6fa.7a1a2b2083b0c66bf6e7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-9fa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9026140403043874964
accept-ranges
bytes
content-length
14572
expires
Sat, 17 Jul 2021 03:01:38 GMT
c0ac2e790aec42522b7f11570b55cbf546e9c466.af027d836b2282fda407.js
s.isanook.com/sr/0/_next/static/chunks/
39 KB
13 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/c0ac2e790aec42522b7f11570b55cbf546e9c466.af027d836b2282fda407.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-9da8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10455901454389842898
accept-ranges
bytes
content-length
12714
expires
Sat, 17 Jul 2021 03:01:38 GMT
6f6e240ca28cbb56fe1b285fe0abf22d032eb1f2.2ecb9e18e02fabaac6c7.js
s.isanook.com/sr/0/_next/static/chunks/
62 KB
19 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6f6e240ca28cbb56fe1b285fe0abf22d032eb1f2.2ecb9e18e02fabaac6c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:32:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
63749
server
Lego Server
age
0
etag
W/"60cab7f9-f905"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9490097081678601432
accept-ranges
bytes
content-length
18959
expires
Sat, 17 Jul 2021 03:32:42 GMT
d6577ecef0948e661ace853cdcf61a998c2aa83e.c74985a28258bd8a1ada.js
s.isanook.com/sr/0/_next/static/chunks/
18 KB
6 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/d6577ecef0948e661ace853cdcf61a998c2aa83e.c74985a28258bd8a1ada.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ea97cb8133264d34a7c9a2969e45ea82b20956ec88c1b8bb4892fda102f4c6f7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-49e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
16846495063515907402
accept-ranges
bytes
content-length
6105
expires
Sat, 17 Jul 2021 03:01:38 GMT
f1311e74398f87b1995111810d08c1a388413b11.d43661cb11d428343663.js
s.isanook.com/sr/0/_next/static/chunks/
19 KB
7 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/f1311e74398f87b1995111810d08c1a388413b11.d43661cb11d428343663.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
313bc1d183c3afddcbdbcc4974b7b52a294d6048abfbf22f8f458eb07f5f68ec

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 06:15:13 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
age
3478
ntcoent-length
19676
content-length
6943
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
etag
"60cab7f9-4cdc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7000612326228486150
accept-ranges
bytes
expires
Sat, 17 Jul 2021 06:15:13 GMT
bb0f87cd0590ddc521e0b30df44ada9e80d6f874.25b32f2bf3ce9d3af029.js
s.isanook.com/sr/0/_next/static/chunks/
12 KB
4 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/bb0f87cd0590ddc521e0b30df44ada9e80d6f874.25b32f2bf3ce9d3af029.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:32:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
age
13228
ntcoent-length
11793
content-length
3474
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
etag
"60cab7f9-2e11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
112920516187679218
accept-ranges
bytes
expires
Sat, 17 Jul 2021 03:32:42 GMT
26e57cc433838abc0ffd5e04c06d69731b5dc4e8.88ab629e351d2314d04e.js
s.isanook.com/sr/0/_next/static/chunks/
284 KB
55 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/26e57cc433838abc0ffd5e04c06d69731b5dc4e8.88ab629e351d2314d04e.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7a636173433040eaadd28a28bb7b07173bd735977615b9b783d25e915c231666

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-46fb5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2782376987402718069
accept-ranges
bytes
content-length
56468
expires
Sat, 17 Jul 2021 03:01:38 GMT
c76aa74fc08c45ae98eaa0cead7285158e34df8a.db1b049ee320c7a7c3f9.js
s.isanook.com/sr/0/_next/static/chunks/
30 KB
7 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/c76aa74fc08c45ae98eaa0cead7285158e34df8a.db1b049ee320c7a7c3f9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 17 Jun 2021 02:48:26 GMT
server
Lego Server
age
0
etag
W/"60cab7fa-776e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
3908565483858929192
accept-ranges
bytes
content-length
7416
expires
Sat, 17 Jul 2021 03:01:38 GMT
styles.0ca305d73607ebe4ae5a.js
s.isanook.com/sr/0/_next/static/chunks/
107 B
302 B
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/styles.0ca305d73607ebe4ae5a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4996a083825c331e56e13372d3eb0660679a2c19b84032b9bcc6eb1e0792f569

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:50:58 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 04:59:42 GMT
server
Lego Server
age
31531
etag
"60c9853e-6b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11291336690546564713
accept-ranges
bytes
content-length
107
expires
Fri, 16 Jul 2021 08:50:58 GMT
main-2908131e712561857f39.js
s.isanook.com/sr/0/_next/static/runtime/
13 KB
5 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
9eab4bc0eec58056c3b00a50a62561731b2620c59302f501f34ba4de6421aa31

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 23:55:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
age
194264
ntcoent-length
13391
content-length
5063
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
etag
"60c30c3a-344f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7712774991501435788
accept-ranges
bytes
expires
Tue, 13 Jul 2021 23:55:14 GMT
d372a20dd6399737a3982f419ebce0d9daad53dd.ba405c7daaf7facffe5c.js
s.isanook.com/sr/0/_next/static/chunks/
251 KB
26 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/d372a20dd6399737a3982f419ebce0d9daad53dd.ba405c7daaf7facffe5c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fec554dc67cf85228a5b76981f07b368a75d285eddd3d67f2537eb61fd6d9f10

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-3ea30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
253085886166647418
accept-ranges
bytes
content-length
26020
expires
Sat, 17 Jul 2021 03:01:38 GMT
45232adf18d555e6562ceb65eb7ebe49cf9cb2a5.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/
18 KB
5 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/45232adf18d555e6562ceb65eb7ebe49cf9cb2a5.02e73207f7dab7fbde40.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"60cab7f9-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
11714603566877961626
accept-ranges
bytes
content-length
5292
expires
Sat, 17 Jul 2021 03:01:38 GMT
a1964d9b6eef054f5f4f7db732d26a0919314bbb.115e3508778f913c00c1.js
s.isanook.com/sr/0/_next/static/chunks/
13 KB
5 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/a1964d9b6eef054f5f4f7db732d26a0919314bbb.115e3508778f913c00c1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
8b64e9644f2f8cf98b093aec08032e56ebc4becf2b6768eaf24163a423dae655

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14439092674088503981
accept-ranges
bytes
content-length
4708
expires
Sat, 17 Jul 2021 03:01:38 GMT
433412772918bb56dd724f6b94a3198d9bb3fad3.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/
12 KB
4 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/433412772918bb56dd724f6b94a3198d9bb3fad3.8c7201dca81875cd9bba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2723583049871553667
accept-ranges
bytes
content-length
3936
expires
Sat, 17 Jul 2021 03:01:38 GMT
837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js
s.isanook.com/sr/0/_next/static/chunks/
212 KB
47 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a3efab061ef483ca4d6d0ead3c0b415ddba24a57d55366f89738c12b5da174b8

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-3519a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6488922155325296077
accept-ranges
bytes
content-length
48378
expires
Sat, 17 Jul 2021 03:01:38 GMT
d79bfb941bed20e52f2717b0a2e1d1492384fa96.6fe0d2db4ad1278b3e1b.js
s.isanook.com/sr/0/_next/static/chunks/
15 KB
4 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/d79bfb941bed20e52f2717b0a2e1d1492384fa96.6fe0d2db4ad1278b3e1b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-3c2a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2470396783629298596
accept-ranges
bytes
content-length
3643
expires
Sat, 17 Jul 2021 03:01:38 GMT
37788c12fde364d8af75326163b9cf5da35807cb.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/
34 KB
8 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/37788c12fde364d8af75326163b9cf5da35807cb.373763efdd431ed68264.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15441946227092921485
accept-ranges
bytes
content-length
8443
expires
Sat, 17 Jul 2021 03:01:38 GMT
46a0bbc5aecc4709930df957530a48c8bc680d40.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/
6 KB
3 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/46a0bbc5aecc4709930df957530a48c8bc680d40.1c26ec41cba2d9195163.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"60cab7f9-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13523009870366437998
accept-ranges
bytes
content-length
2659
expires
Sat, 17 Jul 2021 03:01:38 GMT
1b91c73627dbf66500087ebd556769da2d95a350.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/
29 KB
6 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1b91c73627dbf66500087ebd556769da2d95a350.99c2898dcbff2a789c9c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
203396453251767700
accept-ranges
bytes
content-length
5530
expires
Sat, 17 Jul 2021 03:01:38 GMT
b0367955a9a22d497ae9f047ae41e4de2ed7a4ff.d78986082232a551f17b.js
s.isanook.com/sr/0/_next/static/chunks/
52 KB
15 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/b0367955a9a22d497ae9f047ae41e4de2ed7a4ff.d78986082232a551f17b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
56e6ed5bbbb9077c8bfdda4d8ca32afff6c7368bb1ade4a6f57ecf3a26df870c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-d1e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17082854682988572553
accept-ranges
bytes
content-length
15077
expires
Sat, 17 Jul 2021 03:01:38 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/
5 KB
2 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
13fddc04b2c9562fc41facd921cdf8eeace3f4e7f954374f3934cfad44a880bb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
4893
server
Lego Server
age
13215
etag
W/"60cab7fa-131d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5575208248890660196
accept-ranges
bytes
content-length
1744
expires
Sat, 17 Jul 2021 03:01:38 GMT
oppa.js
p3.isanook.com/sh/0/js/
537 B
496 B
Script
General
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
etag
W/"591c0bd4-219"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17157670079539212835
accept-ranges
bytes
content-length
363
db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
s.isanook.com/sr/0/js/izooto/
120 KB
34 KB
Script
General
Full URL
https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
dc8acdb75d8e5a18b6c02d03a842bf4383df926b7a4aad907614a037e5eaa277

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 01:22:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
122756
server
Lego Server
age
204068
etag
W/"PSA-aj-4UqXOPMF_n"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16804102574140160611
accept-ranges
bytes
content-length
34490
expires
Sat, 10 Jul 2021 01:07:17 GMT
gtm.js
www.googletagmanager.com/
134 KB
42 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3db55ba67b886a7c0d4f317b266a3f19f5aff866f08f7978a739c6bcd76c9811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43089
x-xss-protection
0
last-modified
Thu, 17 Jun 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 17 Jun 2021 15:22:36 GMT
d0004449.js
lvs2.truehits.in.th/dataa/
8 KB
3 KB
Script
General
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 15:22:36 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
Last-Modified
Thu, 17 Jun 2021 07:02:00 GMT
Server
NWS_Oversea_AP
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
max-age=604800
X-Daa-Tunnel
hop_count=1
X-NWS-LOG-UUID
a875f263-4f2f-4c88-8fc4-3d81345d1470
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
2946
Expires
Thu, 24 Jun 2021 15:22:36 GMT
a102.js
sal.isanook.com/js/
23 KB
10 KB
Script
General
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
24035
date
Thu, 17 Jun 2021 15:22:38 GMT
content-encoding
gzip
last-modified
Mon, 10 Aug 2020 09:23:14 GMT
server
nginx
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10300
expires
Sat, 17 Jul 2021 15:22:38 GMT
fbevents.js
connect.facebook.net/en_US/
94 KB
25 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24517
x-xss-protection
0
pragma
public
x-fb-debug
0zwgGsa4VzgnZskC6G37dosFh1hg8PY1F0gsZfnXxAJkSFpN+QCLahjm2G4YmpLAoWq6U0ENne9joTWSbd3XmA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 17 Jun 2021 15:22:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo-sanook.svg
s.isanook.com/sr/0/images/
6 KB
6 KB
Image
General
Full URL
https://s.isanook.com/sr/0/images/logo-sanook.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:52:31 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:12 GMT
server
Lego Server
age
25652
etag
W/"60c9855c-1633"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
4677114787578700223
accept-ranges
bytes
content-length
5683
expires
Fri, 16 Jul 2021 08:52:31 GMT
wetv-g.svg
s.isanook.com/sr/0/images/homewetv/
4 KB
5 KB
Image
General
Full URL
https://s.isanook.com/sr/0/images/homewetv/wetv-g.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:52:46 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 04:59:59 GMT
server
Lego Server
age
3806
etag
W/"60c9854f-113a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
1908276189357906616
accept-ranges
bytes
content-length
4410
expires
Fri, 16 Jul 2021 08:52:46 GMT
covid-bg.png
s.isanook.com/sr/0/images/events/2020/covid2019/
3 KB
3 KB
Image
General
Full URL
https://s.isanook.com/sr/0/images/events/2020/covid2019/covid-bg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7f90dcd0fba90d90c2bb4b845ecacdfb21873fef07fc57d931fce0a5a43f4a40

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 04:33:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:30 GMT
server
Lego Server
age
0
etag
"60cab7fe-c8d"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7958823342607296525
accept-ranges
bytes
content-length
3213
expires
Sat, 17 Jul 2021 04:33:36 GMT
base-icon-v1.0.33.woff2
s.isanook.com/sr/0/fonts/icon/
34 KB
34 KB
Font
General
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.33.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 03:42:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 03:31:26 GMT
server
Lego Server
age
0
etag
"60c2d90e-886c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
7094828905879167802
accept-ranges
bytes
content-length
34924
expires
Sun, 11 Jul 2021 03:42:53 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/
31 KB
31 KB
Font
General
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 03:54:10 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 09 Jun 2021 04:46:45 GMT
server
Lego Server
age
194970
etag
"60c047b5-7a90"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
1402484836891093119
accept-ranges
bytes
content-length
31376
expires
Sat, 10 Jul 2021 03:54:10 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/
31 KB
32 KB
Font
General
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 08:52:01 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 11 Jun 2021 07:09:49 GMT
server
Lego Server
age
160291
etag
"60c30c3d-7df4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6018129574134965110
accept-ranges
bytes
content-length
32244
expires
Wed, 14 Jul 2021 08:52:01 GMT
1489944661112333
connect.facebook.net/signals/config/
261 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.41&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c361370e5b93024f75c586ec20a5692f4a4e7dbe2ef15905b75cd47d74dfceb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75784
x-xss-protection
0
pragma
public
x-fb-debug
gyK1LuAOyEI6KyCbcc47oGFtvf1vQuVpLn/WeQSqTTqt6lLFp692oKe1OcVpKDlIJ40O2XggihA19dTmTKg6CA==
x-frame-options
DENY
date
Thu, 17 Jun 2021 15:22:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
goggen.php
lvs2.truehits.in.th/
91 B
441 B
Image
General
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=yA1RX46rXb%2bDzXMUH/wxfQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=44CE3C16.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 15:22:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
no-cache
X-Daa-Tunnel
hop_count=2
X-NWS-LOG-UUID
d5bfcec0-48b9-450b-941b-11273ba969c2
Connection
keep-alive
Content-Type
image/jpeg
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/
2 MB
195 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
gzip
last-modified
Wed, 09 Jun 2021 02:13:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a0a4a-1896b8-5c44bd063c1a9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=57539
accept-ranges
bytes
content-type
text/javascript
content-length
198970
expires
Fri, 18 Jun 2021 07:21:36 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1440
date
Thu, 17 Jun 2021 14:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 17 Jun 2021 16:58:37 GMT
conversion_async.js
www.googleadservices.com/pagead/
36 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a38be1af053ab88f66edd53f84ef3df0d69c2447ccb801d17d62ee74e03fcf2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14001
x-xss-protection
0
server
cafe
etag
14997771784825138903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 15:22:37 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1623943357331&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623943357329.804690212&it=1623943357187&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 17 Jun 2021 15:22:37 GMT
js
www.google-analytics.com/gtm/
93 KB
36 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NBRLWV4&t=gtm4&cid=343587080.1623943357
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c07d8d1de782177a97372172e2c5dfed7946b584afe569e2353fb158715743dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36999
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:37 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1623943357377&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
6f4edf42f57ab049ff5c1e111189c998762737248dca9a5556ef97cc2210ea67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1268
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/privacysandbox/conversion/1007499765/
0
0
Image
General
Full URL
https://www.google.com/pagead/privacysandbox/conversion/1007499765/?random=1623943357377&cv=9&fst=1623943357377&num=1&fmt=3&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1623943357419&cv=9&fst=1623943357419&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
6ab30c05860dc5426ee66e700ae6c5a5ede1ac7d4432b6580f93661f33994ff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1069
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1469068318&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=11989492&gjid=962888306&cid=343587080.1623943357&tid=UA-8147095-6&_gid=1289261235.1623943357&_r=1&gtm=2wg6g0PNXLXRS&cd4=0&cd12=1623943357437.aov8fcurg&cd22=firstpage&cd23=indexpage&z=835249059
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
Protocol
H2
Server
2a02:2638::1c , France, ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.sanook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1655
date
Thu, 17 Jun 2021 15:22:36 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
  • https://mug.criteo.com/sid?cpp=stCIh3xYRTIxY3F1ak5xZGtIQkRCK1BBVjhMWUpwZFNHZ1FETkdsMnJ3U1pDSXBsVGNuMHJRSnkySjFwYU9KcTc3bzlnV1g1T01EVElwUkdoN00vdElGZjVEaDIrQmJKUEJ4ekJKUFVRRmphMVVDVjBEejZRVnYvUHVjYm...
350 B
633 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=stCIh3xYRTIxY3F1ak5xZGtIQkRCK1BBVjhMWUpwZFNHZ1FETkdsMnJ3U1pDSXBsVGNuMHJRSnkySjFwYU9KcTc3bzlnV1g1T01EVElwUkdoN00vdElGZjVEaDIrQmJKUEJ4ekJKUFVRRmphMVVDVjBEejZRVnYvUHVjYm11aHBYSDVsZEUvay9nRXJodmdhd0RDUHFQQ3VHclpYQjBlalIrYTRNV25ZRFRENVljQUFMQmpoaUMzMEVYMU1aYjJMc05rWDBRYitVSDJNZlo1dVlQU0RFU1prZWZQT1R0bVJsT3RnbE9yTHBnQUdaSDVZPXw&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN (),
Reverse DNS
Software
/
Resource Hash
7b0f134d3c5fc97ef8feb1488957d50fb3fe61134848ad8c7e4a292c73d1071a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 17 Jun 2021 15:22:37 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2378
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 17 Jun 2021 15:22:37 GMT
location
https://mug.criteo.com/sid?cpp=stCIh3xYRTIxY3F1ak5xZGtIQkRCK1BBVjhMWUpwZFNHZ1FETkdsMnJ3U1pDSXBsVGNuMHJRSnkySjFwYU9KcTc3bzlnV1g1T01EVElwUkdoN00vdElGZjVEaDIrQmJKUEJ4ekJKUFVRRmphMVVDVjBEejZRVnYvUHVjYm11aHBYSDVsZEUvay9nRXJodmdhd0RDUHFQQ3VHclpYQjBlalIrYTRNV25ZRFRENVljQUFMQmpoaUMzMEVYMU1aYjJMc05rWDBRYitVSDJNZlo1dVlQU0RFU1prZWZQT1R0bVJsT3RnbE9yTHBnQUdaSDVZPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1679
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/
63 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1923d80074cb1c0adebc7cf62681da3dc1502b06f7f8b03ddcd8d20a7d6047b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"905 / 452 of 1000 / last-modified: 1623928601"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21551
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:37 GMT
collect
stats.g.doubleclick.net/j/
4 B
433 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-8147095-6&cid=343587080.1623943357&jid=11989492&gjid=962888306&_gid=1289261235.1623943357&_u=aGDAAEACQAAAAC~&z=1826674090
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 17 Jun 2021 15:22:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=16...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&cid=CAQSKQCNIrLMiHw3hTN2xoGVsoqsuwD11mtoK5qzdxu_425sscOFTARLf8af&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vNwkQ3lV373667WzkKonOpWeVE-DYgi6XxA&random=1292834463&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=1629577150&cv=9&fst=1623943357377&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1490695029.1623943357&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=vWjLYJbfGojt3gOVwJ74Aw&cid=CAQSKQCNIrLMiHw3hTN2xoGVsoqsuwD11mtoK5qzdxu_425sscOFTARLf8af&eitems=ChAI8OWrhgYQ3uPf_fvSz8xmEh0Aus-vNwkQ3lV373667WzkKonOpWeVE-DYgi6XxA&random=1292834463&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/408516141/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1623943357419&cv=9&fst=1623942000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&async=1&fmt=3&is_vtc=1&random=1115957460&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/
42 B
569 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1623943357419&cv=9&fst=1623942000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&async=1&fmt=3&is_vtc=1&random=1115957460&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021061502.js
securepubads.g.doubleclick.net/gpt/
326 KB
115 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
4ecfa657a94c57109985f7d07882a68936fe311340910a2f592ebd80a1c82906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Jun 2021 21:12:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116908
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:37 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-8147095-6&cid=343587080.1623943357&jid=11989492&_u=aGDAAEACQAAAAC~&z=906960327
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-8147095-6&cid=343587080.1623943357&jid=11989492&_u=aGDAAEACQAAAAC~&z=906960327
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.82.63 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:08:19 GMT
via
1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
858
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
EeomdudhF_GIjUhCmWwHAcqmYk-FxKXFzS2kzDm743fZK_QinxTf-w==
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/
8 KB
4 KB
Script
General
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 15:22:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.18.0
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2507993
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Fri, 16 Jul 2021 16:02:30 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=stCIh3xYRTIxY3F1ak5xZGtIQkRCK1BBVjhMWUpwZFNHZ1FETkdsMnJ3U1pDSXBsVGNuMHJRSnkySjFwYU9KcTc3bzlnV1g1T01EVElwUkdoN00vdElGZjVEaDIrQmJKUEJ4ekJKUFVRRmphMVVDVjBEejZRVnYvUHVjYm11aHBYSDVsZEUvay9nRXJodmdhd0RDUHFQQ3VHclpYQjBlalIrYTRNV25ZRFRENVljQUFMQmpoaUMzMEVYMU1aYjJMc05rWDBRYitVSDJNZlo1dVlQU0RFU1prZWZQT1R0bVJsT3RnbE9yTHBnQUdaSDVZPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
862
date
Thu, 17 Jun 2021 15:22:37 GMT
content-encoding
gzip
vary
Accept-Encoding
dc.js
avd.innity.net/lib/
20 KB
7 KB
Script
General
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 15:22:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 01:29:24 GMT
Server
nginx/1.18.0
ETag
"5fa203f4-51a4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2497874
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6437
Expires
Fri, 16 Jul 2021 13:13:51 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/
8 KB
3 KB
Script
General
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 15:22:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2439688
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Thu, 15 Jul 2021 21:04:05 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8...
64 B
328 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.82.63 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:37 GMT
via
1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
5TL-pbziEiLn_TpybLj1LgVGcYOpAC_rcQaiyUYsj8sHwJSEA8clQg==

Redirect headers

date
Thu, 17 Jun 2021 15:22:37 GMT
via
1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623943357720&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
content-length
433
x-amz-cf-id
ZCUI3nDqOcN30FO6xvx0fCxFtZnSvrLi4ObBq9hADVxykpjoRxPIYw==
/
avd.innity.com/dc/cb/
59 B
724 B
Script
General
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
Apache /
Resource Hash
b48893b6aa61aa39b43f18ef69b68f3b160c0e4372edd8f05c078b7025bfb93f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jun 2021 15:22:38 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
application/javascript
Content-Length
77
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
www.facebook.com/tr/
0
15 B
Ping
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryg0KRaiQgjAobe8dX

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 17 Jun 2021 15:22:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
/
avd.innity.com/dc/
43 B
604 B
Image
General
Full URL
https://avd.innity.com/dc/?cl=225&cuid=ad65656fd510226007c7023f3585bc61&cb=1623943358479&douid=&sess=36700016.225.1623943358478&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:38 GMT
Last-Modified
Thu, 17 Jun 2021 15:22:38 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/bounce/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1623943358480
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1623943358480
  • https://avd.innity.com/sync/?partner=appnexus&token=1807299555491511333&type=cookie&itmcb=1623943358480
  • https://avd.innity.com/bounce/?%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D1807299555491511333%26type%3Dcookie%26itmcb%3D1623943358480
43 B
471 B
Image
General
Full URL
https://avd.innity.com/bounce/?%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D1807299555491511333%26type%3Dcookie%26itmcb%3D1623943358480
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:40 GMT
Last-Modified
Thu, 17 Jun 2021 15:22:40 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Location
/bounce/?%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D1807299555491511333%26type%3Dcookie%26itmcb%3D1623943358480
Date
Thu, 17 Jun 2021 15:22:39 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
avd.innity.com/sync/
43 B
471 B
Image
General
Full URL
https://avd.innity.com/sync/?partner=innity&token=ad65656fd510226007c7023f3585bc61&type=cookie&itmcb=1623943358480
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:40 GMT
Last-Modified
Thu, 17 Jun 2021 15:22:40 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
123e19f2.8e7e22347c3c27645b2d.js
s.isanook.com/sr/0/_next/static/chunks/
376 KB
106 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/123e19f2.8e7e22347c3c27645b2d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 01:35:55 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
age
0
etag
W/"60c30c3a-5e0f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10361906997590205480
accept-ranges
bytes
content-length
108222
expires
Wed, 14 Jul 2021 01:35:55 GMT
a7e7d9dd.29101f59d4b366d42e27.js
s.isanook.com/sr/0/_next/static/chunks/
276 KB
64 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/a7e7d9dd.29101f59d4b366d42e27.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
dca1f4e2612b116221b7c2544644cf400809ec7a2e5c4d5f1b6569536eceba87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
283103
server
Lego Server
age
2
etag
W/"60c30c39-451df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5586701377593692107
accept-ranges
bytes
content-length
65434
expires
Mon, 12 Jul 2021 10:03:38 GMT
JooxPlayer.67af19cc9c9f7e92c734.js
s.isanook.com/sr/0/_next/static/chunks/
259 KB
89 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/JooxPlayer.67af19cc9c9f7e92c734.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
840af75bc8b3a5fbc16c4871c3f1a15c95fa59abd76f2a6fbed17718e2c29884

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 23:45:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 04:59:41 GMT
server
Lego Server
age
0
etag
W/"60c9853d-40bc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
15370186673890680397
accept-ranges
bytes
content-length
90368
expires
Fri, 16 Jul 2021 23:45:39 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 1153
236 B
414 B
Document
General
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

:method
GET
:authority
p3.isanook.com
:scheme
https
:path
/jo/0/mu/evt/_cross_storage/ex/hub.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

content-type
text/html
vary
Accept-Encoding
date
Thu, 17 Jun 2021 15:21:55 GMT
x-page-speed
1.13.35.2-0
cache-control
no-cache, max-age=0
age
44
accept-ranges
bytes
server
Lego Server
x-cache-lookup
Cache Miss Hit From Inner Cluster
content-encoding
gzip
content-length
192
x-nws-log-uuid
5015762079360606438
/
api.u1sf.com/geoip2/code/
160 B
407 B
Script
General
Full URL
https://api.u1sf.com/geoip2/code/?callback=jsonp_1623943359218_28986
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/c76aa74fc08c45ae98eaa0cead7285158e34df8a.db1b049ee320c7a7c3f9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.94.198 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software
/
Resource Hash
1e05c513890dfe5ed032afd2ef6aa8621f8cc1cd231b3094472cfa795d01b4f2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Thu, 17 Jun 2021 15:22:40 GMT
Age
0
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=900, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
160
116.7de05d8ed63e34b7489e.js
s.isanook.com/sr/0/_next/static/chunks/
301 KB
98 KB
Script
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/116.7de05d8ed63e34b7489e.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-c2835681ae534c98c119.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bf693376bfcfc1b85adad412d8ca798a23092967b57fa68f6109443572f15342

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 05:51:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 16 Jun 2021 04:59:42 GMT
server
Lego Server
age
0
etag
W/"60c9853e-4b31f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
9436582284237518688
accept-ranges
bytes
content-length
99853
expires
Fri, 16 Jul 2021 05:51:14 GMT
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads.json
s.isanook.com/sh/0/ad/
142 B
322 B
Fetch
General
Full URL
https://s.isanook.com/sh/0/ad/ads.json?v=13532861
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 01:17:26 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
142
server
Lego Server
age
0
etag
"5f9f831b-8e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-nws-log-uuid
9736786333918209788
accept-ranges
bytes
content-length
109
expires
Sat, 17 Jul 2021 01:17:26 GMT
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/
0
187 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=71964507749
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN (),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/
0
115 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/
0
187 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=29897482388
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN (),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:38 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
latest.json
s.isanook.com/an/0/covid-19/static/data/thailand/daily/
116 B
348 B
XHR
General
Full URL
https://s.isanook.com/an/0/covid-19/static/data/thailand/daily/latest.json?1623943359219
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
df5748b46d35365a88c5de066e301538b0326e3ec1324300bfa160cc26abfdc2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
x-cache-lookup
Cache Miss, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 15:15:05 GMT
server
Lego Server
age
0
etag
"60cb66f9-74"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10874576605446412402
accept-ranges
bytes
content-length
116
expires
Sat, 17 Jul 2021 15:22:39 GMT
ico-policy-2.svg
s.isanook.com/sr/0/images/icon/
994 B
1 KB
Image
General
Full URL
https://s.isanook.com/sr/0/images/icon/ico-policy-2.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:52:12 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 04:59:58 GMT
server
Lego Server
age
27520
etag
W/"60c9854e-3e2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
13877502613606868662
accept-ranges
bytes
content-length
994
expires
Fri, 16 Jul 2021 08:52:12 GMT
/
graph.sanook.com/
18 KB
3 KB
Fetch
General
Full URL
https://graph.sanook.com/?operationName=getHomeHilightEntries&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%2C%22poll%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A15%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%226a056dc7f08c6d2e00ee86da7454619643df4a58%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
0d5a51d1cfd4c9c94ea57f6c8f1706883b9303735fffb5f72b229d5493417fd0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 17 Jun 2021 15:22:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
x-newrelic-app-data
PxQDWFFXAAATUVFSBAgEV1MTGhE1AwE2QgNWEVlbQFtcCxYkSRFBBxdFXRJJJH1nH0tDTgcdB0hVBQUGWlBXWwBbAVsBAQ0LC0kbUAlQClJGGhVWXgIIAAhTVAMEUgZXVBMaVQMKEAdt
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
graph.sanook.com/ Frame
0
0
Preflight
General
Full URL
https://graph.sanook.com/?operationName=getHomeHilightEntries&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%2C%22poll%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A15%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%226a056dc7f08c6d2e00ee86da7454619643df4a58%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 17 Jun 2021 15:22:40 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
c
sal.isanook.com/sa/
35 B
167 B
Image
General
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=539772019&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SAAAAAABC~&cid=470544314.1623943359&tid=SA-8147095-6&cd4=0&cd8=b&z=1778191641
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
server
nginx
content-type
image/gif
cache-control
no-cache, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
35
expires
Thu, 01 Jan 1970 00:00:01 GMT
entry.js
s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/common/
0
10 KB
Other
General
Full URL
https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/common/entry.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:26 GMT
server
Lego Server
age
0
etag
W/"60cab7fa-9c11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
875839063268966968
accept-ranges
bytes
content-length
9914
expires
Sat, 17 Jul 2021 03:01:40 GMT
d372a20dd6399737a3982f419ebce0d9daad53dd.ba405c7daaf7facffe5c.js
s.isanook.com/sr/0/_next/static/chunks/
0
26 KB
Other
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/d372a20dd6399737a3982f419ebce0d9daad53dd.ba405c7daaf7facffe5c.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-3ea30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14021372230495716865
accept-ranges
bytes
content-length
26020
expires
Sat, 17 Jul 2021 03:01:38 GMT
45232adf18d555e6562ceb65eb7ebe49cf9cb2a5.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/
0
5 KB
Other
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/45232adf18d555e6562ceb65eb7ebe49cf9cb2a5.02e73207f7dab7fbde40.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"60cab7f9-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
13278893679003751034
accept-ranges
bytes
content-length
5292
expires
Sat, 17 Jul 2021 03:01:38 GMT
a1964d9b6eef054f5f4f7db732d26a0919314bbb.115e3508778f913c00c1.js
s.isanook.com/sr/0/_next/static/chunks/
0
5 KB
Other
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/a1964d9b6eef054f5f4f7db732d26a0919314bbb.115e3508778f913c00c1.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
733539459380267830
accept-ranges
bytes
content-length
4708
expires
Sat, 17 Jul 2021 03:01:38 GMT
433412772918bb56dd724f6b94a3198d9bb3fad3.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/
0
4 KB
Other
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/433412772918bb56dd724f6b94a3198d9bb3fad3.8c7201dca81875cd9bba.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15541007571414454761
accept-ranges
bytes
content-length
3936
expires
Sat, 17 Jul 2021 03:01:38 GMT
837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js
s.isanook.com/sr/0/_next/static/chunks/
0
47 KB
Other
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/837d53774411f89c4549ad5294bd3a0758eedd3c.78f6cbab28a8952b6e66.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-3519a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6467218478745905015
accept-ranges
bytes
content-length
48378
expires
Sat, 17 Jul 2021 03:01:38 GMT
d79bfb941bed20e52f2717b0a2e1d1492384fa96.6fe0d2db4ad1278b3e1b.js
s.isanook.com/sr/0/_next/static/chunks/
0
4 KB
Other
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/d79bfb941bed20e52f2717b0a2e1d1492384fa96.6fe0d2db4ad1278b3e1b.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-3c2a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14333340930716525696
accept-ranges
bytes
content-length
3643
expires
Sat, 17 Jul 2021 03:01:38 GMT
46a0bbc5aecc4709930df957530a48c8bc680d40.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/
0
3 KB
Other
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/46a0bbc5aecc4709930df957530a48c8bc680d40.1c26ec41cba2d9195163.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"60cab7f9-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17396924592732227245
accept-ranges
bytes
content-length
2659
expires
Sat, 17 Jul 2021 03:01:38 GMT
ffdaf678930dc5d9f5a44b4ea5ab5521d66095a9.0d563f91b1e6dae195d3.js
s.isanook.com/sr/0/_next/static/chunks/
0
4 KB
Other
General
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ffdaf678930dc5d9f5a44b4ea5ab5521d66095a9.0d563f91b1e6dae195d3.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 03:01:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 02:48:25 GMT
server
Lego Server
age
0
etag
W/"60cab7f9-474f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14062820703426937785
accept-ranges
bytes
content-length
4248
expires
Sat, 17 Jul 2021 03:01:40 GMT
cygnus
htlb.casalemedia.com/
25 B
682 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2212e37181ee3779b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22136049b5eb7cb74%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
788113b5149e8260aecd7fc881e07f3be400bf8ae53f04135f54d46e0d9d5d17

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[37.120.137.158], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
43
x-ak-client-geo
12
expires
Thu, 17 Jun 2021 15:22:39 GMT
arj
tencentth-d.openx.net/w/1.0/
172 B
559 B
XHR
General
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=24039288-1798-4edf-807b-f4456702811c&nocache=1623943359557&aus=300x250&divIds=rgpt-recb-4&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
ae0940a8bbb0d579de4f4cdfb221b8addc01275d7d1327c06e00689f42a22c29

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
rtb-eu.andbeyond.media/
0
266 B
XHR
General
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:39 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN (),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e6a40ab2403813d5a0a4eaa2156a8514276bff4df070c9211e10960151878276
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:39 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid
10b41a30-4cf9-4912-a43c-97bffc500233
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/
16 B
362 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 17 Jun 2021 15:22:39 GMT
events
bidder.criteo.com/csm/
0
187 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN (),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:38 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/
43 B
303 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 12 Jun 2022 15:22:39 GMT
pixel.gif
static.criteo.net/images/
43 B
303 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 12 Jun 2022 15:22:39 GMT
cdb
bidder.criteo.com/
144 B
397 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=30510815678
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN (),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
afab4cddb39ebfcfd288a219afa7f3d2713c0f23c7469506b235b9a90a8ebd31

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
148
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
8 KB
5 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=4006038205094527&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623943359&dt=1623943359635&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=345054422&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
56350012a78fa8493bcb38fe6e0e06a29c70582ed2ab2d45a6babdef2b195c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4377
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138336206208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
9 KB
5 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=142233099096013&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623943359&dt=1623943359645&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2209700283&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=132&ohw=130&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
16b6712bb0e8b96ef51ee1898e487bbf652b4ac82436e77efb82bbd73106cbbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5123
x-xss-protection
0
google-lineitem-id
5610434112
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339427655
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
468 B
430 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=2565508784608742&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cthemead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623943359&dt=1623943359652&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=362149050&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
170c0ad9b955a9af6dc766e12b8a199e45d9d58769ed8114774720fb147f74b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
arj
tencentth-d.openx.net/w/1.0/
173 B
361 B
XHR
General
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9fe99334-e563-4363-b412-95e0ffdbb47f&nocache=1623943359662&aus=1130x250%2C1090x250%2C970x250%2C1x1&divIds=rgpt-billboard-6&auid=542511408
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
9cdfcda365e1b66d3f880c979ac8cdc83e178cef320c33c75f53b55f3e3c1c18

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
rtb-eu.andbeyond.media/
32 B
300 B
XHR
General
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136923&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:39 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
32
cygnus
htlb.casalemedia.com/
25 B
602 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=575405&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223172be0464ad2e3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22328651b25c92cb2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221130x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1130%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22336baf933e80bea%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221090x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1090%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223484b8bed28dd2a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2235f27dea3ad560f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
07a4456a253eafbae8ca967f6d8d80c531d8140f55b767aabf9bfcc32255a381

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[37.120.137.158], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Thu, 17 Jun 2021 15:22:39 GMT
bid-request
a.teads.tv/hb/
16 B
247 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 17 Jun 2021 15:22:39 GMT
events
bidder.criteo.com/csm/
0
187 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN (),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 60CC
2 KB
1 KB
Document
General
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn.izooto.com
:scheme
https
:path
/scripts/sak/iz_setcid.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-type
text/html; charset=UTF-8
last-modified
Tue, 11 Feb 2020 13:01:43 GMT
x-xss-protection
1; mode=block
cf-cache-status
HIT
age
2139498
expires
Sun, 18 Jul 2021 15:22:39 GMT
cache-control
public, max-age=2678400
cf-request-id
0abc2a44e4000005d4822ce000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
660d464e3d4e05d4-FRA
content-encoding
br
showad.js
ads.pubmatic.com/AdServer/js/ Frame CE5B
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=122552
expires
Sat, 19 Jun 2021 01:25:11 GMT
date
Thu, 17 Jun 2021 15:22:39 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 436B
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=122552
expires
Sat, 19 Jun 2021 01:25:11 GMT
date
Thu, 17 Jun 2021 15:22:39 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame CA70
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=122552
expires
Sat, 19 Jun 2021 01:25:11 GMT
date
Thu, 17 Jun 2021 15:22:39 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8C1E
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=122552
expires
Sat, 19 Jun 2021 01:25:11 GMT
date
Thu, 17 Jun 2021 15:22:39 GMT
vary
Accept-Encoding
617.json
id5-sync.com/g/v2/
213 B
532 B
XHR
General
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6c44405ab70a28ddb28bb5930646a069e59076fcd530ac435f6350f14a1ead72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Thu, 17 Jun 2021 15:22:48 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/
77 B
823 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4145b1c3dc67dbf7e7633324f42330d2467ccb902d874494695567ca2dac42f0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.30.201
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/
109 B
543 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN (),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
be5f112e2769401e53cb3336a1ff34d48469c5b2a8a2f3940ae41c725bd0d19d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 17 Jul 2021 15:22:39 GMT
2021-06-17.json
s.isanook.com/an/0/covid-19/static/data/thailand/daily/
35 KB
5 KB
XHR
General
Full URL
https://s.isanook.com/an/0/covid-19/static/data/thailand/daily/2021-06-17.json?1623943359219
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cc139102469d1642b0d6deb4bbdb6ac89a2ba409d24c24a96ed6bfd288072c9a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Hit From Inner Cluster
last-modified
Thu, 17 Jun 2021 15:15:05 GMT
server
Lego Server
age
0
etag
"60cb66f9-8b26"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12836795391146496623
accept-ranges
bytes
expires
Sat, 17 Jul 2021 15:22:39 GMT
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN (),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b02098980576153147ea9762d8aeaaec7447decca7bddc419a1e7b333583de46
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:39 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid
35541c9a-f538-47f3-8400-206ebe93acaa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/
25 B
602 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224736102eb8f31b6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22484b5cf66338d5c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22496a49c42e0a448%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22257x240%22%7D%2C%22banner%22%3A%7B%22w%22%3A257%2C%22h%22%3A240%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2250fb39a5b4590ed%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
99d6a9fabcf841ba995fe8b71f1c9c1e960f6df646a0e73cbdd08fb1f8913e69

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[37.120.137.158], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Thu, 17 Jun 2021 15:22:39 GMT
arj
tencentth-d.openx.net/w/1.0/
173 B
357 B
XHR
General
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2f50c01f-d463-447b-b9aa-0b8ff13a902a&nocache=1623943359737&aus=300x250%2C257x240%2C300x125&divIds=rgpt-reca-8&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
97dd2b26c7e555d537095fb4147d2d8cf99fd87e8135246b92dbfa1acb62d913

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/
16 B
247 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 17 Jun 2021 15:22:39 GMT
hb
rtb-eu.andbeyond.media/
0
266 B
XHR
General
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:39 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
events
bidder.criteo.com/csm/
0
187 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN (),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Thu, 17 Jun 2021 15:22:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/
40 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=2152303294896701&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cnative1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=257x240&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623943359&dt=1623943359761&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=1088&adys=1797&adks=2250919550&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=257x0&msz=257x0&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
97072232e06c3504d24e712480dc926fedf5c77a8c23737c673982ebcb725540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10223
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame 5968
668 B
723 B
Document
General
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
1acc2adcaf6ce530c15df6381743228c4f04c87001bec4e9f2b5fb9bd7f4ac08

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=497fa801-dbaa-0d8d-34a4-290f41306f18|1623943359
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=497fa801-dbaa-0d8d-34a4-290f41306f18|1623943359; Version=1; Expires=Fri, 17-Jun-2022 15:22:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623943359|gekin0vNiygu; Version=1; Expires=Fri, 02-Jul-2021 15:22:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 17 Jun 2021 15:22:39 GMT
content-type
text/html
content-length
411
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame B9B7
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Thu, 17 Jun 2021 15:22:39 GMT
Content-Length
1151
Connection
keep-alive
view
securepubads.g.doubleclick.net/pcs/ Frame 527E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst82rgK6UPA6WrmV8Wf_nejjg8h2wJDkjbRbFo8tgyzHbFDdzd1_F7lRtakzVUlgMv5VxJ24OqsKREy5D-9dxpp3LxL6ovzrRZIeUOcwqa18eeIDnCJRVK3VgJSCkUedWeG-pwHatYWrARQ-ZzlZjEpiOr5P_XrJXWPZOcPgV4hK5hTXoU2wyIB0KJF_GrTHfTeLkbn7g48nthoMyH5iJRy0T3kt84-R0z3xOzHX0yasIg9dbVkkr5_eczXo_NVXQZ-SfawB1okXltx81_BZP8O77OQFuOW-WirJG20eni-C7MNsmb0pMSvhokeeNILmbDWXjwcNeRAMjo&sai=AMfl-YTRDVPTFkt2TTHVFmI2c2xIgJUKqSIjdpVEjqZeDnhmui8JWZeGK7nRXDLr3_x4Lb1bbEFvQuFE0x_MxeoC4xNzK5D0o6ISPjwFvrdXTr1Q36Unj_-fBa0KEA6Mtlhq&sig=Cg0ArKJSzOsEGln1pk8cEAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Jun 2021 15:22:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 527E
63 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
d14abb44a7716fc2800014e868021b15da2b75db9703de98e54ed31de56a4241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"905 / 757 of 1000 / last-modified: 1623928601"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21761
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 527E
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842920177421"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38075
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:39 GMT
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842926269324"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28241
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9E81
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuN5DUbpKWd6TJSrL5bZ_e-oQlSeuzPsgUD2FR-rgTmqDaRNdjIqXiqrtEeFGKPrG6ElZwttH_AkW-CHmoG88qa0CIeSP-8nOJmJiO8RHVlwbtXdZKm_PP0x5J9oTq-J2aMPCzDvoW1QZwM7s6YyX4zCH1h-134RMZPAXUUWsPHKq6Ytv-SPKb4ShEOgbLwMfs6z9aKdECl7LQl5edBuvt0UUrcdxeJWCnpL3H6joJRF2e67kWqzTnTpfN1Lh99hsZxGETRT8JgiLRjd1YeHVPXJlTr2ims24WrhwWpbaD5K2uy1SUbBZPplPDrJnZsR5yFNFPc6ESHuPbLqM&sai=AMfl-YRUYIBRtYfYpIF1E4M2jS2WDVT8CytGaVtBL4s4KF4-y_oyfZoV6F09Lfrato_BXLWmXG4iTiRpbcZpVCnvu4f1p0vLxcTNf-PtgqUxLj_9er0-MPjTt6WY35G1GBM&sig=Cg0ArKJSzHv9DZEwbT4EEAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Jun 2021 15:22:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9E81
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842920177421"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38075
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:39 GMT
/
graph.sanook.com/
2 KB
1 KB
Fetch
General
Full URL
https://graph.sanook.com/?operationName=getJooxBannersQuery&variables=%7B%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%229d7bf40fa4e39e4e741ae8d00d5c35059c84ee45%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
346b47cc32af221672e98b0ec2811bc32b5cc578fe7de77118d80e1cd6d3e294
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 17 Jun 2021 15:22:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
graph.sanook.com/ Frame
0
0
Preflight
General
Full URL
https://graph.sanook.com/?operationName=getJooxBannersQuery&variables=%7B%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%229d7bf40fa4e39e4e741ae8d00d5c35059c84ee45%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 17 Jun 2021 15:22:40 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
21a7bda6-7e0f-4297-9e46-1c3f7822ed96
https://www.sanook.com/
31 B
0
Other
General
Full URL
blob:https://www.sanook.com/21a7bda6-7e0f-4297-9e46-1c3f7822ed96
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
ads
securepubads.g.doubleclick.net/gampad/
15 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=3971575866882168&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1130x250%7C1090x250%7C970x250%7C1x1&prev_scp=category%3Dall&eri=1&cookie=ID%3D4f93ea7983d9efb8-2208c15064c80076%3AT%3D1623943359%3AS%3DALNI_MZNpq8ioW2f6MiKvIBuet1g_WbT5g&bc=31&abxe=1&lmt=1623943360&dt=1623943360034&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=255&adys=75&adks=2010139517&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1090x-1&msz=1090x-1&psts=AGkb-H_aeP1RfZSQLxicH5xZLD04iR8hkuUffOCMRyGTtmbBQnQ9WIAlAah9ftQD6nrWnSw4N7vKGPfqkBxGBk5jai1Ie8jH81Biz6Od1V14T2u_7cqwiAMiZjw%2CAGkb-H_BfKZg80vN1fpF3SfaYMAmjXbihDZ7-y_gz89pnZYJvz17IyXUC34ee68Lsfel-eHp32WRJjPEVFKT_F_HSDBn_at9Fz0DGl3ZoEBHFcY%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=4&ohw=1090&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a6bcc9a15c4f7b2e65d2b24ef72efa9e373791cf4bd9576c78a9c53009a9aadf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8707
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
o_1eu83pcof1g21aqe4nv1n1g3gib.png
img-as.fsanook.com/files/uploads/ads/dfp/20210211/
32 KB
32 KB
Image
General
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20210211/o_1eu83pcof1g21aqe4nv1n1g3gib.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.45 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
60fad079dc91b61a311881988011fcfee25a6f5e9899a937e6e7294c5bd0c442

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
x-cache-lookup
Hit From Disktank3, Hit From Inner Cluster
last-modified
Thu, 11 Feb 2021 08:37:07 GMT
server
NWS_Oversea_AP
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
844a7cc2-fd43-4cd3-90de-7c3479d5af8f
accept-ranges
bytes
content-length
32418
expires
Sat, 17 Jul 2021 15:22:39 GMT
ads
securepubads.g.doubleclick.net/gampad/
33 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=781487305346815&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Crecb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&prev_scp=category%3Dall&eri=1&cookie=ID%3D4f93ea7983d9efb8-2208c15064c80076%3AT%3D1623943359%3AS%3DALNI_MZNpq8ioW2f6MiKvIBuet1g_WbT5g&bc=31&abxe=1&lmt=1623943360&dt=1623943360085&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=1863&adks=3963815495&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H_aeP1RfZSQLxicH5xZLD04iR8hkuUffOCMRyGTtmbBQnQ9WIAlAah9ftQD6nrWnSw4N7vKGPfqkBxGBk5jai1Ie8jH81Biz6Od1V14T2u_7cqwiAMiZjw%2CAGkb-H_BfKZg80vN1fpF3SfaYMAmjXbihDZ7-y_gz89pnZYJvz17IyXUC34ee68Lsfel-eHp32WRJjPEVFKT_F_HSDBn_at9Fz0DGl3ZoEBHFcY%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=4&ohw=300&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
896cf85f87c399105e58561f2c31b353ef3fc91b6180d5cb92ffa376a723b371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12960
x-xss-protection
0
google-lineitem-id
5609315470
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339156757
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6489
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=1807299555491511333; icu=ChgIvrdKEAoYASABKAEwv9GthgY4AUABSAEQv9GthgYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Jun 2021 04:37:16 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 17 Jun 2021 15:22:40 GMT
Age
38724
X-Served-By
cache-lga21925-LGA, cache-hhn4046-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 775649
X-Timer
S1623943360.171775,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9862
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=1807299555491511333; icu=ChgIvrdKEAoYASABKAEwv9GthgY4AUABSAEQv9GthgYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Jun 2021 04:37:16 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 17 Jun 2021 15:22:40 GMT
Age
38724
X-Served-By
cache-lga21925-LGA, cache-hhn4066-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 773253
X-Timer
S1623943360.166820,VS0,VE0
Vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
14 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2247514414496879&correlator=3601496744186260&output=ldjh&impl=fif&eid=31060033%2C31060783%2C31061161%2C31061279%2C31061290%2C31061441%2C31061453%2C31061459%2C31061476%2C31061200&vrg=2021061502&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&prev_scp=category%3Dall&eri=1&cookie=ID%3D4f93ea7983d9efb8-2208c15064c80076%3AT%3D1623943359%3AS%3DALNI_MZNpq8ioW2f6MiKvIBuet1g_WbT5g&bc=31&abxe=1&lmt=1623943360&dt=1623943360122&dlt=1623943356016&idt=1722&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=924&adks=3191418387&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H_aeP1RfZSQLxicH5xZLD04iR8hkuUffOCMRyGTtmbBQnQ9WIAlAah9ftQD6nrWnSw4N7vKGPfqkBxGBk5jai1Ie8jH81Biz6Od1V14T2u_7cqwiAMiZjw%2CAGkb-H_BfKZg80vN1fpF3SfaYMAmjXbihDZ7-y_gz89pnZYJvz17IyXUC34ee68Lsfel-eHp32WRJjPEVFKT_F_HSDBn_at9Fz0DGl3ZoEBHFcY%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=343587080.1623943357&ga_sid=1623943360&ga_hid=1469068318&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ce0a25dc618c0bfbc4bd472a7ffad89c9c2f386b3f0d9e396b0a70bced07ed26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8537
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 9E81
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c28c0bea0fa5730a0a1c07a00d822c5cfcbba07c9619f92595f733f4732a761

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9E81
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurHgLWAWZzqsm43rCv32XzH-tnqpcdBDju0n3G3LQq0SMu7qHo4ci5awRug6iHvKpv8lN8aFXZEGQTA7SIXscSjzvu1-wWzy0mBIUawwz9noXxbx3urVL5UrrnNWxPe1UZSACoa0icvMN51hI_SXQd1pgWFfi3e-Nm6xJnVdBPXl5dTtIgON51cNJaaZ0HPcrkKpoO-rmAnLuALMW4hrQ3cWsTKg5atYOv5r-tkgXmuoWJGhqCFbxTwwoUzKsGxX0oWuF_FGCSS2TRyvy2YHEddKCYhyIrkjxY-R2uD_3mzb7opmiRfPxg_d14780o3Ov88MPCypuaaksMQjR7TQ&sai=AMfl-YRkzoQKA32F4hKW-rIl5_mSBN9gOnq6NgNn3BO9ZqboKaER8tkgzfgZw5eag9a6_pNTkHY-bEllvNc4frWOX3itSYMcEJgIeu7D5feYQarcNXf_CbTq6EFtPV_Wwks&sig=Cg0ArKJSzCgZFaVmEM8zEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Jun 2021 15:22:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=sanook.com&host=www.sanook.com&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012105281634000/ Frame 9552
191 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55221
x-xss-protection
0
server
sffe
date
Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8af8bfef65693cad"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 05:09:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 9552
12 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
server
sffe
date
Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ca56b057322a8584"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 05:09:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 9552
87 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27321
x-xss-protection
0
server
sffe
date
Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3f2374642481d921"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 05:09:18 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 9552
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1522
x-xss-protection
0
server
sffe
date
Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"514585efdf5d56f0"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 05:09:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 9552
41 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13144
x-xss-protection
0
server
sffe
date
Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"db4e8fd655d0c88e"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jun 2022 05:09:18 GMT
truncated
/ Frame 9552
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15980f681ddb5e251b4e0ad65b79173af6f042e2d33edb41d496c3c276eb6a6e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
14006368914855997490
tpc.googlesyndication.com/daca_images/simgad/ Frame 9552
41 KB
41 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14006368914855997490
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
97366ccdc6b19deea73abc010d5f78af83b22403e122129e1ed250d2ba35f004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 06:39:30 GMT
x-content-type-options
nosniff
age
463390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41929
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 05:36:52 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:39:30 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9552
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 05:30:24 GMT
x-content-type-options
nosniff
server
cafe
age
35536
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Fri, 18 Jun 2021 05:30:24 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9552
344 B
828 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 06:17:51 GMT
x-content-type-options
nosniff
server
cafe
age
32689
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 18 Jun 2021 06:17:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9552
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj4x3v2jLYPOENN2KjuwP5bO7QO7Gm_lg_tLes5QK0fHzi-MXEAEgr9HbH2D1lc6B4ASgAdTsxskDyAECqQIcgMH2YQu0PuACAKgDAcgDCKoEwgFP0GRacCXdVzO18EsyXJZdPOFmZm4zL3q6DMbkmyR58BF_-qJiU2r8jKYqgVeMMZZjRBbDwd3AdLiME2WoHc8vfJDXnBRM4POMVzerSkbc8msc_QqH8q9ePfAqzEG1CHIOm0yxIU7GAYLp97Uf1kePmupnSmulPb3myGuudIpTwrElnklmiOk_Bwbb04H9-Hs51S-4ADv4Vw5RLJf7cI-bipA4jclGAdOpqTRgXq4BvE4_8FbzI3XclfBgWQWshfhPjcAEv4zKgZ4C4AQBkgUECAQYAZIFBAgFGASgBgKAB5STuTaoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQjOsH0ggHCIBhEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi02MTY3MjM4NzEyNzI5MDMy&sigh=1e0vQ2NFKzo
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 1153
8 KB
3 KB
Script
General
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17180741765063747599
accept-ranges
bytes
content-length
2483
pubads_impl_2021061505.js
securepubads.g.doubleclick.net/gpt/ Frame 527E
326 KB
114 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
097fd71be450d266fde4a961b060bbe7e758e051c2a06c7888e444b96ea67d63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Jun 2021 21:12:59 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116947
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:40 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CE5B
4 KB
4 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17440466&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
678bca8a699320e0bd46136b88ee78c9e5525d9f81a809383e8b6a909fcede5b

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:38 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
eu-u.openx.net/w/1.0/ Frame 5968
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b2260cb-68c0-4d00-aa4f-2877330b7187
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b2260cb-68c0-4d00-aa4f-2877330b7187
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 17 Jun 2021 15:25:02 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6b2260cb-68c0-4d00-aa4f-2877330b7187
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Jun 2021 15:25:01 GMT
sd
us-u.openx.net/w/1.0/ Frame 5968
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yopam8qCWsnRgl-fz9wUyc6KAJvRjwzBz4jJMZ9Z
43 B
122 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yopam8qCWsnRgl-fz9wUyc6KAJvRjwzBz4jJMZ9Z
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=yopam8qCWsnRgl-fz9wUyc6KAJvRjwzBz4jJMZ9Z
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 5968
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
35 B
376 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=22
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
server
nginx
location
https://c1.adform.net/serving/cookie/match?CC=1&party=22
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 5968
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=9ad39758-722d-327a-6e72-e1e725175ce5&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN (),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5968
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjZiYzQ0OTItYmI1YS02Y2RlLTdiOTItYmI1ZWVmZjU5Mjg1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5968
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEFedekC2nKNQxgvrLvPyvg&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEFedekC2nKNQxgvrLvPyvg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEFedekC2nKNQxgvrLvPyvg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B1B8
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
391b9bd107cd37096dc2ed770bb52e4f34d577f54dee4319f563ea482ce6f8b6

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMtov9QCPYvO9ae5qL0nGgAA; CMDD=AAjC5AE*; CMST=YMtov2DLaL8B
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|241|230|221|176|196|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1751
Expires
Thu, 17 Jun 2021 15:22:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:40 GMT
Connection
keep-alive
Set-Cookie
CMID=YMtov9QCPYvO9ae5qL0nGgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 17 Jun 2022 15:22:40 GMT CMPS=3269;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 15 Sep 2021 15:22:40 GMT CMPRO=1203;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 15 Sep 2021 15:22:40 GMT CMRUM3=e660cb68c02760&dd60cb68c02760&2760cb68c00b40&2d60cb68c005a0&b060cb68c005a00&c460cb68c005a0&f160cb68c005a0&0360cb68c005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 17 Jun 2022 15:22:40 GMT CMST=YMtov2DLaMAB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 15:22:40 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 18 Jun 2021 15:22:40 GMT
container.html
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E66
6 KB
3 KB
Document
General
Full URL
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 17 Jun 2021 15:22:39 GMT
expires
Fri, 17 Jun 2022 15:22:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 33C0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNgoQjK7e7oJ0ps1uhJciZlbX7EzVaa7-ZQdobtBCw3GtZgiBmM8R3MMO76JLPgfe16vabzm8DivCNd_c_v8_0hSiQyBK3JNiyM6Bd2nJJF2kZScuCa2EOZvcxBwzLdRJQ8TwVPrcmcoKPR-qukeKjZMLypnNUnstbof3ZM_o5wMd4dVyW2WTmAm8s9OUfHe2KP4EsEYZaOWi-xe1JHBhS_UCjgxVgLFM8zf9cscx_I_1oGLJb5nmmJVLo1OX-zYShwvvAP0iY4seTucRd5JW7mf1XPKqR4Qy1SmRvccK6kXviEKluUBOjppmtVU8IxLD7C6A&sig=Cg0ArKJSzJ222hVtfXFOEAE&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/ Frame 33C0
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
b30a5db854ba342c274c09d698a14b5e44e33659edce46b9f74784f7fa21955d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7073
x-xss-protection
0
server
cafe
etag
13534463047637254567
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:22:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame 33C0
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:22:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 33C0
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842920177421"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38075
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:40 GMT
l
www.google.com/ads/measurement/ Frame 33C0
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFFepzTJlylJraSDNXdlkF-N5nD7DCdjyOPjhUVR14_vssyOCZ2v4zoAf5OQcb4HVbh7Nkn80Hap_0UZhmF5t8aNmXkA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

o_1etk363k81t221erpke817mdpb.jpg
img-as.fsanook.com/files/uploads/ads/dfp/20210203/ Frame 33C0
79 KB
80 KB
Image
General
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20210203/o_1etk363k81t221erpke817mdpb.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.45 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
5d23cbd2a9a33bd91cc49c18cec7e2ea6c1b0650c19c418d533c0c9083cad8e5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Wed, 03 Feb 2021 14:01:37 GMT
server
NWS_Oversea_AP
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
c54dbe8e-bd7b-4113-89f4-e02776060698
accept-ranges
bytes
content-length
81060
expires
Sat, 17 Jul 2021 15:22:40 GMT
async_usersync
ib.adnxs.com/ Frame 9862
0
752 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN (),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:40 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.146:80
AN-X-Request-Uuid
58f09654-7545-4fde-9db2-6bf197fe6a91
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame B9C6
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=AE364A24-AEF4-4146-A1D8-E917BB7839CF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=AE364A24-AEF4-4146-A1D8-E917BB7839CF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:40 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=4481914123120438595; expires=Mon, 16 Aug 2021 15:22:40 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2329
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
42 B
518 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_1101=23040-6974783621786957973; PugT=1623943360; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-4690034062060225801; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:41 GMT; path=/ PugT=1623943361; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:41 GMT; path=/
x-lat
lhrpug011:0:309
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4690034062060225801
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 28D9
43 B
347 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 17 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1196
date
Thu, 17 Jun 2021 15:22:40 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame B171
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973
42 B
520 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=AE364A24-AEF4-4146-A1D8-E917BB7839CF; chkChromeAb67Sec=1; DPSync3=1625097600%3A201_197_219%7C1623974400%3A174; SyncRTB3=1625097600%3A56_54_8_22_220_13_161_81_55_3_166_21_7_71%7C1624492800%3A223_15_2%7C1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6974783621786957973; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:40 GMT; path=/ PugT=1623943360; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:40 GMT; path=/
x-lat
amspug002:0:367
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 17 Jun 2021 15:22:40 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6974783621786957973; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783621786957973
adx
match.prod.bidr.io/cookie-sync/ Frame 2CAD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZGwwN0JsdElBQURIaUZySjhkUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZGwwN0JsdElBQURIaUZySjhkUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN (),
Reverse DNS
ec2-52-209-246-140.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AACdl07BltIAADHiFrJ8dQ; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Thu, 17 Jun 2021 15:22:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Thu, 17 Jun 2021 15:22:41 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
set-cookie
IDE=AHWqTUlgK9MDBhh5v1q1yBkRT-I4cVR7Gv0vVVuP5XbLtaVG91sIMwSvA1Y22ikIg0s; expires=Sat, 17-Jun-2023 15:22:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CE5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rjZKJK70QUah2OkXu3g5zw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=122489
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 19 Jun 2021 01:24:10 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b2260cb-68c0-4d00-aa4f-2877330b7187
0
369 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b2260cb-68c0-4d00-aa4f-2877330b7187
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 17 Jun 2021 15:25:02 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6b2260cb-68c0-4d00-aa4f-2877330b7187
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Jun 2021 15:25:01 GMT
mw
mwzeom.zeotap.com/ Frame CE5B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=AE364A24-AEF4-4146-A1D8-E917BB7839CF
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=31c436ec425565a261519396812994a7
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=31c436ec425565a261519396812994a7
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=3c59c16a-1a06-4cb4-be13-f1834f838c79&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=3fff020ad3aeb4a2
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHUtp-hsbQ-80Rlv6vsxnhE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0...
95 B
188 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHUtp-hsbQ-80Rlv6vsxnhE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zcluid=3fff020ad3aeb4a2&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
660d46624a9116e6-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0abc2a516a000016e6b50cb000000001

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHUtp-hsbQ-80Rlv6vsxnhE&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0ed88795-a23c-42fb-611c-cfdf9b2fce77&reqId=95784457-0bc5-4c16-6189-ef0f387cad18&zcluid=3fff020ad3aeb4a2&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUUzNjRBMjQtQUVGNC00MTQ2LUExRDgtRTkxN0JCNzgzOUNG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:594
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2Ng1EThtomNH5wavw6Ko4&google_cver=1
42 B
280 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2Ng1EThtomNH5wavw6Ko4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:456
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG2Ng1EThtomNH5wavw6Ko4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame CE5B
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN (),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 16 Jun 2021 15:22:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7444902178821496912
42 B
233 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7444902178821496912
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:477
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7444902178821496912
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&gdpr=0&gdpr_consent=
42 B
340 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:422
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 17 Jun 2021 15:25:02 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Jun 2021 15:25:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0432562f-926e-4677-88ae-c9807d3e9cec
42 B
292 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0432562f-926e-4677-88ae-c9807d3e9cec
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:385
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0432562f-926e-4677-88ae-c9807d3e9cec
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1807299555491511333&gdpr=0&gdpr_consent=
42 B
209 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1807299555491511333&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:417
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:40 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.179:80
AN-X-Request-Uuid
1198be37-0fb0-46a2-b7b3-20b8251cd984
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1807299555491511333&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AE364A24-AEF4-4146-A1D8-E917BB7839CF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CE5B
43 B
837 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/AE364A24-AEF4-4146-A1D8-E917BB7839CF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58292/ Frame CE5B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=&verify=true
0
584 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=&verify=true
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN (),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 15:22:41 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Thu, 17 Jun 2021 15:22:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&redir=true&gdpr=0&gdpr_consent=&verify=true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X
42 B
270 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:422
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=&_test=YMtowAAB4BFG9AA4
1 B
390 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=&_test=YMtowAAB4BFG9AA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:452
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623943361.119308,VS0,VE0
x-served-by
cache-hhn4059-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=&_test=YMtowAAB4BFG9AA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
x.bidswitch.net/ul_cb/ Frame CE5B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.158.150 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
date
Thu, 17 Jun 2021 15:22:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2845108476452106797&gdpr=0&gdpr_consent=&us_privacy=
1 B
342 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2845108476452106797&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:411
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2845108476452106797&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame CE5B
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AE364A24-AEF4-4146-A1D8-E917BB7839CF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:39 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:341
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 17 Jun 2021 15:22:41 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame CE5B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
42 B
231 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:372
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:40 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
async_usersync
ib.adnxs.com/ Frame 6489
0
752 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN (),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:40 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid
e4152977-f16b-428d-a9c3-874561c4c3bf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9552
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 17 Jun 2021 15:22:40 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 527E
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 527E
418 KB
22 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=505708472549781&correlator=2895267664139148&output=ldjh&impl=fif&eid=31060439%2C31060783%2C31061040%2C31061279%2C31061422%2C31061481%2C21068110%2C31061004&vrg=2021061505&ptt=17&sc=1&sfv=1-0-38&ecs=20210617&iu_parts=21863666334%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D4f93ea7983d9efb8%3AT%3D1623943359%3AS%3DALNI_MZUzxxtEaWwd6tOXOlp3IrMUC19vA&cdm=www.sanook.com&bc=31&abxe=1&lmt=1623943360&dt=1623943360953&dlt=1623943359905&idt=971&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1033481451&ucis=vymszu8jnf6p&ifi=1&ifk=2895095238&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1723804817.1623943361&ga_sid=1623943361&ga_hid=241796544&ga_fc=false&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
62689a2ba5327bbf1d225f66c3de6506816831bbdb326864992abaab063e2a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22581
x-xss-protection
0
google-lineitem-id
5546075965
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138331849821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 527E
0
0
Other
General
Full URL
https://a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

14006368914855997490
tpc.googlesyndication.com/daca_images/simgad/ Frame 9552
41 KB
41 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14006368914855997490
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
97366ccdc6b19deea73abc010d5f78af83b22403e122129e1ed250d2ba35f004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 06:39:30 GMT
x-content-type-options
nosniff
age
463390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41929
x-xss-protection
0
last-modified
Sat, 13 Feb 2021 05:36:52 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:39:30 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9552
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 05:30:24 GMT
x-content-type-options
nosniff
server
cafe
age
35536
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Fri, 18 Jun 2021 05:30:24 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9552
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 06:17:51 GMT
x-content-type-options
nosniff
server
cafe
age
32689
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 18 Jun 2021 06:17:51 GMT
container.html
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C20A
6 KB
3 KB
Document
General
Full URL
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 17 Jun 2021 15:22:39 GMT
expires
Fri, 17 Jun 2022 15:22:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 33C0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6vNCYctGulQPUmkgBDGNje19E5CCpsOf_MwpFp047QK--T6MqeiC-_PLxrxGU5E8OXuAufNs5BNnEfvApvqilUKaPfQf3Geb12ykPUXD-CzT55_jtLlx1wlf60csruhUTB8nsjipkGYc7uQcOO3MCnq-PSopKOMU2ZbLviy9fBkqMvRucrDFNvHJJS4EskvY6ZTn57wohMho_ZRVOvvH5ON0r6SDiL8Dw9N1rf2WSmg5cnPn01qKK5XbPtcHGTCQJoOviHmDgz4N3gA4NsKlRB5DOu57y1rZNUbvOyfmnXhAORHL0GwcP3gT6LQfcBEMNCnXTAw&sig=Cg0ArKJSzBi5ediAFW4uEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Jun 2021 15:22:41 GMT
truncated
/ Frame 33C0
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51748a5942d66b489df0745ec6fb22fd8930d2b62fc06c448a1bd3168b5d99c3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame C6C5
478 B
251 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUlgK9MDBhh5v1q1yBkRT-I4cVR7Gv0vVVuP5XbLtaVG91sIMwSvA1Y22ikIg0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 17 Jun 2021 15:22:41 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3E66
66 KB
25 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dtl2X51e3HAK0NRHQ94m0GVYUXleu8-ktpZ72IJ8u1qTC9EnaxE00SarFszrDwCidHaqlYE4yJ48GOjLPu6w1SWaYpWM-Zf5nrJMdmBdtyvpZeFUiyPd81uOS5OM839TL3sKckXdZ-ydXW6JV4AGGMyPwFbw&dbm_d=AKAmf-Cg4o1eBLHPF-MbsYWdgM0cCXOnrcZFZes0-e0vzbXkXc9mg9MjAhsZpMs6jdarOxO-_1gKCcX_jyI3PGYyGNMexbUDd_swBHEPdgeroSepqCVw6x9XRl3nJ4u5fQWmx_5iMMvjRVdqBnJlaCKEzgX_cfR4ncvPBPFWWchBHZQJ-dP-RhKcG1xwiIUn_2yoQLHxztMLQK5pw181XuJoSdycUCm9VcUYfszoSK45C2pKhm4e68SFKN8Tj3IBIZji0GpdPK1WKONLeFohbknOjH1567RQmyuZYbh7KsfpH4GcYSrdoU1O0jf4eCzLNhIkQ6JlXo7tZ9ZRs_sSUmik9sOm1IOWbNYGz4-sI0msEAvBNcjNLnX1tIigbrYnfl2gJVHK2_Bdf_8jf0tY_yqomu7H3zC2OfTGzCCYVQ7bnkgTc9EJzC4zuUyuIBOjomiW9QjUq1mpYjDaB9F0BhrzSVfS45qEOjvTmiybQlFNZb8hkrf1isNOiu_TZL90blp9fj6Q95YoQtUkhdtE4u5WJwIqBJ1xPVBqbwkMdPkMJWuwFnU508IrpTmjZ773qKOLw7C76d0gaVEDHzO_7eLozDzE7psAP1IlZvfohuCQFHuqYjUsPjbbQiKGpqICAGWGmcea9P7Sbqhi71kTyDmnnAozsW3ltOnPaaGEfjC3sDIv0XITLddfJY5y7bkKoT3KhsEmcN7pWBzJYEWtESvksWJqkj07K9hN1kp01lUaeNq10ugL3Pkbp40tuEaLSYXy2TLYJkey6YVvsPIVc6IMOvM0KjONNqMgwgmQ5DB4YiF65GCjgTsz30S_LIB1t7XvuV6enJB_OT0udVzdq1e445BTs5UVUFxuNQEL_UvuEx2wnfoGvQ96UocatrFtNUchozR3eEL20qPpQ_hRDb3nLVe16n1ko3kxKeaOeOrbtDFQtbR26vSXKVD_i2ElmUOodyxto_Rhz94oQ6UzHM6CMuMy6ExpJ3nBnQXTSjDYGlhqcdghMwndOCgLIeQJKNb3Fiys9qkHApavGe6pVu2_olmiVTDZMw9sJT3OZuJSY_7DnKvmKrb6OUYD688Ylg6-bPqmsOcp5wzKBkEXBPEw-gcE4mcN3HQh2qIUfGl19idChLOsSLZ33jdpU7uHmwXan7JQJ3lamHK7-t0uOkGJoG13mASqGbUzd5lk9yf1l6-IplX4FiHZSrS6COnWWGVpS0vTpmXOF-7zU8jDTHXoNK7NOJKgSFhzt-RrvwQBJ4hkvzxt-xcgTlZp8NJK_GWNSlsimoPJhmrqzRCvusxVahCb1ysfH3IjTjp6kBTmSznMattPNdz7kWL5zSjRxc5UXnpPg-8fX593Gims6EiTuoYxp6gHRy3ct_wPuaq34LT24_iumkkwu2ViCmSAcVjanj8WfS6sfM4AhvHUD89dbB-FSFaI25UF7ciaNe-ndzcx3Y94X0RvAYWtwOpfd4Whke0D_3StVRtJaG2FQQYqHK_cnfUPEQIkIwpImJFgfrHatPP1Lbb4zp3kM0Rsc4IgEbQZSkg_R6DLMffZVntQ2lzV53Z9HPy3jMNzr1BlnTY6TAYblyWLUfSdFUSR0w3XjVmrqqNyQ0PRhFpI2YQ_4Y_aXGrh2om45hXE4Ih_Xwq6CyrP8vOzB23xveF8zCBiXBoG7Hx-I5sD54bRFp_FQdEoNc964r3wLRhLS3BAA3sZ5BhV6a_qJ1-54xLdYquazvIrX5LmR7Q2xKJfTra42tRrHCUNEYzXksMl8wqJTTrt0pCp5Q2fuyxXwZ5OZOKJprdmJSagls3u6FNhbT9zlfTTEOhecrST4V0DHgo9GklTKd3THCtK2nBYtCbRzyERelHVTjjROjCSpPYx9KWI3dW8PeUL0biq_SHpjXL-YTfsycpa77m9uEfxXm-j_JzA6bQpWMrYxLfZ-bHbWcZj1Fpwp_FBCZ3RXirGDhW6wuXcxbaZkEeLt14eXpOJEh3tXI6o61sKId8iMlLSkIv_tCmccnw2RooG-CjMZa_JV8zvtkcCh3M-fs_HOLNxlm3iNcUK-DpK-fTABZEAhsG5lWzkZgRrwhsk_tsiPLSbRgO9B9sJ3l0WKCqOsKnQ99mUcQrjN8lzRUtpQRunJrMYki9mF-sgJ7ewfktXaEa-ehWN5L4QS-pPXlgC_7F5ZaUJzviOap0ltYsizYB-tsGgv-Xx9hAxVvlhfBZ0xckIT11HPXU87pwfOJD1RaRy0zfDiOnSn5C2Eh8SNRdDTELd_wcJyqdyKgArEaXUyqg0XzsyfdkBv8y5D52XYOu3roVbC-sSmHJgjEWI7OkuNWcQzjeAeK2uVBt6wpJAAXwbEwI9f8wmKVo02rIgz_o45iF7r1aEy-DETwDUmLF9zPsKhQ_2CkgGwaGqU7dyawoE8vHFyYH1CY7Y4Zw77AaWwI-FDVxk3mXlQC4G_zywOSaCK-ibRfGBZOBBEP-cr7A0qc0j_Qn4OB3w0bUSjULW8536UrrYSu4f2cehyUKuKbZmHxnnizJ1MZYuLEz6qN_XcsL94gE-Vpvj2bEO8Y-db4Yj1DqNVzTE6Wv6HYye14LOoU-c59cDSDyZvp_tIYZeU5Z5J8SKJdg5CknvDDX4b-pbXZNW4quVBrivy3rQB8Lqw7DiPky97QbNUXp3jpn1jhXIOJVIM8Wfr9hRKVdqD7dob6B5v8aKEX62RnTLQ8mAXF27KELCXlTr-mu7yl0vwGKcORgVgra_XUDDxPhgYyfiuBbeEvQGvdWmWwxQi_qlyKCei2Em6meGUcw1sI2ZNOP9Ic2BY1aieduoAgkCB6HWcatNmfbHE-gGHkOhpy5QzBFNx1y0MvKsnjXohNkDchum9qm4Mx0qpx6bW5B9NLziDVDZIsjIYJPBt6EF8ccknm4SaqlKrnrLOHobicMzGTHqPjqEiII50Dtt7DKy4td7QL2MNub99cS-i1ckbraSPpWs51zmkw&cid=CAASEuRoXy37hcHJhWGq4a2u23hyyg&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
f4531c23652f58a8c6e1bf3b03517515df38ebdd06ac48f69432ac02bca3b5b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26005
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E66
42 B
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DiirzhfbjnH9sAJZp1cbYg2591qJLWtrOEct6OjYpbYgYpYPfxbd636dI47YlWy-oesGkHVmFbvPy9L4XByprPVh89EnGyJEnUqWtkguyhjTijoYM
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame 3E66
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/window_focus_fy2019.js
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:22:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E66
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842920177421"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38075
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame 3E66
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
10674426802404029766
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:22:07 GMT
casale
match.adsrvr.org/track/cmf/ Frame B1B8
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMtov9QCPYvO9ae5qL0nGgAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN (),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B1B8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&cm_dsp_id=85&ixi=1&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMtowX6-fDkfLuTo.m8DqwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
43 B
931 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B1B8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&dcc=t
43 B
720 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN (),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:41 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:41 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B1B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMtov9QCPYvO9ae5qL0nGgAABLMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECuujU694ixr7sc2AdBLyQQ&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECuujU694ixr7sc2AdBLyQQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECuujU694ixr7sc2AdBLyQQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=YMtov9QCPYvO9ae5qL0nGgAA%261203
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame B1B8
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YMtov9QCPYvO9ae5qL0nGgAA%261203?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.196
content-type
image/gif
content-length
49
expires
0
113
match.deepintent.com/usersync/ Frame B1B8
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:40 GMT
content-length
0
server
b
crum
dsum-sec.casalemedia.com/ Frame B1B8
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_60cb68c155db9&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60cb68c155db9
43 B
904 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60cb68c155db9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

date
Thu, 17 Jun 2021 15:22:41 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60cb68c155db9
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame B1B8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
43 B
1023 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

Date
Thu, 17 Jun 2021 15:25:02 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Jun 2021 15:25:01 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B1B8
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YMtov9QCPYvO9ae5qL0nGgAA%261203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 15:22:41 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2761
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Jun 2021 16:08:42 GMT
disc.png
s.isanook.com/sr/0/images/joox-home/
11 KB
11 KB
Image
General
Full URL
https://s.isanook.com/sr/0/images/joox-home/disc.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5800186dfe1f045bf506a3981070d552a8d1da1d9ef16899e1987e57102e7092

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 21:32:19 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:12 GMT
server
Lego Server
age
0
etag
"60c9855c-2d12"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13608978084457184339
accept-ranges
bytes
content-length
11538
expires
Fri, 16 Jul 2021 21:32:19 GMT
logo02.png
s.isanook.com/sr/0/images/joox-home/
592 B
789 B
Image
General
Full URL
https://s.isanook.com/sr/0/images/joox-home/logo02.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4510c424b1e231feccf2d713061ef7b73829f075a9f91a75e49dd3556051d5a3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 07:13:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
1821
server
Lego Server
age
0
etag
W/"PSA-aj-glsbuxvdic"
vary
User-Agent
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
9952048680356691071
accept-ranges
bytes
content-length
592
expires
Sat, 17 Jul 2021 02:00:38 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi8zLzYvNjQ5YTFlYTdiODlkM2M2OTJhMGQwYWMwNjVjZGI4MzYuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/
54 KB
55 KB
Image
General
Full URL
https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi8zLzYvNjQ5YTFlYTdiODlkM2M2OTJhMGQwYWMwNjVjZGI4MzYuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e1eea1640a99dad163f68e61551270bfe0548820de1463cf1acb8fe4e7c53c00

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 18:17:39 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
13161503496322788146
accept-ranges
bytes
content-length
55678
expires
Fri, 16 Jul 2021 18:17:39 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi81LzcvYzRiNGQ0YTg5M2Y5N2MyOTY2MTA1NmQzMmFlMjlmNTcuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/
37 KB
38 KB
Image
General
Full URL
https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi81LzcvYzRiNGQ0YTg5M2Y5N2MyOTY2MTA1NmQzMmFlMjlmNTcuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1955fdb95aa4534a05fee4a3084e36f30857e4f39d2ff5aca46f632928365d00

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 10:28:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
15396664129105005829
accept-ranges
bytes
content-length
38298
expires
Thu, 15 Jul 2021 10:28:53 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi9mLzUvNGIxZmZiZTQxYTQyMzQ0NTU2MjI3YWE4MDZhM2NiZjUuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/
42 KB
42 KB
Image
General
Full URL
https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi9mLzUvNGIxZmZiZTQxYTQyMzQ0NTU2MjI3YWE4MDZhM2NiZjUuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
874abc6a94982dcf142e6b53fc1589ff578b760966a738766d5f0066c6741dbd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 07:26:13 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
8413370367661260803
accept-ranges
bytes
content-length
43273
expires
Fri, 16 Jul 2021 07:26:13 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOS8yLzhlYWVkYTY1NDUwZmM5NjQ1ZDViNjM4OGUyYzQ0YTkyLmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/
9 KB
9 KB
Image
General
Full URL
https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOS8yLzhlYWVkYTY1NDUwZmM5NjQ1ZDViNjM4OGUyYzQ0YTkyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
3d44c7e3f4a2a94bad0da6eb43938696afbc8f2a58cb8a74c71200875a0f8bad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 07:13:12 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
4997451025182869590
accept-ranges
bytes
content-length
9203
expires
Sat, 17 Jul 2021 07:13:12 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvYi8zL2NlYTYyMTk4OGJkYjlkZDI2ZTNlOWEyYTgwMjhlYmIzLmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/
5 KB
6 KB
Image
General
Full URL
https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvYi8zL2NlYTYyMTk4OGJkYjlkZDI2ZTNlOWEyYTgwMjhlYmIzLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
756a4617cc8422cc1474c9e67bcf9eec18604e0e4e4d4217a1384de409636b3b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 07:13:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
15523486822218307410
accept-ranges
bytes
content-length
5513
expires
Sat, 17 Jul 2021 07:13:17 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvYS83LzY3OTIzNWY4OGMxYWVhNDJjM2U2MmQyNjRjZTc1NmE3LmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/
6 KB
6 KB
Image
General
Full URL
https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvYS83LzY3OTIzNWY4OGMxYWVhNDJjM2U2MmQyNjRjZTc1NmE3LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4de2d3b0129049642fc1f0f54a49aa96e79de7c2e3ccf077c5da5ed21437eb79

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 10:58:57 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14687582097806041818
accept-ranges
bytes
content-length
5950
expires
Thu, 15 Jul 2021 10:58:57 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOC85L2RkZDM3MGE2NTgwNmE2MTk3NjY0ZDhmYWQxYWRmMTg5LmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/
9 KB
9 KB
Image
General
Full URL
https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOC85L2RkZDM3MGE2NTgwNmE2MTk3NjY0ZDhmYWQxYWRmMTg5LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
20e9dd5a44bfc6b252fc8aa780dd10f4f60eb0fa45fe3de96fcc81b963224b0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:05:49 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14432394755782312648
accept-ranges
bytes
content-length
9021
expires
Tue, 13 Jul 2021 13:05:49 GMT
/
graph.sanook.com/
2 KB
1 KB
Fetch
General
Full URL
https://graph.sanook.com/?operationName=getJooxSidebarEntries&variables=%7B%22channel%22%3A%22music%22%2C%22categoryIds%22%3A%5B929%5D%2C%22limit%22%3A4%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a93e9d353550365d8fc4242253f46aef6a8c21a8%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/nLPfs16Fld9xHhN6ErD5j/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
e23a9250c7455b9e53738ce705913e613af48255184dba0b4847f7561d1a6c37
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 17 Jun 2021 15:22:41 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
graph.sanook.com/ Frame
0
0
Preflight
General
Full URL
https://graph.sanook.com/?operationName=getJooxSidebarEntries&variables=%7B%22channel%22%3A%22music%22%2C%22categoryIds%22%3A%5B929%5D%2C%22limit%22%3A4%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a93e9d353550365d8fc4242253f46aef6a8c21a8%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Thu, 17 Jun 2021 15:22:41 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
activeview
pagead2.googlesyndication.com/pcs/ Frame 9E81
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfIi18B-FjuQ8eO90DhfJqnp964YtLCpAPZ_GtT6c7C16nUbrtW4KQ-q8MvFqJEpQodJP5sco-EHneMoXmMX6BN2b45XNt6xMuZaot2HQ&sig=Cg0ArKJSzG4NVlCKnmFIEAE&id=lidar2&mcvt=1184&p=344,108,789,238&mtos=1184,1184,1184,1184,1184&tos=1184,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2209700283&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623943359955&dlt=0&rpt=414&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 527E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrt_ZfCeXLZldgw83_IClsa3SScOTRVozL59dKAYSN1RBfq9QHXG5vLMb17vcTcY1GlGIbBELuludwvljRGHJMn53HsgSfLcY1DaRr6HHArQaSzQmUyoqt2OoQAlU1AZ0T_Oa_2vvHu4EXTyTrgB55k5GaPfiP5lJHFeMB8KLzHKx9ok9e2f1Y9SxzSMDJxQx3-YGRwlj9c-Sc1tPB9vNpHoMvvy9JFQGz0G7pSlw_OhUgRME0poNtG1w-xWM2uwK_2WqPelj-xYS0HZwhSWDaZsuI8cBtgYFiJCLwguNgtvPfqQ5bim1UPl0my6CGJkbleqC2ccE0GmDbIQ&sai=AMfl-YRPOWTZvbNmbsQZsjgJpt6Obc-KIW3KKl2hjSTJZ0DqKXXT7pKafeJCauO9-tu9lowIrJY1zA7jsPt_zTXy74U8nSs9WzY469jLlRYb1E1PEqmgjxUKFW-h823eI9I0&sig=Cg0ArKJSzAzTAXr86VEoEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Jun 2021 15:22:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 92F1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBjkrqPfRg33zXFMnH6vumDaoxtHrawU3EJtwvXkGdC3fOR0rphxGaIvzLOrS7xay655ufqosrGUjfN_Pq4JUexcGlqbVLIXNz5-x19QwdZsrP-RHEMriAkgoS3omjVXec0foHrxbkBpZJKoVlyO-POBEebSpEe0_DonmWrfWT6az8CvZwpTMoUw2w_JEFkNS2dsWkSbM_Ns8bCmvmIQa4gvzEddUXH4uHSnm4SjPjuvORdm4Nf4nhBcnTOTAQJ1dwRVEAF-h0F0JW-lDCqrcseR5V_Eg6gls3DxTlz2bHmnnHbig&sig=Cg0ArKJSzMeTS2BERxSxEAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 92F1
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 12:48:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jun 2022 12:48:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 92F1
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842920177421"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38075
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:41 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 527E
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842926269324"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28241
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 527E
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061505&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
f7b5d1e9db0177888752dd0c53ca76d1f2e94b4831052b5a3c465fefac7bf2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7970
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/722837/54927600/ Frame 3E66
48 KB
14 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/722837/54927600/skeleton.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.202.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f0871f0a815917ca984a52c4bdb7834994310b382aca767fffc2ae96bf9cdfb0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
gzip
x-server-name
app05.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 3E66
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Jun 2021 14:41:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/elements/html/ Frame 3E66
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dtl2X51e3HAK0NRHQ94m0GVYUXleu8-ktpZ72IJ8u1qTC9EnaxE00SarFszrDwCidHaqlYE4yJ48GOjLPu6w1SWaYpWM-Zf5nrJMdmBdtyvpZeFUiyPd81uOS5OM839TL3sKckXdZ-ydXW6JV4AGGMyPwFbw&dbm_d=AKAmf-Cg4o1eBLHPF-MbsYWdgM0cCXOnrcZFZes0-e0vzbXkXc9mg9MjAhsZpMs6jdarOxO-_1gKCcX_jyI3PGYyGNMexbUDd_swBHEPdgeroSepqCVw6x9XRl3nJ4u5fQWmx_5iMMvjRVdqBnJlaCKEzgX_cfR4ncvPBPFWWchBHZQJ-dP-RhKcG1xwiIUn_2yoQLHxztMLQK5pw181XuJoSdycUCm9VcUYfszoSK45C2pKhm4e68SFKN8Tj3IBIZji0GpdPK1WKONLeFohbknOjH1567RQmyuZYbh7KsfpH4GcYSrdoU1O0jf4eCzLNhIkQ6JlXo7tZ9ZRs_sSUmik9sOm1IOWbNYGz4-sI0msEAvBNcjNLnX1tIigbrYnfl2gJVHK2_Bdf_8jf0tY_yqomu7H3zC2OfTGzCCYVQ7bnkgTc9EJzC4zuUyuIBOjomiW9QjUq1mpYjDaB9F0BhrzSVfS45qEOjvTmiybQlFNZb8hkrf1isNOiu_TZL90blp9fj6Q95YoQtUkhdtE4u5WJwIqBJ1xPVBqbwkMdPkMJWuwFnU508IrpTmjZ773qKOLw7C76d0gaVEDHzO_7eLozDzE7psAP1IlZvfohuCQFHuqYjUsPjbbQiKGpqICAGWGmcea9P7Sbqhi71kTyDmnnAozsW3ltOnPaaGEfjC3sDIv0XITLddfJY5y7bkKoT3KhsEmcN7pWBzJYEWtESvksWJqkj07K9hN1kp01lUaeNq10ugL3Pkbp40tuEaLSYXy2TLYJkey6YVvsPIVc6IMOvM0KjONNqMgwgmQ5DB4YiF65GCjgTsz30S_LIB1t7XvuV6enJB_OT0udVzdq1e445BTs5UVUFxuNQEL_UvuEx2wnfoGvQ96UocatrFtNUchozR3eEL20qPpQ_hRDb3nLVe16n1ko3kxKeaOeOrbtDFQtbR26vSXKVD_i2ElmUOodyxto_Rhz94oQ6UzHM6CMuMy6ExpJ3nBnQXTSjDYGlhqcdghMwndOCgLIeQJKNb3Fiys9qkHApavGe6pVu2_olmiVTDZMw9sJT3OZuJSY_7DnKvmKrb6OUYD688Ylg6-bPqmsOcp5wzKBkEXBPEw-gcE4mcN3HQh2qIUfGl19idChLOsSLZ33jdpU7uHmwXan7JQJ3lamHK7-t0uOkGJoG13mASqGbUzd5lk9yf1l6-IplX4FiHZSrS6COnWWGVpS0vTpmXOF-7zU8jDTHXoNK7NOJKgSFhzt-RrvwQBJ4hkvzxt-xcgTlZp8NJK_GWNSlsimoPJhmrqzRCvusxVahCb1ysfH3IjTjp6kBTmSznMattPNdz7kWL5zSjRxc5UXnpPg-8fX593Gims6EiTuoYxp6gHRy3ct_wPuaq34LT24_iumkkwu2ViCmSAcVjanj8WfS6sfM4AhvHUD89dbB-FSFaI25UF7ciaNe-ndzcx3Y94X0RvAYWtwOpfd4Whke0D_3StVRtJaG2FQQYqHK_cnfUPEQIkIwpImJFgfrHatPP1Lbb4zp3kM0Rsc4IgEbQZSkg_R6DLMffZVntQ2lzV53Z9HPy3jMNzr1BlnTY6TAYblyWLUfSdFUSR0w3XjVmrqqNyQ0PRhFpI2YQ_4Y_aXGrh2om45hXE4Ih_Xwq6CyrP8vOzB23xveF8zCBiXBoG7Hx-I5sD54bRFp_FQdEoNc964r3wLRhLS3BAA3sZ5BhV6a_qJ1-54xLdYquazvIrX5LmR7Q2xKJfTra42tRrHCUNEYzXksMl8wqJTTrt0pCp5Q2fuyxXwZ5OZOKJprdmJSagls3u6FNhbT9zlfTTEOhecrST4V0DHgo9GklTKd3THCtK2nBYtCbRzyERelHVTjjROjCSpPYx9KWI3dW8PeUL0biq_SHpjXL-YTfsycpa77m9uEfxXm-j_JzA6bQpWMrYxLfZ-bHbWcZj1Fpwp_FBCZ3RXirGDhW6wuXcxbaZkEeLt14eXpOJEh3tXI6o61sKId8iMlLSkIv_tCmccnw2RooG-CjMZa_JV8zvtkcCh3M-fs_HOLNxlm3iNcUK-DpK-fTABZEAhsG5lWzkZgRrwhsk_tsiPLSbRgO9B9sJ3l0WKCqOsKnQ99mUcQrjN8lzRUtpQRunJrMYki9mF-sgJ7ewfktXaEa-ehWN5L4QS-pPXlgC_7F5ZaUJzviOap0ltYsizYB-tsGgv-Xx9hAxVvlhfBZ0xckIT11HPXU87pwfOJD1RaRy0zfDiOnSn5C2Eh8SNRdDTELd_wcJyqdyKgArEaXUyqg0XzsyfdkBv8y5D52XYOu3roVbC-sSmHJgjEWI7OkuNWcQzjeAeK2uVBt6wpJAAXwbEwI9f8wmKVo02rIgz_o45iF7r1aEy-DETwDUmLF9zPsKhQ_2CkgGwaGqU7dyawoE8vHFyYH1CY7Y4Zw77AaWwI-FDVxk3mXlQC4G_zywOSaCK-ibRfGBZOBBEP-cr7A0qc0j_Qn4OB3w0bUSjULW8536UrrYSu4f2cehyUKuKbZmHxnnizJ1MZYuLEz6qN_XcsL94gE-Vpvj2bEO8Y-db4Yj1DqNVzTE6Wv6HYye14LOoU-c59cDSDyZvp_tIYZeU5Z5J8SKJdg5CknvDDX4b-pbXZNW4quVBrivy3rQB8Lqw7DiPky97QbNUXp3jpn1jhXIOJVIM8Wfr9hRKVdqD7dob6B5v8aKEX62RnTLQ8mAXF27KELCXlTr-mu7yl0vwGKcORgVgra_XUDDxPhgYyfiuBbeEvQGvdWmWwxQi_qlyKCei2Em6meGUcw1sI2ZNOP9Ic2BY1aieduoAgkCB6HWcatNmfbHE-gGHkOhpy5QzBFNx1y0MvKsnjXohNkDchum9qm4Mx0qpx6bW5B9NLziDVDZIsjIYJPBt6EF8ccknm4SaqlKrnrLOHobicMzGTHqPjqEiII50Dtt7DKy4td7QL2MNub99cS-i1ckbraSPpWs51zmkw&cid=CAASEuRoXy37hcHJhWGq4a2u23hyyg&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:18:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/ Frame 3E66
22 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dtl2X51e3HAK0NRHQ94m0GVYUXleu8-ktpZ72IJ8u1qTC9EnaxE00SarFszrDwCidHaqlYE4yJ48GOjLPu6w1SWaYpWM-Zf5nrJMdmBdtyvpZeFUiyPd81uOS5OM839TL3sKckXdZ-ydXW6JV4AGGMyPwFbw&dbm_d=AKAmf-Cg4o1eBLHPF-MbsYWdgM0cCXOnrcZFZes0-e0vzbXkXc9mg9MjAhsZpMs6jdarOxO-_1gKCcX_jyI3PGYyGNMexbUDd_swBHEPdgeroSepqCVw6x9XRl3nJ4u5fQWmx_5iMMvjRVdqBnJlaCKEzgX_cfR4ncvPBPFWWchBHZQJ-dP-RhKcG1xwiIUn_2yoQLHxztMLQK5pw181XuJoSdycUCm9VcUYfszoSK45C2pKhm4e68SFKN8Tj3IBIZji0GpdPK1WKONLeFohbknOjH1567RQmyuZYbh7KsfpH4GcYSrdoU1O0jf4eCzLNhIkQ6JlXo7tZ9ZRs_sSUmik9sOm1IOWbNYGz4-sI0msEAvBNcjNLnX1tIigbrYnfl2gJVHK2_Bdf_8jf0tY_yqomu7H3zC2OfTGzCCYVQ7bnkgTc9EJzC4zuUyuIBOjomiW9QjUq1mpYjDaB9F0BhrzSVfS45qEOjvTmiybQlFNZb8hkrf1isNOiu_TZL90blp9fj6Q95YoQtUkhdtE4u5WJwIqBJ1xPVBqbwkMdPkMJWuwFnU508IrpTmjZ773qKOLw7C76d0gaVEDHzO_7eLozDzE7psAP1IlZvfohuCQFHuqYjUsPjbbQiKGpqICAGWGmcea9P7Sbqhi71kTyDmnnAozsW3ltOnPaaGEfjC3sDIv0XITLddfJY5y7bkKoT3KhsEmcN7pWBzJYEWtESvksWJqkj07K9hN1kp01lUaeNq10ugL3Pkbp40tuEaLSYXy2TLYJkey6YVvsPIVc6IMOvM0KjONNqMgwgmQ5DB4YiF65GCjgTsz30S_LIB1t7XvuV6enJB_OT0udVzdq1e445BTs5UVUFxuNQEL_UvuEx2wnfoGvQ96UocatrFtNUchozR3eEL20qPpQ_hRDb3nLVe16n1ko3kxKeaOeOrbtDFQtbR26vSXKVD_i2ElmUOodyxto_Rhz94oQ6UzHM6CMuMy6ExpJ3nBnQXTSjDYGlhqcdghMwndOCgLIeQJKNb3Fiys9qkHApavGe6pVu2_olmiVTDZMw9sJT3OZuJSY_7DnKvmKrb6OUYD688Ylg6-bPqmsOcp5wzKBkEXBPEw-gcE4mcN3HQh2qIUfGl19idChLOsSLZ33jdpU7uHmwXan7JQJ3lamHK7-t0uOkGJoG13mASqGbUzd5lk9yf1l6-IplX4FiHZSrS6COnWWGVpS0vTpmXOF-7zU8jDTHXoNK7NOJKgSFhzt-RrvwQBJ4hkvzxt-xcgTlZp8NJK_GWNSlsimoPJhmrqzRCvusxVahCb1ysfH3IjTjp6kBTmSznMattPNdz7kWL5zSjRxc5UXnpPg-8fX593Gims6EiTuoYxp6gHRy3ct_wPuaq34LT24_iumkkwu2ViCmSAcVjanj8WfS6sfM4AhvHUD89dbB-FSFaI25UF7ciaNe-ndzcx3Y94X0RvAYWtwOpfd4Whke0D_3StVRtJaG2FQQYqHK_cnfUPEQIkIwpImJFgfrHatPP1Lbb4zp3kM0Rsc4IgEbQZSkg_R6DLMffZVntQ2lzV53Z9HPy3jMNzr1BlnTY6TAYblyWLUfSdFUSR0w3XjVmrqqNyQ0PRhFpI2YQ_4Y_aXGrh2om45hXE4Ih_Xwq6CyrP8vOzB23xveF8zCBiXBoG7Hx-I5sD54bRFp_FQdEoNc964r3wLRhLS3BAA3sZ5BhV6a_qJ1-54xLdYquazvIrX5LmR7Q2xKJfTra42tRrHCUNEYzXksMl8wqJTTrt0pCp5Q2fuyxXwZ5OZOKJprdmJSagls3u6FNhbT9zlfTTEOhecrST4V0DHgo9GklTKd3THCtK2nBYtCbRzyERelHVTjjROjCSpPYx9KWI3dW8PeUL0biq_SHpjXL-YTfsycpa77m9uEfxXm-j_JzA6bQpWMrYxLfZ-bHbWcZj1Fpwp_FBCZ3RXirGDhW6wuXcxbaZkEeLt14eXpOJEh3tXI6o61sKId8iMlLSkIv_tCmccnw2RooG-CjMZa_JV8zvtkcCh3M-fs_HOLNxlm3iNcUK-DpK-fTABZEAhsG5lWzkZgRrwhsk_tsiPLSbRgO9B9sJ3l0WKCqOsKnQ99mUcQrjN8lzRUtpQRunJrMYki9mF-sgJ7ewfktXaEa-ehWN5L4QS-pPXlgC_7F5ZaUJzviOap0ltYsizYB-tsGgv-Xx9hAxVvlhfBZ0xckIT11HPXU87pwfOJD1RaRy0zfDiOnSn5C2Eh8SNRdDTELd_wcJyqdyKgArEaXUyqg0XzsyfdkBv8y5D52XYOu3roVbC-sSmHJgjEWI7OkuNWcQzjeAeK2uVBt6wpJAAXwbEwI9f8wmKVo02rIgz_o45iF7r1aEy-DETwDUmLF9zPsKhQ_2CkgGwaGqU7dyawoE8vHFyYH1CY7Y4Zw77AaWwI-FDVxk3mXlQC4G_zywOSaCK-ibRfGBZOBBEP-cr7A0qc0j_Qn4OB3w0bUSjULW8536UrrYSu4f2cehyUKuKbZmHxnnizJ1MZYuLEz6qN_XcsL94gE-Vpvj2bEO8Y-db4Yj1DqNVzTE6Wv6HYye14LOoU-c59cDSDyZvp_tIYZeU5Z5J8SKJdg5CknvDDX4b-pbXZNW4quVBrivy3rQB8Lqw7DiPky97QbNUXp3jpn1jhXIOJVIM8Wfr9hRKVdqD7dob6B5v8aKEX62RnTLQ8mAXF27KELCXlTr-mu7yl0vwGKcORgVgra_XUDDxPhgYyfiuBbeEvQGvdWmWwxQi_qlyKCei2Em6meGUcw1sI2ZNOP9Ic2BY1aieduoAgkCB6HWcatNmfbHE-gGHkOhpy5QzBFNx1y0MvKsnjXohNkDchum9qm4Mx0qpx6bW5B9NLziDVDZIsjIYJPBt6EF8ccknm4SaqlKrnrLOHobicMzGTHqPjqEiII50Dtt7DKy4td7QL2MNub99cS-i1ckbraSPpWs51zmkw&cid=CAASEuRoXy37hcHJhWGq4a2u23hyyg&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a39d2ec9bcdaae22f3c1e9ce78d608ccb743b7c52d072d01475e69fd4ef32f34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8638
x-xss-protection
0
server
cafe
etag
1523618549969485492
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:18:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CE14
611 B
316 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUlgK9MDBhh5v1q1yBkRT-I4cVR7Gv0vVVuP5XbLtaVG91sIMwSvA1Y22ikIg0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 17 Jun 2021 15:22:41 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C20A
43 KB
21 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bzd5gyW9GaeeCmm3cKsIXEsCtHzoM9nX83-ads_LOJncAbLeNNq0fENDdR_oszbACEhvMaRFaxOwySCjTm8PaBv_-muDGll_p7a-lBS6oi33m-fR_tKMvY9jqqsXE9Rn2pqbVTRtiOziN_vXtZEe9QXGhGGA&dbm_d=AKAmf-CucHDyVevtvXz5USWEImCMZiRUY0WP6mJPgzqdSyz2qeYr6BiXtf5SrFD3ZqmaQWntckRI9r1Eu9kNb3dpElzIRUjDakexfIppbohovsjveT19J-1zXznFgk0Q9x8Xz6OPssEkRxV_T5JgCvPuPtq6-Ty23BXjoKz8CPm91UV1yANYkmgHlMGdew7EO60nWeIugFmO_68T1VUvgiMEYwjALWa8XQIco_gulhooGnnr7y5qiMd3SShuO-ckX9avd1XhJR_O8q-hr4PIcdNzC__QuQtc2Trp6DXLxOttXX_Ze1Ru-BQnAf_FlaiGA-BQ4p9whDTL52bugqZqoLr_xT9x_If90y2RMOjEUHTH6ufb1DuWLX92c6HJcZQJbsPM_QqyNTf6VM_d-3dTnWLrgUGRN4A1fnbD-Z95NPA-GpXeR4Y0X5dQ19KfrtqoKUHcCVEdITJVEGRDTsGO5-hnmGtafzXYwZHVaLkQjwILYdfIETDuU3AVSCbEIubPhRSyugooyUP97SsvE_EAwuEkCKFlvo5R5Y4EeW_lNIBlPTC2Mitxh0GCkQokPjRnbovyvL0hKdtSkbLeolwdACuyWHl9uNO1Xky6x3047ag4LcjRDGlf7puxzNuMj4MzNtb4SL-tGr7vAikfFh_qsZZ_LhYZP54fqetQvUzhYb7Gzy3bwq0mlZjgdDrixslVEoKzecgCJxKeOIlTOirUT-zefhS-umaQxaMouznhYUh6r6rabDx_gRSfxelj3QBbOmv-X0Ob1JJxhPFr-LPeh8dL0kfBbYYef4xSbyJUJedq0EJJWYEDjN52AqMkn8PO4lzqBhVK-il5qMq1pEEebnj6MH1I0EUGJ2aGQsGc6fVQuabnWKuF4Wz7jZQzlVEm3gb5g47QkE7I3QtsgtiFX6vjVJXsXnniFAW8NOH9OF8ZwFEN57xOBXU1ScFiO2CEknw4aDrV05jheWf-jCuKtpffS_Oosh-mAaMBmfmyHjtOkWmiaLz-pxdirnVe8NWTzupAa_Rlp7RYoqMrz--GzMLOhI_FQ7BgYtbPtT9ssl1iXiqJq7GLSAObEW6C6ZmYjor6j8kzr9AN4plSSIuHFvUs1_8LWj2s7kOHhfmxqSsRqixQcKSItLL4VVOp13n-6DfQKFZFKdwTBDD6q0A1-H3M8CzY7fO0zuKYNrvee57gOaY-xzI9pDyG2WPawOzSV47w6nVpqVPE18Usb0_xQZrnYOxtJO2fnmo8r1zov1WPYottZCIVr1KvTRLGYN8JtkcKFdcEj3D0HcHl1-OAxOAtgpIsD_Hu8nH0vyfZoK7vx7mDefuEWoNsviV52xU4wIQZvypOoXHdiq0ecKSk5heqrwM_ucIIeEWDgpPnUrkxoU9M3bFczpk_XjJnEhfy0bVmMdkbwsAxEPlBJEJYHnFoLEz9_rZBNhJsW9x5jVd3JzzrSyBmKEUYC86HL9oc0RyXzXVJMwHxQwszKGEuXB2fP8-Qya40GMYGN5C_IsZvKu_EONNCuzPYNNLkJXseV5XNjS_rCHXM7GwD0XGPZl3rrLDSW9lebTMiPTSbiRZi_5v_10pztms9bqMyOuVuS9PRD4CQm0Bcw46AQQw7znLi-JRIdzg6Ny4NFcqZ1jmD3Liex_fPkFmSyvhWpOl3cLnERXV3_AmMIDzJcVRhI5KCC-430lulMYtbN3b9vIPgkiZu-UX9SP6DvHwUnCBDtbacSGcHgztbsky8PAwdW-IJVoQUXXW--7y05x7kpXqMvxzoU9MHjqGX_k5jWy4gX2ed9DJZLuBr0svhCG9UErfnKpp4AcAdHdpQCCyIn4q3uH2qHbGbouaLiniFKInMN64ocisCFH9LKs4sIvAaYyPAN_I3kakU7ndLScWOlayKrWRLzvKr8p7Q-MtUoYNT0yY61w0mB8vEsAmaxif3gHjiqsZjuDOoRHJFKgjR9YTR_tgXeN2eSciH2Jbv0sfOi-NXOSOkrtI_gSbn15HHKmCF_cPSCRDrjfP4SzRzUsK-0-bPnia6hRRL40Lln_9V8Hv-hoZtQrJEwRE3QfyNQfXAWBNKxH-OW2qKd1F0iM89ByIbyIL_BZF_MmRLi9fTl3Q_keHAliUywocqljW50QNQCFBoE5OrgImn5YMvp6FIA7LU0H0TkR4_a1IivdSVlHyMtF7MqLYy3ljTQcgGcxXHRpQBvLdRnL9SiUp4hsCRmDL3RiL4RSvIr-Oidz9BpC9VfsfhsiOei61lxYIgvNfHoDsZITklZZzHNExsUSIxm5Iw_DCkFlv8z7XzSn9VpemslRnL91zdJwY81HJSEBoebD32iSGm0FECHpZamO75sulJGAQAXvFcyF3Epmqd155i91oxqnsN0WiaWQNx-qhnaGgm_Fgr8R-lFXN8u828ddlcxl-WNyde-j530ZG3OZYSBD5yt6TYdlJhUo-vTB1QRdfB2bOPXCU1z5N7FxG7vIznl0Vm6rm1hNRXasLeVaieH-UL4GCTecSIZEyfUvOm8G-JeWQhV6zW_-qJXVR5xn8RMB1tw9Ekgwl05cdi0a0GsbefsdFSiRKPW27OWah_6W8aXbXz1y6Fb0285vpDpDKkEGYfy3wsAMO-Jeumtxo_nET1KQ2ct2a9RSxvPbhLE2X4Rw6mdJgu-wEGyT9MXqYBfRBbsrLt29JfhfR3gXlEoupTDD1F10BJZjKZrTPhWFO_og47umpp2qklkNI5xRyLqBlo456s04kj2Qz0J9A_Xti7_9KJUo6l3ejmrIzt5vAWhEXV0gp25oZVRfwehPPnZ76XMe94H_oIrH3VbPDzbv9c1yn1FcynEEYuSr1wLOY4nTPPUTlWBUX3zk5rpXBgx4fJ_UxqLPdRZ1QmsvnduMt7XFezPLArbnayrF75ctCefKLZtkyzK18SfticE9ayuRSyQ4sAZvq-agaq5_UdhKy5zJV4wqqy9rW4aDwqrF2iDVyYNCAFjiFZWdFQv3Nn5t3x77U&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
aa8ed414357cc5d42fb3b8530b68f3964b43bb585ffd80c65055a91af19c2b2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21102
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C20A
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRcEyvyfzUtkA7tY3l3D4RtUwqwP0l0-Nqs51NXkrMP8kvhKjFSCGNsv1tHsaxsFw3S9XbOwnB8DO2xcYHcxYPgOon9UDCGkdd1Y-bS16-IKPFEKg
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame C20A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/window_focus_fy2019.js
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:22:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C20A
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623842920177421"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38075
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame C20A
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
10674426802404029766
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:22:07 GMT
wl
t.pubmatic.com/
17 B
181 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/
17 B
93 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/
17 B
93 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/
17 B
93 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/
17 B
93 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/
17 B
93 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/
17 B
93 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 527E
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061505.js?31061481
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:41 GMT
pixel
cm.g.doubleclick.net/ Frame C6C5
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C6C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1
43 B
931 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Jun 2021 15:22:41 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C6C5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMtowX6-fDkfLuTo.m8DqwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQpK2PAhi7o7SrATAB&v=APEucNVUDKY9irDL_hSSkY14sE49t5r3fdcchuwHEDN26Da7FqaNCylFYErQrelY1OZIAfZMZ-tR7kiH5FeNMmo4GIjzRbpA7w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Jun 2021 15:22:42 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAnPssy-LS_j6Wht0GjCmBs&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 92F1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs22fVnjVG6sGQRJ3v5wIvi-REQtdHgJLdcaML-M_1IZTGRY_qkmKAaj-LMdRFMDr7b4CVZHZATZa6Gr3MijtIFwrDGlI-l8krEXXqhkr5ucICHtdFhCNUDz7ScYyE-YRaj1QSLbm5b0tIoBI-PeMp9Rs7aMgQ40Rh6jAsdK-wR87gU7Q4ifBKKxoJ--AzjWJKQ6Da7CGbsXceElED523CbblVNCuAl08kIMiOZuODqOy3swJuYEPaUc7S_Qopyau2CNP-9g80q9fNCMmJZZDWUCayEElclnnEYMu9S68hoCuweq3j8Q&sig=Cg0ArKJSzH9W40T30KCKEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN (),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 17 Jun 2021 15:22:41 GMT
bounce
ib.adnxs.com/ Frame 9862
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
824 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN (),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:42 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid
be5dd20b-6ce3-4862-86a2-4d9d4618b051
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:41 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
0291adb5-e1cf-4c7e-8068-ab375b626472
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 6489
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
823 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN (),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:42 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.46:80
AN-X-Request-Uuid
595f0260-1e9b-4dfe-85ab-1c1cb3fa73c7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:41 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid
c81e99b2-d7b3-41e5-aec4-658fab573111
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/ Frame C20A
22 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bzd5gyW9GaeeCmm3cKsIXEsCtHzoM9nX83-ads_LOJncAbLeNNq0fENDdR_oszbACEhvMaRFaxOwySCjTm8PaBv_-muDGll_p7a-lBS6oi33m-fR_tKMvY9jqqsXE9Rn2pqbVTRtiOziN_vXtZEe9QXGhGGA&dbm_d=AKAmf-CucHDyVevtvXz5USWEImCMZiRUY0WP6mJPgzqdSyz2qeYr6BiXtf5SrFD3ZqmaQWntckRI9r1Eu9kNb3dpElzIRUjDakexfIppbohovsjveT19J-1zXznFgk0Q9x8Xz6OPssEkRxV_T5JgCvPuPtq6-Ty23BXjoKz8CPm91UV1yANYkmgHlMGdew7EO60nWeIugFmO_68T1VUvgiMEYwjALWa8XQIco_gulhooGnnr7y5qiMd3SShuO-ckX9avd1XhJR_O8q-hr4PIcdNzC__QuQtc2Trp6DXLxOttXX_Ze1Ru-BQnAf_FlaiGA-BQ4p9whDTL52bugqZqoLr_xT9x_If90y2RMOjEUHTH6ufb1DuWLX92c6HJcZQJbsPM_QqyNTf6VM_d-3dTnWLrgUGRN4A1fnbD-Z95NPA-GpXeR4Y0X5dQ19KfrtqoKUHcCVEdITJVEGRDTsGO5-hnmGtafzXYwZHVaLkQjwILYdfIETDuU3AVSCbEIubPhRSyugooyUP97SsvE_EAwuEkCKFlvo5R5Y4EeW_lNIBlPTC2Mitxh0GCkQokPjRnbovyvL0hKdtSkbLeolwdACuyWHl9uNO1Xky6x3047ag4LcjRDGlf7puxzNuMj4MzNtb4SL-tGr7vAikfFh_qsZZ_LhYZP54fqetQvUzhYb7Gzy3bwq0mlZjgdDrixslVEoKzecgCJxKeOIlTOirUT-zefhS-umaQxaMouznhYUh6r6rabDx_gRSfxelj3QBbOmv-X0Ob1JJxhPFr-LPeh8dL0kfBbYYef4xSbyJUJedq0EJJWYEDjN52AqMkn8PO4lzqBhVK-il5qMq1pEEebnj6MH1I0EUGJ2aGQsGc6fVQuabnWKuF4Wz7jZQzlVEm3gb5g47QkE7I3QtsgtiFX6vjVJXsXnniFAW8NOH9OF8ZwFEN57xOBXU1ScFiO2CEknw4aDrV05jheWf-jCuKtpffS_Oosh-mAaMBmfmyHjtOkWmiaLz-pxdirnVe8NWTzupAa_Rlp7RYoqMrz--GzMLOhI_FQ7BgYtbPtT9ssl1iXiqJq7GLSAObEW6C6ZmYjor6j8kzr9AN4plSSIuHFvUs1_8LWj2s7kOHhfmxqSsRqixQcKSItLL4VVOp13n-6DfQKFZFKdwTBDD6q0A1-H3M8CzY7fO0zuKYNrvee57gOaY-xzI9pDyG2WPawOzSV47w6nVpqVPE18Usb0_xQZrnYOxtJO2fnmo8r1zov1WPYottZCIVr1KvTRLGYN8JtkcKFdcEj3D0HcHl1-OAxOAtgpIsD_Hu8nH0vyfZoK7vx7mDefuEWoNsviV52xU4wIQZvypOoXHdiq0ecKSk5heqrwM_ucIIeEWDgpPnUrkxoU9M3bFczpk_XjJnEhfy0bVmMdkbwsAxEPlBJEJYHnFoLEz9_rZBNhJsW9x5jVd3JzzrSyBmKEUYC86HL9oc0RyXzXVJMwHxQwszKGEuXB2fP8-Qya40GMYGN5C_IsZvKu_EONNCuzPYNNLkJXseV5XNjS_rCHXM7GwD0XGPZl3rrLDSW9lebTMiPTSbiRZi_5v_10pztms9bqMyOuVuS9PRD4CQm0Bcw46AQQw7znLi-JRIdzg6Ny4NFcqZ1jmD3Liex_fPkFmSyvhWpOl3cLnERXV3_AmMIDzJcVRhI5KCC-430lulMYtbN3b9vIPgkiZu-UX9SP6DvHwUnCBDtbacSGcHgztbsky8PAwdW-IJVoQUXXW--7y05x7kpXqMvxzoU9MHjqGX_k5jWy4gX2ed9DJZLuBr0svhCG9UErfnKpp4AcAdHdpQCCyIn4q3uH2qHbGbouaLiniFKInMN64ocisCFH9LKs4sIvAaYyPAN_I3kakU7ndLScWOlayKrWRLzvKr8p7Q-MtUoYNT0yY61w0mB8vEsAmaxif3gHjiqsZjuDOoRHJFKgjR9YTR_tgXeN2eSciH2Jbv0sfOi-NXOSOkrtI_gSbn15HHKmCF_cPSCRDrjfP4SzRzUsK-0-bPnia6hRRL40Lln_9V8Hv-hoZtQrJEwRE3QfyNQfXAWBNKxH-OW2qKd1F0iM89ByIbyIL_BZF_MmRLi9fTl3Q_keHAliUywocqljW50QNQCFBoE5OrgImn5YMvp6FIA7LU0H0TkR4_a1IivdSVlHyMtF7MqLYy3ljTQcgGcxXHRpQBvLdRnL9SiUp4hsCRmDL3RiL4RSvIr-Oidz9BpC9VfsfhsiOei61lxYIgvNfHoDsZITklZZzHNExsUSIxm5Iw_DCkFlv8z7XzSn9VpemslRnL91zdJwY81HJSEBoebD32iSGm0FECHpZamO75sulJGAQAXvFcyF3Epmqd155i91oxqnsN0WiaWQNx-qhnaGgm_Fgr8R-lFXN8u828ddlcxl-WNyde-j530ZG3OZYSBD5yt6TYdlJhUo-vTB1QRdfB2bOPXCU1z5N7FxG7vIznl0Vm6rm1hNRXasLeVaieH-UL4GCTecSIZEyfUvOm8G-JeWQhV6zW_-qJXVR5xn8RMB1tw9Ekgwl05cdi0a0GsbefsdFSiRKPW27OWah_6W8aXbXz1y6Fb0285vpDpDKkEGYfy3wsAMO-Jeumtxo_nET1KQ2ct2a9RSxvPbhLE2X4Rw6mdJgu-wEGyT9MXqYBfRBbsrLt29JfhfR3gXlEoupTDD1F10BJZjKZrTPhWFO_og47umpp2qklkNI5xRyLqBlo456s04kj2Qz0J9A_Xti7_9KJUo6l3ejmrIzt5vAWhEXV0gp25oZVRfwehPPnZ76XMe94H_oIrH3VbPDzbv9c1yn1FcynEEYuSr1wLOY4nTPPUTlWBUX3zk5rpXBgx4fJ_UxqLPdRZ1QmsvnduMt7XFezPLArbnayrF75ctCefKLZtkyzK18SfticE9ayuRSyQ4sAZvq-agaq5_UdhKy5zJV4wqqy9rW4aDwqrF2iDVyYNCAFjiFZWdFQv3Nn5t3x77U&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a39d2ec9bcdaae22f3c1e9ce78d608ccb743b7c52d072d01475e69fd4ef32f34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8638
x-xss-protection
0
server
cafe
etag
1523618549969485492
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:18:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/elements/html/ Frame C20A
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210615/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bzd5gyW9GaeeCmm3cKsIXEsCtHzoM9nX83-ads_LOJncAbLeNNq0fENDdR_oszbACEhvMaRFaxOwySCjTm8PaBv_-muDGll_p7a-lBS6oi33m-fR_tKMvY9jqqsXE9Rn2pqbVTRtiOziN_vXtZEe9QXGhGGA&dbm_d=AKAmf-CucHDyVevtvXz5USWEImCMZiRUY0WP6mJPgzqdSyz2qeYr6BiXtf5SrFD3ZqmaQWntckRI9r1Eu9kNb3dpElzIRUjDakexfIppbohovsjveT19J-1zXznFgk0Q9x8Xz6OPssEkRxV_T5JgCvPuPtq6-Ty23BXjoKz8CPm91UV1yANYkmgHlMGdew7EO60nWeIugFmO_68T1VUvgiMEYwjALWa8XQIco_gulhooGnnr7y5qiMd3SShuO-ckX9avd1XhJR_O8q-hr4PIcdNzC__QuQtc2Trp6DXLxOttXX_Ze1Ru-BQnAf_FlaiGA-BQ4p9whDTL52bugqZqoLr_xT9x_If90y2RMOjEUHTH6ufb1DuWLX92c6HJcZQJbsPM_QqyNTf6VM_d-3dTnWLrgUGRN4A1fnbD-Z95NPA-GpXeR4Y0X5dQ19KfrtqoKUHcCVEdITJVEGRDTsGO5-hnmGtafzXYwZHVaLkQjwILYdfIETDuU3AVSCbEIubPhRSyugooyUP97SsvE_EAwuEkCKFlvo5R5Y4EeW_lNIBlPTC2Mitxh0GCkQokPjRnbovyvL0hKdtSkbLeolwdACuyWHl9uNO1Xky6x3047ag4LcjRDGlf7puxzNuMj4MzNtb4SL-tGr7vAikfFh_qsZZ_LhYZP54fqetQvUzhYb7Gzy3bwq0mlZjgdDrixslVEoKzecgCJxKeOIlTOirUT-zefhS-umaQxaMouznhYUh6r6rabDx_gRSfxelj3QBbOmv-X0Ob1JJxhPFr-LPeh8dL0kfBbYYef4xSbyJUJedq0EJJWYEDjN52AqMkn8PO4lzqBhVK-il5qMq1pEEebnj6MH1I0EUGJ2aGQsGc6fVQuabnWKuF4Wz7jZQzlVEm3gb5g47QkE7I3QtsgtiFX6vjVJXsXnniFAW8NOH9OF8ZwFEN57xOBXU1ScFiO2CEknw4aDrV05jheWf-jCuKtpffS_Oosh-mAaMBmfmyHjtOkWmiaLz-pxdirnVe8NWTzupAa_Rlp7RYoqMrz--GzMLOhI_FQ7BgYtbPtT9ssl1iXiqJq7GLSAObEW6C6ZmYjor6j8kzr9AN4plSSIuHFvUs1_8LWj2s7kOHhfmxqSsRqixQcKSItLL4VVOp13n-6DfQKFZFKdwTBDD6q0A1-H3M8CzY7fO0zuKYNrvee57gOaY-xzI9pDyG2WPawOzSV47w6nVpqVPE18Usb0_xQZrnYOxtJO2fnmo8r1zov1WPYottZCIVr1KvTRLGYN8JtkcKFdcEj3D0HcHl1-OAxOAtgpIsD_Hu8nH0vyfZoK7vx7mDefuEWoNsviV52xU4wIQZvypOoXHdiq0ecKSk5heqrwM_ucIIeEWDgpPnUrkxoU9M3bFczpk_XjJnEhfy0bVmMdkbwsAxEPlBJEJYHnFoLEz9_rZBNhJsW9x5jVd3JzzrSyBmKEUYC86HL9oc0RyXzXVJMwHxQwszKGEuXB2fP8-Qya40GMYGN5C_IsZvKu_EONNCuzPYNNLkJXseV5XNjS_rCHXM7GwD0XGPZl3rrLDSW9lebTMiPTSbiRZi_5v_10pztms9bqMyOuVuS9PRD4CQm0Bcw46AQQw7znLi-JRIdzg6Ny4NFcqZ1jmD3Liex_fPkFmSyvhWpOl3cLnERXV3_AmMIDzJcVRhI5KCC-430lulMYtbN3b9vIPgkiZu-UX9SP6DvHwUnCBDtbacSGcHgztbsky8PAwdW-IJVoQUXXW--7y05x7kpXqMvxzoU9MHjqGX_k5jWy4gX2ed9DJZLuBr0svhCG9UErfnKpp4AcAdHdpQCCyIn4q3uH2qHbGbouaLiniFKInMN64ocisCFH9LKs4sIvAaYyPAN_I3kakU7ndLScWOlayKrWRLzvKr8p7Q-MtUoYNT0yY61w0mB8vEsAmaxif3gHjiqsZjuDOoRHJFKgjR9YTR_tgXeN2eSciH2Jbv0sfOi-NXOSOkrtI_gSbn15HHKmCF_cPSCRDrjfP4SzRzUsK-0-bPnia6hRRL40Lln_9V8Hv-hoZtQrJEwRE3QfyNQfXAWBNKxH-OW2qKd1F0iM89ByIbyIL_BZF_MmRLi9fTl3Q_keHAliUywocqljW50QNQCFBoE5OrgImn5YMvp6FIA7LU0H0TkR4_a1IivdSVlHyMtF7MqLYy3ljTQcgGcxXHRpQBvLdRnL9SiUp4hsCRmDL3RiL4RSvIr-Oidz9BpC9VfsfhsiOei61lxYIgvNfHoDsZITklZZzHNExsUSIxm5Iw_DCkFlv8z7XzSn9VpemslRnL91zdJwY81HJSEBoebD32iSGm0FECHpZamO75sulJGAQAXvFcyF3Epmqd155i91oxqnsN0WiaWQNx-qhnaGgm_Fgr8R-lFXN8u828ddlcxl-WNyde-j530ZG3OZYSBD5yt6TYdlJhUo-vTB1QRdfB2bOPXCU1z5N7FxG7vIznl0Vm6rm1hNRXasLeVaieH-UL4GCTecSIZEyfUvOm8G-JeWQhV6zW_-qJXVR5xn8RMB1tw9Ekgwl05cdi0a0GsbefsdFSiRKPW27OWah_6W8aXbXz1y6Fb0285vpDpDKkEGYfy3wsAMO-Jeumtxo_nET1KQ2ct2a9RSxvPbhLE2X4Rw6mdJgu-wEGyT9MXqYBfRBbsrLt29JfhfR3gXlEoupTDD1F10BJZjKZrTPhWFO_og47umpp2qklkNI5xRyLqBlo456s04kj2Qz0J9A_Xti7_9KJUo6l3ejmrIzt5vAWhEXV0gp25oZVRfwehPPnZ76XMe94H_oIrH3VbPDzbv9c1yn1FcynEEYuSr1wLOY4nTPPUTlWBUX3zk5rpXBgx4fJ_UxqLPdRZ1QmsvnduMt7XFezPLArbnayrF75ctCefKLZtkyzK18SfticE9ayuRSyQ4sAZvq-agaq5_UdhKy5zJV4wqqy9rW4aDwqrF2iDVyYNCAFjiFZWdFQv3Nn5t3x77U&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 15:18:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C20A
0
592 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssq3SyRunOVUp57OPew088gBDCbfcD79lyOYle_gDWHelhOwHIMRwFmHXLt_GG7Y7ffBhBPzUoUtQXRtOqPBzN-7emFrOQ1yNjd9YFtfZl_JizsQMsoOz5pm1d0IEtPLmmTEy6eUhFLu59SGPG9qAFKbrQ4LI1Vz5yokBz5weEb1lkb1NN4E-V6buZG7GcqCqlQlp1m-VujHRwpTD7i-9fcc71BkmYp1HylFPoReY7noM3wDytf-hnD8LWvEebRmaTsHizF0HfGnafZ53LVIdjw-vreTTCO73QBTcYfJWC1r6BXifPZGK3DppK-jiluPyynkA7nLO3coyO7REQ-hw9RmsXe3TDkftUXqxRA-94nvGGADyyAoZ-8Qap42to61s3Kn8qsXYld_EnrPYWwbWNUtSWYcHGWEd4yhOGyB-ecdZDrcFrGmFrWBpgo6Tj0-WqnCWA6TBEJo9NomiAuN0CGH-8BjeUZUMuOFsCQXIDQ0myiIUoBwOpS3788zwlinvVadica7O4ZZOF7H53Er9MujDW8w7F6oqTYDeuFVrUYkvmKB6iJDlxt7elD_PEMlrcJmOJ5zyCyBtR9dEWRobzTQbShLqmPtYLDupZKNM4wvYsEUkkFdtpe8naTXTFwDPAoBciX8rsR86uBzofCDcf_jWQlLHbvZDlzBnq4xq85kkeuUjfFgf022GguoxkjA4KuRN5oQ7CIQdeXigVUElkFyDndLy34MSSBYXftKKqdjeDNiwtg2hkfIiQJlMb7WdOw7EbnS03lUntBJLV6tlRpx2j2Tr7o6UGSP5oQBTTd_6hifc_VuI5nLx14-5xYubnaLGu5TyWdN1zDpKq8P13h77G-lCiXE71eTubgiGJCX3sHN_G4PdWbsWwCgr2Y3kIwPStnpYL_f1qcaQTTMhgHltSlpjNCzF_D7PRZMfHscNo891C7kavW6xs3tO0lHHdvfWV0iF8QhXv5tzlf5uvEbSy8__sh2mPx9fezvIAX5hfIZWzX1LsteYPd1IcDZESyBDSCZcoiUwU_PpQsQXoqino-koTaIPGY8AI5cGSsWDdYCUn1sSMw7fHbut9XA6cmsUgeJadzTZqi3yMHbxPE2vLckYAgDy8YugkRfsqkPpWRzx-PmRq2BJhdgHz4FfHpaEnfKkedpn4ZfuZu-PAMKOuP9GPCuYTp&sai=AMfl-YSoA8T0LamEDvAJCb6SbNRXUt9Gz8f7AEtbeHqmcFwxb63k3BLm22enrlPAVXxoESO4TxIXyO6EWrA7Lm6haCiXx_QMI2CZJsanL___Ps5w08WuJKa7O7blIsy-I4sFyWkoKl4iKbu5jOuxG49c_vC77ciUKQ&sig=Cg0ArKJSzJ_aLdbwW9OUEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210615.26868&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bzd5gyW9GaeeCmm3cKsIXEsCtHzoM9nX83-ads_LOJncAbLeNNq0fENDdR_oszbACEhvMaRFaxOwySCjTm8PaBv_-muDGll_p7a-lBS6oi33m-fR_tKMvY9jqqsXE9Rn2pqbVTRtiOziN_vXtZEe9QXGhGGA&dbm_d=AKAmf-CucHDyVevtvXz5USWEImCMZiRUY0WP6mJPgzqdSyz2qeYr6BiXtf5SrFD3ZqmaQWntckRI9r1Eu9kNb3dpElzIRUjDakexfIppbohovsjveT19J-1zXznFgk0Q9x8Xz6OPssEkRxV_T5JgCvPuPtq6-Ty23BXjoKz8CPm91UV1yANYkmgHlMGdew7EO60nWeIugFmO_68T1VUvgiMEYwjALWa8XQIco_gulhooGnnr7y5qiMd3SShuO-ckX9avd1XhJR_O8q-hr4PIcdNzC__QuQtc2Trp6DXLxOttXX_Ze1Ru-BQnAf_FlaiGA-BQ4p9whDTL52bugqZqoLr_xT9x_If90y2RMOjEUHTH6ufb1DuWLX92c6HJcZQJbsPM_QqyNTf6VM_d-3dTnWLrgUGRN4A1fnbD-Z95NPA-GpXeR4Y0X5dQ19KfrtqoKUHcCVEdITJVEGRDTsGO5-hnmGtafzXYwZHVaLkQjwILYdfIETDuU3AVSCbEIubPhRSyugooyUP97SsvE_EAwuEkCKFlvo5R5Y4EeW_lNIBlPTC2Mitxh0GCkQokPjRnbovyvL0hKdtSkbLeolwdACuyWHl9uNO1Xky6x3047ag4LcjRDGlf7puxzNuMj4MzNtb4SL-tGr7vAikfFh_qsZZ_LhYZP54fqetQvUzhYb7Gzy3bwq0mlZjgdDrixslVEoKzecgCJxKeOIlTOirUT-zefhS-umaQxaMouznhYUh6r6rabDx_gRSfxelj3QBbOmv-X0Ob1JJxhPFr-LPeh8dL0kfBbYYef4xSbyJUJedq0EJJWYEDjN52AqMkn8PO4lzqBhVK-il5qMq1pEEebnj6MH1I0EUGJ2aGQsGc6fVQuabnWKuF4Wz7jZQzlVEm3gb5g47QkE7I3QtsgtiFX6vjVJXsXnniFAW8NOH9OF8ZwFEN57xOBXU1ScFiO2CEknw4aDrV05jheWf-jCuKtpffS_Oosh-mAaMBmfmyHjtOkWmiaLz-pxdirnVe8NWTzupAa_Rlp7RYoqMrz--GzMLOhI_FQ7BgYtbPtT9ssl1iXiqJq7GLSAObEW6C6ZmYjor6j8kzr9AN4plSSIuHFvUs1_8LWj2s7kOHhfmxqSsRqixQcKSItLL4VVOp13n-6DfQKFZFKdwTBDD6q0A1-H3M8CzY7fO0zuKYNrvee57gOaY-xzI9pDyG2WPawOzSV47w6nVpqVPE18Usb0_xQZrnYOxtJO2fnmo8r1zov1WPYottZCIVr1KvTRLGYN8JtkcKFdcEj3D0HcHl1-OAxOAtgpIsD_Hu8nH0vyfZoK7vx7mDefuEWoNsviV52xU4wIQZvypOoXHdiq0ecKSk5heqrwM_ucIIeEWDgpPnUrkxoU9M3bFczpk_XjJnEhfy0bVmMdkbwsAxEPlBJEJYHnFoLEz9_rZBNhJsW9x5jVd3JzzrSyBmKEUYC86HL9oc0RyXzXVJMwHxQwszKGEuXB2fP8-Qya40GMYGN5C_IsZvKu_EONNCuzPYNNLkJXseV5XNjS_rCHXM7GwD0XGPZl3rrLDSW9lebTMiPTSbiRZi_5v_10pztms9bqMyOuVuS9PRD4CQm0Bcw46AQQw7znLi-JRIdzg6Ny4NFcqZ1jmD3Liex_fPkFmSyvhWpOl3cLnERXV3_AmMIDzJcVRhI5KCC-430lulMYtbN3b9vIPgkiZu-UX9SP6DvHwUnCBDtbacSGcHgztbsky8PAwdW-IJVoQUXXW--7y05x7kpXqMvxzoU9MHjqGX_k5jWy4gX2ed9DJZLuBr0svhCG9UErfnKpp4AcAdHdpQCCyIn4q3uH2qHbGbouaLiniFKInMN64ocisCFH9LKs4sIvAaYyPAN_I3kakU7ndLScWOlayKrWRLzvKr8p7Q-MtUoYNT0yY61w0mB8vEsAmaxif3gHjiqsZjuDOoRHJFKgjR9YTR_tgXeN2eSciH2Jbv0sfOi-NXOSOkrtI_gSbn15HHKmCF_cPSCRDrjfP4SzRzUsK-0-bPnia6hRRL40Lln_9V8Hv-hoZtQrJEwRE3QfyNQfXAWBNKxH-OW2qKd1F0iM89ByIbyIL_BZF_MmRLi9fTl3Q_keHAliUywocqljW50QNQCFBoE5OrgImn5YMvp6FIA7LU0H0TkR4_a1IivdSVlHyMtF7MqLYy3ljTQcgGcxXHRpQBvLdRnL9SiUp4hsCRmDL3RiL4RSvIr-Oidz9BpC9VfsfhsiOei61lxYIgvNfHoDsZITklZZzHNExsUSIxm5Iw_DCkFlv8z7XzSn9VpemslRnL91zdJwY81HJSEBoebD32iSGm0FECHpZamO75sulJGAQAXvFcyF3Epmqd155i91oxqnsN0WiaWQNx-qhnaGgm_Fgr8R-lFXN8u828ddlcxl-WNyde-j530ZG3OZYSBD5yt6TYdlJhUo-vTB1QRdfB2bOPXCU1z5N7FxG7vIznl0Vm6rm1hNRXasLeVaieH-UL4GCTecSIZEyfUvOm8G-JeWQhV6zW_-qJXVR5xn8RMB1tw9Ekgwl05cdi0a0GsbefsdFSiRKPW27OWah_6W8aXbXz1y6Fb0285vpDpDKkEGYfy3wsAMO-Jeumtxo_nET1KQ2ct2a9RSxvPbhLE2X4Rw6mdJgu-wEGyT9MXqYBfRBbsrLt29JfhfR3gXlEoupTDD1F10BJZjKZrTPhWFO_og47umpp2qklkNI5xRyLqBlo456s04kj2Qz0J9A_Xti7_9KJUo6l3ejmrIzt5vAWhEXV0gp25oZVRfwehPPnZ76XMe94H_oIrH3VbPDzbv9c1yn1FcynEEYuSr1wLOY4nTPPUTlWBUX3zk5rpXBgx4fJ_UxqLPdRZ1QmsvnduMt7XFezPLArbnayrF75ctCefKLZtkyzK18SfticE9ayuRSyQ4sAZvq-agaq5_UdhKy5zJV4wqqy9rW4aDwqrF2iDVyYNCAFjiFZWdFQv3Nn5t3x77U&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN (),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 17 Jun 2021 15:22:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C20A
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bzd5gyW9GaeeCmm3cKsIXEsCtHzoM9nX83-ads_LOJncAbLeNNq0fENDdR_oszbACEhvMaRFaxOwySCjTm8PaBv_-muDGll_p7a-lBS6oi33m-fR_tKMvY9jqqsXE9Rn2pqbVTRtiOziN_vXtZEe9QXGhGGA&dbm_d=AKAmf-CucHDyVevtvXz5USWEImCMZiRUY0WP6mJPgzqdSyz2qeYr6BiXtf5SrFD3ZqmaQWntckRI9r1Eu9kNb3dpElzIRUjDakexfIppbohovsjveT19J-1zXznFgk0Q9x8Xz6OPssEkRxV_T5JgCvPuPtq6-Ty23BXjoKz8CPm91UV1yANYkmgHlMGdew7EO60nWeIugFmO_68T1VUvgiMEYwjALWa8XQIco_gulhooGnnr7y5qiMd3SShuO-ckX9avd1XhJR_O8q-hr4PIcdNzC__QuQtc2Trp6DXLxOttXX_Ze1Ru-BQnAf_FlaiGA-BQ4p9whDTL52bugqZqoLr_xT9x_If90y2RMOjEUHTH6ufb1DuWLX92c6HJcZQJbsPM_QqyNTf6VM_d-3dTnWLrgUGRN4A1fnbD-Z95NPA-GpXeR4Y0X5dQ19KfrtqoKUHcCVEdITJVEGRDTsGO5-hnmGtafzXYwZHVaLkQjwILYdfIETDuU3AVSCbEIubPhRSyugooyUP97SsvE_EAwuEkCKFlvo5R5Y4EeW_lNIBlPTC2Mitxh0GCkQokPjRnbovyvL0hKdtSkbLeolwdACuyWHl9uNO1Xky6x3047ag4LcjRDGlf7puxzNuMj4MzNtb4SL-tGr7vAikfFh_qsZZ_LhYZP54fqetQvUzhYb7Gzy3bwq0mlZjgdDrixslVEoKzecgCJxKeOIlTOirUT-zefhS-umaQxaMouznhYUh6r6rabDx_gRSfxelj3QBbOmv-X0Ob1JJxhPFr-LPeh8dL0kfBbYYef4xSbyJUJedq0EJJWYEDjN52AqMkn8PO4lzqBhVK-il5qMq1pEEebnj6MH1I0EUGJ2aGQsGc6fVQuabnWKuF4Wz7jZQzlVEm3gb5g47QkE7I3QtsgtiFX6vjVJXsXnniFAW8NOH9OF8ZwFEN57xOBXU1ScFiO2CEknw4aDrV05jheWf-jCuKtpffS_Oosh-mAaMBmfmyHjtOkWmiaLz-pxdirnVe8NWTzupAa_Rlp7RYoqMrz--GzMLOhI_FQ7BgYtbPtT9ssl1iXiqJq7GLSAObEW6C6ZmYjor6j8kzr9AN4plSSIuHFvUs1_8LWj2s7kOHhfmxqSsRqixQcKSItLL4VVOp13n-6DfQKFZFKdwTBDD6q0A1-H3M8CzY7fO0zuKYNrvee57gOaY-xzI9pDyG2WPawOzSV47w6nVpqVPE18Usb0_xQZrnYOxtJO2fnmo8r1zov1WPYottZCIVr1KvTRLGYN8JtkcKFdcEj3D0HcHl1-OAxOAtgpIsD_Hu8nH0vyfZoK7vx7mDefuEWoNsviV52xU4wIQZvypOoXHdiq0ecKSk5heqrwM_ucIIeEWDgpPnUrkxoU9M3bFczpk_XjJnEhfy0bVmMdkbwsAxEPlBJEJYHnFoLEz9_rZBNhJsW9x5jVd3JzzrSyBmKEUYC86HL9oc0RyXzXVJMwHxQwszKGEuXB2fP8-Qya40GMYGN5C_IsZvKu_EONNCuzPYNNLkJXseV5XNjS_rCHXM7GwD0XGPZl3rrLDSW9lebTMiPTSbiRZi_5v_10pztms9bqMyOuVuS9PRD4CQm0Bcw46AQQw7znLi-JRIdzg6Ny4NFcqZ1jmD3Liex_fPkFmSyvhWpOl3cLnERXV3_AmMIDzJcVRhI5KCC-430lulMYtbN3b9vIPgkiZu-UX9SP6DvHwUnCBDtbacSGcHgztbsky8PAwdW-IJVoQUXXW--7y05x7kpXqMvxzoU9MHjqGX_k5jWy4gX2ed9DJZLuBr0svhCG9UErfnKpp4AcAdHdpQCCyIn4q3uH2qHbGbouaLiniFKInMN64ocisCFH9LKs4sIvAaYyPAN_I3kakU7ndLScWOlayKrWRLzvKr8p7Q-MtUoYNT0yY61w0mB8vEsAmaxif3gHjiqsZjuDOoRHJFKgjR9YTR_tgXeN2eSciH2Jbv0sfOi-NXOSOkrtI_gSbn15HHKmCF_cPSCRDrjfP4SzRzUsK-0-bPnia6hRRL40Lln_9V8Hv-hoZtQrJEwRE3QfyNQfXAWBNKxH-OW2qKd1F0iM89ByIbyIL_BZF_MmRLi9fTl3Q_keHAliUywocqljW50QNQCFBoE5OrgImn5YMvp6FIA7LU0H0TkR4_a1IivdSVlHyMtF7MqLYy3ljTQcgGcxXHRpQBvLdRnL9SiUp4hsCRmDL3RiL4RSvIr-Oidz9BpC9VfsfhsiOei61lxYIgvNfHoDsZITklZZzHNExsUSIxm5Iw_DCkFlv8z7XzSn9VpemslRnL91zdJwY81HJSEBoebD32iSGm0FECHpZamO75sulJGAQAXvFcyF3Epmqd155i91oxqnsN0WiaWQNx-qhnaGgm_Fgr8R-lFXN8u828ddlcxl-WNyde-j530ZG3OZYSBD5yt6TYdlJhUo-vTB1QRdfB2bOPXCU1z5N7FxG7vIznl0Vm6rm1hNRXasLeVaieH-UL4GCTecSIZEyfUvOm8G-JeWQhV6zW_-qJXVR5xn8RMB1tw9Ekgwl05cdi0a0GsbefsdFSiRKPW27OWah_6W8aXbXz1y6Fb0285vpDpDKkEGYfy3wsAMO-Jeumtxo_nET1KQ2ct2a9RSxvPbhLE2X4Rw6mdJgu-wEGyT9MXqYBfRBbsrLt29JfhfR3gXlEoupTDD1F10BJZjKZrTPhWFO_og47umpp2qklkNI5xRyLqBlo456s04kj2Qz0J9A_Xti7_9KJUo6l3ejmrIzt5vAWhEXV0gp25oZVRfwehPPnZ76XMe94H_oIrH3VbPDzbv9c1yn1FcynEEYuSr1wLOY4nTPPUTlWBUX3zk5rpXBgx4fJ_UxqLPdRZ1QmsvnduMt7XFezPLArbnayrF75ctCefKLZtkyzK18SfticE9ayuRSyQ4sAZvq-agaq5_UdhKy5zJV4wqqy9rW4aDwqrF2iDVyYNCAFjiFZWdFQv3Nn5t3x77U&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jun 2022 14:41:42 GMT
x-alps_300x250_DE.jpg
s0.2mdn.net/10662377/ Frame C20A
52 KB
52 KB
Image
General
Full URL
https://s0.2mdn.net/10662377/x-alps_300x250_DE.jpg
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b349c8bfd7eec7cb879275d711f5efb8e849546f5d822090c928bbb9841d136f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 12:59:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 15:59:14 GMT
server
sffe
age
8599
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53286
x-xss-protection
0
expires
Fri, 18 Jun 2021 12:59:23 GMT
index.html
s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/ Frame 5471
74 KB
18 KB
Document
General
Full URL
https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
af5e9b35433ec684aea2833e3650071a7a8592889b74142df73fa84c22c15b2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
18234
date
Thu, 17 Jun 2021 09:07:30 GMT
expires
Fri, 18 Jun 2021 09:07:30 GMT
last-modified
Wed, 26 May 2021 09:40:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
22512
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 3E66
0
61 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUP9Mzwt_Oq1qZ9t0y1RNJTOkybI-JTCsbJbncB8Nvtd_ih1YH-haYgZrUpNiAgg7XfwLw1gzrVFBu3daHjAFiJw8rKAGX4AXfLSQHapNIjmIqA-awhAb9SOS3Jcq3iLrXk_xrHkhNtDHJhWKlxtNa_hK1ZDLFlHy-ppHg96GB7ydATq9EXZ0L4xAddED3F1yv_0hIDJwClHhvFCSVQLa4MohWQcRbMhAelgy9vMgVgNB2gvvPLo_b6NZKnRZFpDsD3lcZk-a_l1O_JENH-Msmw58TQFoqsj5a2U-_TGyVYXhvoV6rnU_qjri8qK7hBz6r1L5h1X8wVZU3aMrk5n93msesJuM75o6vj-RRuqSI1QOlBct6MRLpHkLCyd8cdiUw_jo69NUkbLbTHDjlbgtNCJ6xnV_qcj9Qr0dFS8GYYjDZHTSEHLog7lFiYkwPzy-xI-QELvvB45D7iUMVzhkcECg9Y6CJT4vfTacM7GUAg9frseQifwMHEEEksUMKafCrc1hQ9SMpZZPFkndnfe7JSKHI2NDcApql2ACJ175c8_zow_ynXApUFItOV3Ax9SHvyzJUscxzuw2TReFGaP-LvvGaIxVGAWeRonaxZAp9nkTmj5UlIs7nwpKLx_w2LkW6IK4b6e-i9pEf3e7oHi7KljXifqNVHVLJ4RctQWt5fw5vtS8yeLvLSoI9gdGePMRrmZrJP1PMOxPTNwc5Ex333RAEbx3S3Ucr1UoX1gv7kzFAFLy6NXFefXkirsFa95GXb3K2VAogTBge46ASJpIf8xCECvPV-qrG7e8tEyDli3WGXXq7vXtLNBGkYa_yIZH3TBgDnXmQ0mPLR8wzC7BsNp-qKYiGEpO2TDClpXUmf5JkTgjYnGfn6zwkbna5ea_YDTXVmz64vDlxuOjfO9lAHReF1y-bGa7i4-3xDs7eSqK64PSGYk7VO5sY3lTk91k8V4JDnZD7tYA2WRwqpLTBmb-nkvESKP7L7fAyUI-VSa7UXRcasbrTfodahHnMEDZ34sVrT7Cg-OFgO4Ax_0sFM96C8QKVvMVb2ueccSeUHaTFmJHLiT7GOYysQBYYXqaK69F5sgamzTuBPm3JRwkjNcbNIyft7YgVviTjXqgS2kaCEZPwcrKSiscH_v1pxgXQ6JU&sai=AMfl-YTa6BN6QgffdoYvvu0NhbK5uhDJz9jCmSxsnxMvjmdC5HMut4paYt0KOq6--dXTmzhT-kKZq76y2tNESh9rehXKp7vAsHCjKiURM72lmoa719IuivPN2H5wLv5nieglIP8Fhghip0Gjj6m16lt9vhTLrJB7-Q&sig=Cg0ArKJSzCSPzqHcugAdEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=377&cbvp=1&cstd=373&cisv=r20210615.97896&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN (),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 17 Jun 2021 15:22:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3E66
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:41:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jun 2022 14:41:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8752
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 17 Jun 2021 11:20:29 GMT
expires
Fri, 18 Jun 2021 11:20:29 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14533
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3E66
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fca6af4fb10a144d6759ed63c196455d44d235616391d3532c7d0d364ef71cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 0E18
12 KB
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 17 Jun 2021 15:15:58 GMT
expires
Fri, 17 Jun 2022 15:15:58 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
404
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E019
783 B
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w1/YmZN9Kzl4K7GMH8k61Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=217=QHeT_jf030FMtDXffOIWr2M9BVUImWyU6y1rwjY9EZSZhhQlQLXfRWYGY_ccS5njJ7XwEfXlpFkwr4CMp6jbp8V-2wju4sUlk7BZ8gGWewHzc9mZ2nu0YBuPC5u6JXE3nVXroiBVN-lEglH7d7GghEOfgTfJ6KUYLZ40YMaIcCo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Thu, 17 Jun 2021 15:22:42 GMT
date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-w1/YmZN9Kzl4K7GMH8k61Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
main.gr.19.8.206.js
static.adsafeprotected.com/ Frame 3E66
183 KB
58 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/722837/54927600/skeleton.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.97.146 Dublin, Ireland, ASN (),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 22:03:45 GMT
server
nginx/1.16.1
etag
W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
setuid
ib.adnxs.com/ Frame CE14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAaIGtuwl4lVfvbvucyj74s&google_cver=1
43 B
1023 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAaIGtuwl4lVfvbvucyj74s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN (),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:42 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid
0bc212b7-5233-45a0-bcbc-eaac764f97f7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAaIGtuwl4lVfvbvucyj74s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CE14
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1MDI5NjM5NTk0OTU0NTE2Ng%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1MDI5NjM5NTk0OTU0NTE2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:42 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid
c9cb026b-b21c-4195-b353-51dd41441215
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA1MDI5NjM5NTk0OTU0NTE2Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CE14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDbY8X6sLH3EZaEStJpB_3M&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDbY8X6sLH3EZaEStJpB_3M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN (),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDbY8X6sLH3EZaEStJpB_3M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CE14
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmFmZjA5MWYtNjA2My0yNDQ5LWQwN2QtZTkxOTlkMTVkZmY5
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmFmZjA5MWYtNjA2My0yNDQ5LWQwN2QtZTkxOTlkMTVkZmY5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCHk4S5AhinvrerATAB&v=APEucNVplkN397p9TKCQMCO6gbb8cjiFluon_olX8GIFZDCPjl7lyRgdq68y_eF6NXvTzCrmrzzcQ70kc0W8ngKoRcKQatIZWw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Jun 2021 15:22:42 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmFmZjA5MWYtNjA2My0yNDQ5LWQwN2QtZTkxOTlkMTVkZmY5
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
view
googleads4.g.doubleclick.net/pcs/ Frame C20A
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssq3SyRunOVUp57OPew088gBDCbfcD79lyOYle_gDWHelhOwHIMRwFmHXLt_GG7Y7ffBhBPzUoUtQXRtOqPBzN-7emFrOQ1yNjd9YFtfZl_JizsQMsoOz5pm1d0IEtPLmmTEy6eUhFLu59SGPG9qAFKbrQ4LI1Vz5yokBz5weEb1lkb1NN4E-V6buZG7GcqCqlQlp1m-VujHRwpTD7i-9fcc71BkmYp1HylFPoReY7noM3wDytf-hnD8LWvEebRmaTsHizF0HfGnafZ53LVIdjw-vreTTCO73QBTcYfJWC1r6BXifPZGK3DppK-jiluPyynkA7nLO3coyO7REQ-hw9RmsXe3TDkftUXqxRA-94nvGGADyyAoZ-8Qap42to61s3Kn8qsXYld_EnrPYWwbWNUtSWYcHGWEd4yhOGyB-ecdZDrcFrGmFrWBpgo6Tj0-WqnCWA6TBEJo9NomiAuN0CGH-8BjeUZUMuOFsCQXIDQ0myiIUoBwOpS3788zwlinvVadica7O4ZZOF7H53Er9MujDW8w7F6oqTYDeuFVrUYkvmKB6iJDlxt7elD_PEMlrcJmOJ5zyCyBtR9dEWRobzTQbShLqmPtYLDupZKNM4wvYsEUkkFdtpe8naTXTFwDPAoBciX8rsR86uBzofCDcf_jWQlLHbvZDlzBnq4xq85kkeuUjfFgf022GguoxkjA4KuRN5oQ7CIQdeXigVUElkFyDndLy34MSSBYXftKKqdjeDNiwtg2hkfIiQJlMb7WdOw7EbnS03lUntBJLV6tlRpx2j2Tr7o6UGSP5oQBTTd_6hifc_VuI5nLx14-5xYubnaLGu5TyWdN1zDpKq8P13h77G-lCiXE71eTubgiGJCX3sHN_G4PdWbsWwCgr2Y3kIwPStnpYL_f1qcaQTTMhgHltSlpjNCzF_D7PRZMfHscNo891C7kavW6xs3tO0lHHdvfWV0iF8QhXv5tzlf5uvEbSy8__sh2mPx9fezvIAX5hfIZWzX1LsteYPd1IcDZESyBDSCZcoiUwU_PpQsQXoqino-koTaIPGY8AI5cGSsWDdYCUn1sSMw7fHbut9XA6cmsUgeJadzTZqi3yMHbxPE2vLckYAgDy8YugkRfsqkPpWRzx-PmRq2BJhdgHz4FfHpaEnfKkedpn4ZfuZu-PAMKOuP9GPCuYTp&sai=AMfl-YSoA8T0LamEDvAJCb6SbNRXUt9Gz8f7AEtbeHqmcFwxb63k3BLm22enrlPAVXxoESO4TxIXyO6EWrA7Lm6haCiXx_QMI2CZJsanL___Ps5w08WuJKa7O7blIsy-I4sFyWkoKl4iKbu5jOuxG49c_vC77ciUKQ&sig=Cg0ArKJSzJ_aLdbwW9OUEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&vt=11&dtpt=252&dett=2&cstd=0&cisv=r20210615.26868&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bzd5gyW9GaeeCmm3cKsIXEsCtHzoM9nX83-ads_LOJncAbLeNNq0fENDdR_oszbACEhvMaRFaxOwySCjTm8PaBv_-muDGll_p7a-lBS6oi33m-fR_tKMvY9jqqsXE9Rn2pqbVTRtiOziN_vXtZEe9QXGhGGA&dbm_d=AKAmf-CucHDyVevtvXz5USWEImCMZiRUY0WP6mJPgzqdSyz2qeYr6BiXtf5SrFD3ZqmaQWntckRI9r1Eu9kNb3dpElzIRUjDakexfIppbohovsjveT19J-1zXznFgk0Q9x8Xz6OPssEkRxV_T5JgCvPuPtq6-Ty23BXjoKz8CPm91UV1yANYkmgHlMGdew7EO60nWeIugFmO_68T1VUvgiMEYwjALWa8XQIco_gulhooGnnr7y5qiMd3SShuO-ckX9avd1XhJR_O8q-hr4PIcdNzC__QuQtc2Trp6DXLxOttXX_Ze1Ru-BQnAf_FlaiGA-BQ4p9whDTL52bugqZqoLr_xT9x_If90y2RMOjEUHTH6ufb1DuWLX92c6HJcZQJbsPM_QqyNTf6VM_d-3dTnWLrgUGRN4A1fnbD-Z95NPA-GpXeR4Y0X5dQ19KfrtqoKUHcCVEdITJVEGRDTsGO5-hnmGtafzXYwZHVaLkQjwILYdfIETDuU3AVSCbEIubPhRSyugooyUP97SsvE_EAwuEkCKFlvo5R5Y4EeW_lNIBlPTC2Mitxh0GCkQokPjRnbovyvL0hKdtSkbLeolwdACuyWHl9uNO1Xky6x3047ag4LcjRDGlf7puxzNuMj4MzNtb4SL-tGr7vAikfFh_qsZZ_LhYZP54fqetQvUzhYb7Gzy3bwq0mlZjgdDrixslVEoKzecgCJxKeOIlTOirUT-zefhS-umaQxaMouznhYUh6r6rabDx_gRSfxelj3QBbOmv-X0Ob1JJxhPFr-LPeh8dL0kfBbYYef4xSbyJUJedq0EJJWYEDjN52AqMkn8PO4lzqBhVK-il5qMq1pEEebnj6MH1I0EUGJ2aGQsGc6fVQuabnWKuF4Wz7jZQzlVEm3gb5g47QkE7I3QtsgtiFX6vjVJXsXnniFAW8NOH9OF8ZwFEN57xOBXU1ScFiO2CEknw4aDrV05jheWf-jCuKtpffS_Oosh-mAaMBmfmyHjtOkWmiaLz-pxdirnVe8NWTzupAa_Rlp7RYoqMrz--GzMLOhI_FQ7BgYtbPtT9ssl1iXiqJq7GLSAObEW6C6ZmYjor6j8kzr9AN4plSSIuHFvUs1_8LWj2s7kOHhfmxqSsRqixQcKSItLL4VVOp13n-6DfQKFZFKdwTBDD6q0A1-H3M8CzY7fO0zuKYNrvee57gOaY-xzI9pDyG2WPawOzSV47w6nVpqVPE18Usb0_xQZrnYOxtJO2fnmo8r1zov1WPYottZCIVr1KvTRLGYN8JtkcKFdcEj3D0HcHl1-OAxOAtgpIsD_Hu8nH0vyfZoK7vx7mDefuEWoNsviV52xU4wIQZvypOoXHdiq0ecKSk5heqrwM_ucIIeEWDgpPnUrkxoU9M3bFczpk_XjJnEhfy0bVmMdkbwsAxEPlBJEJYHnFoLEz9_rZBNhJsW9x5jVd3JzzrSyBmKEUYC86HL9oc0RyXzXVJMwHxQwszKGEuXB2fP8-Qya40GMYGN5C_IsZvKu_EONNCuzPYNNLkJXseV5XNjS_rCHXM7GwD0XGPZl3rrLDSW9lebTMiPTSbiRZi_5v_10pztms9bqMyOuVuS9PRD4CQm0Bcw46AQQw7znLi-JRIdzg6Ny4NFcqZ1jmD3Liex_fPkFmSyvhWpOl3cLnERXV3_AmMIDzJcVRhI5KCC-430lulMYtbN3b9vIPgkiZu-UX9SP6DvHwUnCBDtbacSGcHgztbsky8PAwdW-IJVoQUXXW--7y05x7kpXqMvxzoU9MHjqGX_k5jWy4gX2ed9DJZLuBr0svhCG9UErfnKpp4AcAdHdpQCCyIn4q3uH2qHbGbouaLiniFKInMN64ocisCFH9LKs4sIvAaYyPAN_I3kakU7ndLScWOlayKrWRLzvKr8p7Q-MtUoYNT0yY61w0mB8vEsAmaxif3gHjiqsZjuDOoRHJFKgjR9YTR_tgXeN2eSciH2Jbv0sfOi-NXOSOkrtI_gSbn15HHKmCF_cPSCRDrjfP4SzRzUsK-0-bPnia6hRRL40Lln_9V8Hv-hoZtQrJEwRE3QfyNQfXAWBNKxH-OW2qKd1F0iM89ByIbyIL_BZF_MmRLi9fTl3Q_keHAliUywocqljW50QNQCFBoE5OrgImn5YMvp6FIA7LU0H0TkR4_a1IivdSVlHyMtF7MqLYy3ljTQcgGcxXHRpQBvLdRnL9SiUp4hsCRmDL3RiL4RSvIr-Oidz9BpC9VfsfhsiOei61lxYIgvNfHoDsZITklZZzHNExsUSIxm5Iw_DCkFlv8z7XzSn9VpemslRnL91zdJwY81HJSEBoebD32iSGm0FECHpZamO75sulJGAQAXvFcyF3Epmqd155i91oxqnsN0WiaWQNx-qhnaGgm_Fgr8R-lFXN8u828ddlcxl-WNyde-j530ZG3OZYSBD5yt6TYdlJhUo-vTB1QRdfB2bOPXCU1z5N7FxG7vIznl0Vm6rm1hNRXasLeVaieH-UL4GCTecSIZEyfUvOm8G-JeWQhV6zW_-qJXVR5xn8RMB1tw9Ekgwl05cdi0a0GsbefsdFSiRKPW27OWah_6W8aXbXz1y6Fb0285vpDpDKkEGYfy3wsAMO-Jeumtxo_nET1KQ2ct2a9RSxvPbhLE2X4Rw6mdJgu-wEGyT9MXqYBfRBbsrLt29JfhfR3gXlEoupTDD1F10BJZjKZrTPhWFO_og47umpp2qklkNI5xRyLqBlo456s04kj2Qz0J9A_Xti7_9KJUo6l3ejmrIzt5vAWhEXV0gp25oZVRfwehPPnZ76XMe94H_oIrH3VbPDzbv9c1yn1FcynEEYuSr1wLOY4nTPPUTlWBUX3zk5rpXBgx4fJ_UxqLPdRZ1QmsvnduMt7XFezPLArbnayrF75ctCefKLZtkyzK18SfticE9ayuRSyQ4sAZvq-agaq5_UdhKy5zJV4wqqy9rW4aDwqrF2iDVyYNCAFjiFZWdFQv3Nn5t3x77U&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN (),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI2ODkvbGFpX2t1YW5saW5fMS5qcGc=.jpg
s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/
6 KB
6 KB
Image
General
Full URL
https://s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI2ODkvbGFpX2t1YW5saW5fMS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d1587636a9c7a7b7b4d2195816df56f74691d6f79aada1fa9dd165a604f18055

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 11:43:06 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
1110864929564959740
accept-ranges
bytes
content-length
6077
expires
Sat, 17 Jul 2021 11:43:06 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI2ODUvYnRzLmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/
10 KB
10 KB
Image
General
Full URL
https://s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI2ODUvYnRzLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2e024d2635ce2f90bbdfbb28275fb07356861355cc41a1fbbd941090b4f1500d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 12:18:11 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2589938892929008195
accept-ranges
bytes
content-length
10160
expires
Sat, 17 Jul 2021 12:18:11 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 621A
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 17 Jun 2021 14:41:43 GMT
expires
Fri, 17 Jun 2022 14:41:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2459
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1DC8
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Thu, 17 Jun 2021 14:41:43 GMT
expires
Fri, 17 Jun 2022 14:41:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2459
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dc-script-v2.min.js
sal.isanook.com/dc/
25 KB
11 KB
Script
General
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
25278
date
Thu, 17 Jun 2021 15:22:42 GMT
content-encoding
gzip
last-modified
Mon, 16 Nov 2020 11:46:30 GMT
server
nginx
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10744
expires
Sat, 17 Jul 2021 15:22:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F48A
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 17 Jun 2021 11:20:29 GMT
expires
Fri, 18 Jun 2021 11:20:29 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14533
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C20A
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e307cbea956bb4cd15b157afe146353365f7769055929cc41171eff14706ee55

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 527E
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 92F1
0
0

jquery-3.2.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1623943362.dop136.fr8.t,1623943362.cds244.fr8.hn,1623943362.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 5471
28 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:41:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Jun 2021 14:41:43 GMT
i.match
s.tribalfusion.com/z/ Frame 8752
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-...
43 B
468 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
660d46626ebb4e3e-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
cf-request-id
0abc2a517e00004e3eee143000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
441
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
660d46611ba84e3e-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDC_C5PH8AHvUhjbXZiUzSE&google_cver=1&google_push=AYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJ-C6i-WCFF9cStbfZ0VyGtsl1XAWdSTVKK46YlBCsiInTUAbWuCAEZaFDeFAta1PMGRTaASYHu6QDbs1bs9zdUiNTMFJ-x%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0abc2a50aa00004e3ef109e000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPPZE_GrIzrtp_t6KDjDZXk&google_cver=1&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1h...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Jun 2021 15:22:43 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPI2OcIv_0tTelP8sat6Um04c7FW1v3SlPxEEjpmxLBaJR25i89-yAc_kFKiZHWLYFu2AV-1hqUW_Z1bVG7t3hSONbh8oFy5
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
s/kUg+JniRaQnXc4LCsAAA==
pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESELXT67Y1z5Tuuk1hUs410nM&google_cver=1&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkF...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hiEeHY2VQiObXZJwxtNttQ2&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hiEeHY2VQiObXZJwxtNttQ2&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 17 Jun 2021 15:22:42 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hiEeHY2VQiObXZJwxtNttQ2&google_push=AYg5qPIaIBGsKVJYM8XqP1f0PGOa1D1IAZy2tfRDRjSbPNsQlcOOklZheJdBRkmX8wlF266leXgkdp_MjWhpYFkFeT0d-WJfeQtx
x-host
tde-deliveryengine-production-84b97f78fc-9n4gv
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_cver=1&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&google_hm=dk1zU2F5UjhFRXI2SS1s...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:43 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKCVVLxjmZXS_E1ufXEacfi35jHJrjvyIVHJYZltHDjMfffAysVhtT_KTd_lmMIkp7zxIllxbFORqpc0J0t624dfVHZoCj8&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41Pg...
0
0

pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKy_HT9X754iB58CvdCtUmg&google_cver=1&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8&google_hm=ODE5ODMwNDk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8&google_hm=ODE5ODMwNDkzNTY4MzE0NDMxNg%3D%3D
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKusv1KQhhAIyG7OQNyeboZlVBqOrovGNpKwGaqJVKrZQzl39zLreeHV3YWz5b6OF0i_mUcL6y7j8d7-OvUWpclWFB3LN8&google_hm=ODE5ODMwNDkzNTY4MzE0NDMxNg%3D%3D
date
Thu, 17 Jun 2021 15:22:42 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8752
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ
  • https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQ...
  • https://ads.avads.net/sync/ggl?google_gid=CAESEL1sniIw6eE7EeFKBmMt61I&google_cver=1&google_push=AYg5qPLmfX9pxDwx1bh2E7bJoHfoEHjQsqC8BmuS7OSfr36WMwmEUCtZclq9Ex0ppxvIRMZQBPK-BXZ4qJS4QkgYML92RSlIZsqvQQ
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZWE0MGEzNjctNzRjNC00NGFlLTllZWEtOTlkZGUyOGI5YjUw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZWE0MGEzNjctNzRjNC00NGFlLTllZWEtOTlkZGUyOGI5YjUw
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=ZWE0MGEzNjctNzRjNC00NGFlLTllZWEtOTlkZGUyOGI5YjUw
date
Thu, 17 Jun 2021 15:22:42 GMT
x-envoy-upstream-service-time
3
server
istio-envoy
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8752
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4o5gAWFG4zDup4Wa6pvfsfwmd_MEZ6kPuS00IWigqe-5QTj4b7v-7NtSUNk8WVEWl8knrpQ
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 3E66
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUP9Mzwt_Oq1qZ9t0y1RNJTOkybI-JTCsbJbncB8Nvtd_ih1YH-haYgZrUpNiAgg7XfwLw1gzrVFBu3daHjAFiJw8rKAGX4AXfLSQHapNIjmIqA-awhAb9SOS3Jcq3iLrXk_xrHkhNtDHJhWKlxtNa_hK1ZDLFlHy-ppHg96GB7ydATq9EXZ0L4xAddED3F1yv_0hIDJwClHhvFCSVQLa4MohWQcRbMhAelgy9vMgVgNB2gvvPLo_b6NZKnRZFpDsD3lcZk-a_l1O_JENH-Msmw58TQFoqsj5a2U-_TGyVYXhvoV6rnU_qjri8qK7hBz6r1L5h1X8wVZU3aMrk5n93msesJuM75o6vj-RRuqSI1QOlBct6MRLpHkLCyd8cdiUw_jo69NUkbLbTHDjlbgtNCJ6xnV_qcj9Qr0dFS8GYYjDZHTSEHLog7lFiYkwPzy-xI-QELvvB45D7iUMVzhkcECg9Y6CJT4vfTacM7GUAg9frseQifwMHEEEksUMKafCrc1hQ9SMpZZPFkndnfe7JSKHI2NDcApql2ACJ175c8_zow_ynXApUFItOV3Ax9SHvyzJUscxzuw2TReFGaP-LvvGaIxVGAWeRonaxZAp9nkTmj5UlIs7nwpKLx_w2LkW6IK4b6e-i9pEf3e7oHi7KljXifqNVHVLJ4RctQWt5fw5vtS8yeLvLSoI9gdGePMRrmZrJP1PMOxPTNwc5Ex333RAEbx3S3Ucr1UoX1gv7kzFAFLy6NXFefXkirsFa95GXb3K2VAogTBge46ASJpIf8xCECvPV-qrG7e8tEyDli3WGXXq7vXtLNBGkYa_yIZH3TBgDnXmQ0mPLR8wzC7BsNp-qKYiGEpO2TDClpXUmf5JkTgjYnGfn6zwkbna5ea_YDTXVmz64vDlxuOjfO9lAHReF1y-bGa7i4-3xDs7eSqK64PSGYk7VO5sY3lTk91k8V4JDnZD7tYA2WRwqpLTBmb-nkvESKP7L7fAyUI-VSa7UXRcasbrTfodahHnMEDZ34sVrT7Cg-OFgO4Ax_0sFM96C8QKVvMVb2ueccSeUHaTFmJHLiT7GOYysQBYYXqaK69F5sgamzTuBPm3JRwkjNcbNIyft7YgVviTjXqgS2kaCEZPwcrKSiscH_v1pxgXQ6JU&sai=AMfl-YTa6BN6QgffdoYvvu0NhbK5uhDJz9jCmSxsnxMvjmdC5HMut4paYt0KOq6--dXTmzhT-kKZq76y2tNESh9rehXKp7vAsHCjKiURM72lmoa719IuivPN2H5wLv5nieglIP8Fhghip0Gjj6m16lt9vhTLrJB7-Q&sig=Cg0ArKJSzCSPzqHcugAdEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1079&vt=11&dtpt=702&dett=3&cstd=373&cisv=r20210615.97896&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN (),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
passback_970x250.js
static.adsafeprotected.com/ Frame 3E66
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/722837/54927600/skeleton.js?adsafe_url=https%3A%2F%2Fwww.sanook.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F279139b216d50708ee96d298a4ab7a8d.safeframe.google...
  • https://static.adsafeprotected.com/passback_970x250.js
3 KB
1 KB
Script
General
Full URL
https://static.adsafeprotected.com/passback_970x250.js
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.97.146 Dublin, Ireland, ASN (),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:25:27 GMT
server
nginx/1.16.1
age
270784
etag
W/"094948b2d1170876fb8e76e432d87da6"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_970x250.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.5.js
static.adsafeprotected.com/ Frame 42ED
82 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.5.js
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.97.146 Dublin, Ireland, ASN (),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 15:29:23 GMT
server
nginx/1.16.1
age
2849309
etag
W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
SPug
simage4.pubmatic.com/AdServer/ Frame CE5B
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 12:29:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame 3E66
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=722837&asId=f091177f-b027-386e-5353-567f607fc2a4&tv=%7Bc:fOtaXy,pingTime:-2,time:776,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:993,bdZ:1177,beA:1514,beZ:1516,mfA:2096,cmA:2098,inA:2098,inZ:2103,prA:2103,prZ:2129,si:2178,poA:2179,poZ:2193,cmZ:2193,mfZ:2193,loA:2221,loZ:2224,ltA:2288,ltZ:2288%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:970,h:250,t:661%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:777,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:661,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B191~1%5D,as:%5B191~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sABCQNm+11%7C121%7C122%7C123%7C124%7C125%7C13%7C14%7C15%7C16%7C171%7C18%7C19%7C1a%7C1b%7C1c%7C1d*.722837-54927600%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1f2%7C1f3,idMap:1d*,rmeas:1,rend:0,renddet:na,sinceFw:109,readyFired:true%7D&br=u
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.0.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
x-server-name
dt39.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
cm
a.rfihub.com/ Frame F48A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEIIz5Aw4ZIcg9Az7X1mytAw&google_cver=1&google_push=AYg5qPJRbrMaHMxipd0BAdtHkggVBuDrjjfkxF-BwkDVa_oSz519kzqjsmkSw_F9XO0Y9tPrUjVDI_PAwEFNrrZfbcX-b1q...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJRbrMaHMxipd0BAdtHkggVBuDrjjfkxF-BwkDVa_oSz519kzqjsmkSw_F9XO0Y9tPrUjVDI_PAwEFNrrZfbcX-b1q592Y&google_hm=NTU0NjkxNzE3...
  • https://a.rfihub.com/cm?pub=445&google_error=5
42 B
814 B
Image
General
Full URL
https://a.rfihub.com/cm?pub=445&google_error=5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN (),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 17 Jun 2021 15:22:43 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEJ2NoYAdRQBUkEq5MFNnR5k&google_cver=1&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpT...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPI1LnmoqDZZ_VfKDSeuep_1r89jKFKKDPSbyyJbafgRS_99efksru43toUigN3WENS4x8ZD-19yGpTzkxGNqhXDrIv1NjA
Date
Thu, 17 Jun 2021 15:22:42 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEL5ooMy-duwDhXQ8Kr12aso&google_cver=1&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW5ZaFdKZjNCZ3VYNVpoY3cyakxZQQ%3D%3D&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW5ZaFdKZjNCZ3VYNVpoY3cyakxZQQ%3D%3D&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=MW5ZaFdKZjNCZ3VYNVpoY3cyakxZQQ%3D%3D&google_push=AYg5qPIAwGWFDqV6hjjtgE_UoMMSadAg1etcuo9myw9V9rOwsZGWL4vZWjAfr0TwMRF019HzQmKW4PxCQ_1D_EyV_VFwJPyY2pY
date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
242
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_cver=1&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1t...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIR1SFfDufzbtJsDt7vDcXE&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1t...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&google_hm=dk1zU2F5UjhFRXI2SS1sV...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:43 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKT9cVv5dnknrwGC0YqA6KcUrYsZmOIXQoCa8wnZPSQJKi3Tdmjsvo1Z27kJo3u8XrdCANu4YufL2T1tHF-36UN1A-BR-w&google_hm=dk1zU2F5UjhFRXI2SS1sVGdwekw=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEMqc9XIntouNY9GUOhWVClQ&google_cver=1&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOt...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Zzdyb3FzMW1FMWZN&google_ula=2046794&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Zzdyb3FzMW1FMWZN&google_ula=2046794&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOtRz6c
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Zzdyb3FzMW1FMWZN&google_ula=2046794&google_push=AYg5qPJHr6gtHaSCBkOKVxQcOimEK-nl12Mv-pFKK9SsffOWHUtJkhXqSBLFcFXeo-xwgcuAv5QX6Z57P0DbbT35EuatjOtRz6c
Date
Thu, 17 Jun 2021 15:22:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccO...
0
0

pixel
cm.g.doubleclick.net/ Frame F48A
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhT...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE&google_hm=95f5116d-8660-49f1-8d4...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE&google_hm=95f5116d-8660-49f1-8d4e-61cc2201e743
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJ2pQb2FilyWVWqbabbzzcAlZlQgDrS64shWE4fobfUMZkhaxiTTXvGrBe4PHqJq9m9Wm42PicRhTF4u7YkVC34UDxnfsE&google_hm=95f5116d-8660-49f1-8d4e-61cc2201e743
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F48A
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZkHI8DsOuKsGD-fC_rW_YFwcy4gh84DuNYx9bICzKbc-3CMaIejkTZOeaUTosx3lLdAun
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN (),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
pagead2.googlesyndication.com/bg/ Frame 621A
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
2216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5750
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 14:45:46 GMT
970x250_1.jpg
s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/ Frame 5471
95 KB
95 KB
Image
General
Full URL
https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/970x250_1.jpg
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
92cda8cd6907fe242599f75e1dcca214ea3a56ffc20de464274671cfa7e84359
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 11:31:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 09:40:15 GMT
server
sffe
age
13885
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97446
x-xss-protection
0
expires
Fri, 18 Jun 2021 11:31:17 GMT
970x250_.jpg
s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/ Frame 5471
94 KB
95 KB
Image
General
Full URL
https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/970x250_.jpg
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
018f975cac19b045936b6b2f51927fa51e9d60c11f795c5caea12383ba66efdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9331698/2274197350240677/CKPRIDE-PRIO01-970x250-opt-1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:30:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 09:40:15 GMT
server
sffe
age
6737
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96736
x-xss-protection
0
expires
Fri, 18 Jun 2021 13:30:25 GMT
94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
pagead2.googlesyndication.com/bg/ Frame 1DC8
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
2216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5750
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 14:45:46 GMT
IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame 3E66
28 KB
29 KB
Image
General
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.97.146 Dublin, Ireland, ASN (),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
last-modified
Wed, 14 Apr 2021 17:24:57 GMT
server
nginx/1.16.1
age
174936
etag
"9d3f43da9d0d0679ec0dfea58b2f1d45"
x-cache-status
HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
28949
query
global.cloud.netacuity.com/webservice/
535 B
407 B
XHR
General
Full URL
https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.136.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7955771d2fe473ec86fe88d6eaf05702eacabb3887252305d6cd3675e5bebcae

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 17 Jun 2021 15:22:43 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
content-length
247
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 3E66
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWFxFK-Mfqutcre-VnVbwqXtJe3yo-bEY71lhJr036ki3a_8DfW2EeVV3Bkk1vqTaHbMI37sq03RFzas8V_UO73YW34TGxU6eWBPSMCC3E-STpXykQeh285v8&sai=AMfl-YR17BDFVYHaqKHKDl_-wiB1Sg4Z90CawfoVNabBDzk7OQWYBStTh2f-JR51RPHAFdN0OvlLHm4ev70BzxtCgRnPZO0Mm8mqqlU2a8OUBVoAhcJwuKHm0k9DAlk&sig=Cg0ArKJSzDp5aVUVPLwhEAE&cid=CAASEuRoXy37hcHJhWGq4a2u23hyyg&id=lidar2&mcvt=1029&p=75,315,579,1285&mtos=983,983,1029,1029,1029&tos=983,0,46,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2010139517&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623943360639&dlt=171&rpt=2&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3E66
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=722837&asId=f091177f-b027-386e-5353-567f607fc2a4&tv=%7Bc:fOtb3O,pingTime:-10,time:1164,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623943363310%7C%7Cf82613ef85b4e231f35fbb691d5fce2f%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ce6635336451eca9e44bb54ad100d9835%7C%7C4540936df24fa1cdf41ca763d3f339dd%7C%7C63688266d639c35768133f976481c182%7C%7Ca7307b20a433ebfe4b3ed2dba4c508ba%7C%7C30580f651499e42c5f4addd0d4361d63%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:1429,ecd:86,tsecr:41%7D%7D%7D
Requested by
Host: 279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
URL: https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.0.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
x-server-name
dt45.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
a.js
p.adlooxtracking.com/gpt/
6 KB
3 KB
Script
General
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
bed19ef32432a609feca36d2bc6b49255d34674724d5c03ec4b790c4d73d550c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 09 May 2021 19:55:21 GMT
server
nginx
age
2423
etag
W/"b83f21b3b86f8c5af4a60b50b2412f5f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=3600
timing-allow-origin
*
alt-svc
clear
content-length
2692
PugMaster
image6.pubmatic.com/AdServer/ Frame 436B
4 KB
4 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31602563&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
25d8e265f2cc90dc5767f18d5e03f9a2b9b2e4d08e0f299b0f70d9e68f95d998

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
nr-1071.min.js
js-agent.newrelic.com/
23 KB
9 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"a1a545c95f313a230157b47dca555c25"
x-amz-request-id
DM30SWKKVC6S9RTW
x-cache
HIT
content-length
9086
x-amz-id-2
PB2dZdkBAg3MOl6rQOIJs4rDAwkQxHHgoudypaqkid0YQ+oThDmxYru0sr4ENZXjvzCv3wU/M1w=
x-served-by
cache-fra19131-FRA
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1623943364.525231,VS0,VE0
date
Thu, 17 Jun 2021 15:22:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
145
syncframe
gum.criteo.com/ Frame E00C
2 KB
2 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN (),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.sanook.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2283
set-cookie
uid=f1eeef4e-a390-433c-b855-fed511f9a93c; expires=Fri, 17 Jun 2022 15:22:42 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 17 Jun 2021 15:22:42 GMT
content-length
1129
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061502&st=env
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
c00442991f84b40f39671db850b3a2a446442fa9c2053ee17963c2eaba1ebc2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 17 Jun 2021 15:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7954
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 17 Jun 2021 15:22:43 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CA70
4 KB
4 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32580438&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
c3378aee23a57a68806cea8a91688a6d01be7ae6b16b1915ba93e1a0613ab17c

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 8C1E
4 KB
4 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68826605&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
c3378aee23a57a68806cea8a91688a6d01be7ae6b16b1915ba93e1a0613ab17c

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame C20A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9ZzJK_LExj6kzbRtBsC2evjzHTuAQhkUMboM-MFibFQ61ijsmcfP9MlbyOJC9aV47JrWsZplzhM2OeaeHV5Ha2Qc52LtaCbvhPGcauCad87Ek3jLtQOWpJ0Y&sai=AMfl-YSKM0_Hw8xVfoSe2-xIHmdpCMVkCOKLQA-YdNsuMjoOa8zi8Up0IZ58bOoocNAXCNVmTDPz_YWMWkjFbbjoQVco-7jy1oNjyO-Ufiuo6diApa3HeThexM_uoxQ&sig=Cg0ArKJSzMI9qyiu5wVtEAE&cid=CAASEuRoEOHLJ-6RBH9cYbQNDFvysw&id=lidar2&mcvt=1040&p=924,1045,1178,1345&mtos=0,1040,1040,1040,1040&tos=0,1040,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3191418387&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623943361062&dlt=190&rpt=2&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame DBDA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5565809440969734050; expires=Mon, 16 Aug 2021 15:22:43 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sat, 17 Jul 2021 15:22:43 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQ_CdaLqhO_hSk787uGVrU&google_cver=1
42 B
283 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQ_CdaLqhO_hSk787uGVrU&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:455
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFQ_CdaLqhO_hSk787uGVrU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 436B
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN (),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 16 Jun 2021 15:22:43 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4EF0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
42 B
211 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; SPugT=1623932986; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; PugT=1623943363
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5706252579533875417; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat
lhrpug003:0:547
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5706252579533875417
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5565809440969734050
42 B
380 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5565809440969734050
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:523
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5565809440969734050
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&gdpr=0&gdpr_consent=
42 B
340 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:403
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 17 Jun 2021 15:25:05 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Jun 2021 15:25:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c59c16a-1a06-4cb4-be13-f1834f838c79
42 B
449 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c59c16a-1a06-4cb4-be13-f1834f838c79
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:319
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3c59c16a-1a06-4cb4-be13-f1834f838c79
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 8306
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
110 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KRTBCOOKIE_27=16735-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&16736-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23019-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23114-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; KRTBCOOKIE_80=22987-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&16514-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&23025-CAESEG2Ng1EThtomNH5wavw6Ko4; KRTBCOOKIE_57=22776-1807299555491511333; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; SPugT=1623932986; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; PugT=1623943363
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:42 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat
amspug011:0:470
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Thu, 17 Jun 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3035
date
Thu, 17 Jun 2021 15:22:43 GMT
content-length
205
Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7050296395949545166&gdpr=0&gdpr_consent=
42 B
211 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7050296395949545166&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:437
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:43 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.146:80
AN-X-Request-Uuid
ccb1fb71-215c-4bfa-ab4d-51bf38929415
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7050296395949545166&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz
42 B
430 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:442
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=1ddc91a8-187f-4ea7-bd36-48da481362fd&expires=1&user_group=5&ssp=pubmatic&bsw_param=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:415
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 17 Jun 2021 15:22:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame EE39
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677
42 B
366 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_1101=23040-6974783621786957973; PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KRTBCOOKIE_27=16735-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&16736-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23019-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23114-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; PugT=1623943361; KRTBCOOKIE_153=19420-dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X&KRTB&22979-dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X; KRTBCOOKIE_80=22987-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&16514-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&23025-CAESEG2Ng1EThtomNH5wavw6Ko4; KRTBCOOKIE_57=22776-1807299555491511333; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; SPugT=1623932986; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:42 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6974783634662422677; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:42 GMT; path=/ PugT=1623943362; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:42 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat
amspug016:0:431
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 17 Jun 2021 15:22:43 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6974783634662422677; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6974783634662422677
cookie-sync
match.prod.bidr.io/ Frame C95F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACdl07BltIAADHiFrJ8dQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add
43 B
430 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.246.140 Dublin, Ireland, ASN (),
Reverse DNS
ec2-52-209-246-140.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AACdl07BltIAADHiFrJ8dQ; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Thu, 17 Jun 2021 15:22:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-f8gpb
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=6MGEpDBlvsC4;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 12-Jun-2022 15:22:43 GMT;Max-Age=31104000;SameSite=None pb_rtb_ev=3-17oy|7dN.0.AACdl07BltIAADHiFrJ8dQ;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Fri, 17-Jun-2022 15:22:43 GMT;Max-Age=31536000;SameSite=None INGRESSCOOKIE=240b531c64ff9bc3; path=/; HttpOnly; Secure; SameSite=None
location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AACdl07BltIAADHiFrJ8dQ&pid=558502&do=add
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:bd0954c4-79e1-4853-8239-2b14fbb05613&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 17 Jun 2021 15:22:43 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2998
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
42 B
232 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:516
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:42 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 436B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8LpOp72pR8KVluWsa-_FBw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=122487
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 19 Jun 2021 01:24:10 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 17 Jun 2021 15:25:05 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7da860cb-68c1-4400-b4d2-4193ed8c6ff0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 17 Jun 2021 15:25:04 GMT
/
pixel.onaudience.com/ Frame 436B
35 B
248 B
Image
General
Full URL
https://pixel.onaudience.com/?partner=214&mapped=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.148.16 , France, ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjBCQTRFQTctQkRBOS00N0MyLTk1OTYtRTVBQzZCRUZDNTA3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:392
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 436B
43 B
704 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kjcy56tE2uVTps1MbfEO6dUKUkJnWY4-~A&gdpr=0&gdpr_consent=
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kjcy56tE2uVTps1MbfEO6dUKUkJnWY4-~A&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 17 Jun 2021 15:22:43 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-kjcy56tE2uVTps1MbfEO6dUKUkJnWY4-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=
1 B
235 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:428
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623943364.729888,VS0,VE0
x-served-by
cache-hhn4059-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMtowAAB4BFG9AA4&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 436B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2751009170363871789&gdpr=0&gdpr_consent=&us_privacy=
1 B
172 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2751009170363871789&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:507
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2751009170363871789&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 436B
0
103 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame CA82
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 17 Jun 2021 15:15:58 GMT
expires
Fri, 17 Jun 2022 15:15:58 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9850
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
461301b0bc46c1f0f8eebfdb301d3976e7e65c5f5ecf3e1e684f1008ded4fd75
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qigMvEh70fwKnYH64FIYtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=217=QHeT_jf030FMtDXffOIWr2M9BVUImWyU6y1rwjY9EZSZhhQlQLXfRWYGY_ccS5njJ7XwEfXlpFkwr4CMp6jbp8V-2wju4sUlk7BZ8gGWewHzc9mZ2nu0YBuPC5u6JXE3nVXroiBVN-lEglH7d7GghEOfgTfJ6KUYLZ40YMaIcCo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Thu, 17 Jun 2021 15:22:43 GMT
date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qigMvEh70fwKnYH64FIYtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
8f062114d3
bam.nr-data.net/1/
57 B
274 B
Script
General
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=9064&ref=https://www.sanook.com/&be=2240&fe=8858&dc=2536&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1623943354585,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:597,%22c%22:597,%22s%22:607,%22ce%22:1221,%22rq%22:1221,%22rp%22:1428,%22rpe%22:1629,%22dl%22:1431,%22di%22:2536,%22ds%22:2536,%22de%22:2536,%22dc%22:8858,%22l%22:8858,%22le%22:8865%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 , United States, ASN (),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
Pug
simage2.pubmatic.com/AdServer/ Frame 30F6
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; PugT=1623943362; SPugT=1623943362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
text/html; charset=utf-8
x-lat
amspug018:2:212
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=619388b2-c341-4fda-ae75-7c252c51bf01; path=/; domain=csync.loopme.me; Expires=Sat, 17-Jul-2021 15:22:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 17 Jun 2021 15:22:43 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 79D9
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7419099741
  • https://sync.1rx.io/usersync/tradedesk/3c59c16a-1a06-4cb4-be13-f1834f838c79
  • https://sync.targeting.unrulymedia.com/csync/RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
42 B
269 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; KRTBCOOKIE_466=16530-eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0; PugT=1623943362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003&KRTB&17107-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat
amspug010:0:459
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 17 Jun 2021 15:22:44 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003%22%7D; path=/; expires=Fri, 17 Jun 2022 15:22:44 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
etag
RX3e12531d9bdc4cc1a017682926c3b39d003
Pug
image2.pubmatic.com/AdServer/ Frame 524F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
42 B
295 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; PugT=1623943362; SPugT=1623943362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat
lhrpug011:0:464
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 17 Jun 2021 15:22:43 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=2uoHxe3WuQKCVYKp51E6W_g6; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 2212
42 B
1009 B
Document
General
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0abc2a54a500004e6ded1de000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
660d46676f934e6d-FRA
bridge
cm.adgrx.com/ Frame 4B97
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 17 Jun 2021 15:22:43 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
a.tribalfusion.com/ Frame 90E1
43 B
802 B
Document
General
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
a.tribalfusion.com
:scheme
https
:path
/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aPntmIwZcF1eoXarpfrgWYUdbIlZa6ZaDZdx5nociTcWxCnfr52dZdvnFUba4ogLxShwIs06rvLOrMfycH4WMrRFd2Ks1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aOnvQwSyZaRGRT8vnQ2fP6iKCfUfCuiZdX5FoUm7crGZcRXFZaTdLcWsMZcJ7NHTolKo2wXEt3YmJnkcJyoVZd00mLZc1kyO4ZbNdwZbnJOPlMCRcQx2qnZbRl; path=/; domain=.tribalfusion.com; expires=Wed, 15-Sep-2021 15:22:43 GMT; SameSite=None; Secure; ANON_ID_old=aOnvQwSyZaRGRT8vnQ2fP6iKCfUfCuiZdX5FoUm7crGZcRXFZaTdLcWsMZcJ7NHTolKo2wXEt3YmJnkcJyoVZd00mLZc1kyO4ZbNdwZbnJOPlMCRcQx2qnZbRl; path=/; domain=.tribalfusion.com; expires=Wed, 15-Sep-2021 15:22:43 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0abc2a54a300004aaab5aa6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
660d466768aa4aaa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 0246
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
1 B
87 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; PugT=1623943363
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:42 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat
amspug015:0:327
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-rq74x
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=xYHBXYjvvZBG;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 12-Jun-2022 15:22:43 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=8dc9a4781239c016; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=xYHBXYjvvZBG&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame D26F
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
52 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 17 Jun 2021 15:22:43 GMT
via
1.1 varnish
x-served-by
cache-hhn11571-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1623943364.929295,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 17-Jun-2022 15:22:43 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 17 Jun 2021 15:22:43 GMT
via
1.1 varnish
x-served-by
cache-hhn11571-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1623943364.837558,VS0,VE56
x-vcl-time-ms
56
content-length
0
141
match.deepintent.com/usersync/ Frame 0481
0
39 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 17 Jun 2021 15:22:43 GMT
server
b
check
pixel.tapad.com/idsync/ex/receive/ Frame 335B
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B
Document
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN (),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1623943364152; TapAd_DID=ab7fde0e-3e3d-4d0b-ba3f-f6dcda905f68
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 17 Jun 2021 15:22:44 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Thu, 17 Jun 2021 15:22:44 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1623943364152;Expires=Mon, 16 Aug 2021 15:22:44 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=ab7fde0e-3e3d-4d0b-ba3f-f6dcda905f68;Expires=Mon, 16 Aug 2021 15:22:44 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame 78AC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
42 B
211 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; PugT=1623943363
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:42 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:uVXSSrX61LTTQT5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/ PugT=1623943362; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:42 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat
amspug006:0:444
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Thu, 17 Jun 2021 15:22:43 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:uVXSSrX61LTTQT5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=uVXSSrX61LTTQT5; Domain=.w55c.net; Expires=Sun, 17-Jul-2022 15:22:43 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 17-Jul-2021 15:22:43 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame B4EA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
42 B
218 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; KRTBCOOKIE_466=16530-eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0; KRTBCOOKIE_594=17105-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003&KRTB&17107-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003; PugT=1623943362; KRTBCOOKIE_279=22890-dd2704a8-cf7f-11eb-9754-ed51a704cc59&KRTB&23011-dd2704a8-cf7f-11eb-9754-ed51a704cc59
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-YwRIQ_olQm1kwyD-lacPdSV4iZ4; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat
amspug012:0:403
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Thu, 17 Jun 2021 15:22:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=YwRIQ_olQm1kwyD-lacPdSV4iZ4
Set-Cookie
sa-user-id=s%3A0-63044843-fa25-426d-64c3-20fe95a70f75.6OP5lCFnBj1QIseyldskbDJW773IDR9CeGTiciHaKQc; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-63044843-fa25-426d-64c3-20fe95a70f75%24ip%2437.120.137.158.BQChWUze%2FND7EOZuFLe448tTS3NYv4bTOVfY1LR4WUo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 98B7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
1 B
68 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; SPugT=1623932986; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; PugT=1623943363
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:42 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat
amspug016:0:413
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
expires
Wed, 16 Jun 2021 15:22:43 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
usersync
match.bnmla.com/ Frame 024D
0
114 B
Document
General
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 17 Jun 2021 15:22:45 GMT
Content-Length
0
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame CA70
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
7 B
86 B
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:44 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Thu, 17 Jun 2021 15:22:44 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame CA70
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
42 B
601 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
frontend-id
10
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame CA70
95 B
200 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
660d46675bcb16e6-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0abc2a5493000016e6ebace000000001
/
loadm.exelator.com/load/ Frame CA70
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN (),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 17 Jun 2021 15:22:43 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame CA70
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:274
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:44 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid
c6bbd709-e7c1-4986-b242-4eada65cd634
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CA70
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d9ce3f4b-c468-411d-8427-001fa7f18f4e
42 B
224 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d9ce3f4b-c468-411d-8427-001fa7f18f4e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:353
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_d9ce3f4b-c468-411d-8427-001fa7f18f4e
date
Thu, 17 Jun 2021 15:22:43 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame CA70
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd1550d8-cf7f-11eb-a11f-7b7d63553c25&gdpr=0&gdpr_consent=
1 B
371 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd1550d8-cf7f-11eb-a11f-7b7d63553c25&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:414
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd1550d8-cf7f-11eb-a11f-7b7d63553c25&gdpr=0&gdpr_consent=
Date
Thu, 17 Jun 2021 15:22:43 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
dd1550d9-cf7f-11eb-a11f-7b7d63553c25
Artemis
aud.pubmatic.com/AdServer/ Frame 8C1E
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
7 B
87 B
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:44 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Thu, 17 Jun 2021 15:22:43 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame 8C1E
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:41 GMT
frontend-id
2
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 8C1E
95 B
177 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
660d46676c0b16e6-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0abc2a54a6000016e6ce3c6000000001
/
loadm.exelator.com/load/ Frame 8C1E
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN (),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Thu, 17 Jun 2021 15:22:43 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame B962
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; PugT=1623943362; SPugT=1623943362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:42 GMT
content-type
text/html; charset=utf-8
x-lat
amspug015:2:248
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=af353b54-dc66-4afc-94f3-a9af18406a74; path=/; domain=csync.loopme.me; Expires=Sat, 17-Jul-2021 15:22:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 17 Jun 2021 15:22:43 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 6056
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5263073156
  • https://sync.1rx.io/usersync/tradedesk/3c59c16a-1a06-4cb4-be13-f1834f838c79
  • https://sync.targeting.unrulymedia.com/csync/RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
42 B
347 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; KRTBCOOKIE_466=16530-eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0; PugT=1623943362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003&KRTB&17107-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:41 GMT; path=/ PugT=1623943361; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:41 GMT; path=/
x-lat
amspug009:0:290
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 17 Jun 2021 15:22:44 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003%22%7D; path=/; expires=Fri, 17 Jun 2022 15:22:44 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003
etag
RX3e12531d9bdc4cc1a017682926c3b39d003
Pug
image2.pubmatic.com/AdServer/ Frame 1D19
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
42 B
295 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; PugT=1623943362; SPugT=1623943362
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat
lhrpug012:0:394
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 17 Jun 2021 15:22:43 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=2uoHxe3WuQKCVYKp51E6W_g6; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2uoHxe3WuQKCVYKp51E6W_g6
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 33C3
42 B
132 B
Document
General
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0abc2a54eb00004e6dd2305000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
660d4667d8894e6d-FRA
bridge
cm.adgrx.com/ Frame A95F
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 17 Jun 2021 15:22:43 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 8C1E
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:262
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 17 Jun 2021 15:22:44 GMT
X-Proxy-Origin
37.120.137.158; 37.120.137.158; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid
79cb1052-f37d-41d1-906e-ed5177258f3a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7050296395949545166
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8C1E
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_9de1c230-afe0-4737-be5b-a35c97fd4049
42 B
224 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_9de1c230-afe0-4737-be5b-a35c97fd4049
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:364
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_9de1c230-afe0-4737-be5b-a35c97fd4049
date
Thu, 17 Jun 2021 15:22:43 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
i.match
a.tribalfusion.com/ Frame 02F4
43 B
760 B
Document
General
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
a.tribalfusion.com
:scheme
https
:path
/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aPntmIwZcF1eoXarpfrgWYUdbIlZa6ZaDZdx5nociTcWxCnfr52dZdvnFUba4ogLxShwIs06rvLOrMfycH4WMrRFd2Ks1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 17 Jun 2021 15:22:44 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aInvQwqkaHbBykt9ZbOaRehHFnOZd7utJ1Va1TBIaHWZaOhY3Xqxs5DFHiGHlP71mx54LZaUQZdn0yh8ZaPZa5i02NfKZdKvC5Dx5iEUnJSibYVUnf2qnWvc; path=/; domain=.tribalfusion.com; expires=Wed, 15-Sep-2021 15:22:44 GMT; SameSite=None; Secure; ANON_ID_old=aInvQwqkaHbBykt9ZbOaRehHFnOZd7utJ1Va1TBIaHWZaOhY3Xqxs5DFHiGHlP71mx54LZaUQZdn0yh8ZaPZa5i02NfKZdKvC5Dx5iEUnJSibYVUnf2qnWvc; path=/; domain=.tribalfusion.com; expires=Wed, 15-Sep-2021 15:22:44 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0abc2a54e600004aaab5aad000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
660d4667d9d24aaa-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame D023
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
1 B
68 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; PugT=1623943363
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:42 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:42 GMT; path=/
x-lat
amspug017:0:378
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-78x9q
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=kPsjcOHq5U6w;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 12-Jun-2022 15:22:43 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=fdf77391205c62cc; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=kPsjcOHq5U6w&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame A001
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=06dde151-7833-42e8-b13d-92f1f254a28b-tuct7c4ee43
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 17 Jun 2021 15:22:43 GMT
via
1.1 varnish
x-served-by
cache-hhn11571-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1623943364.927205,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 17-Jun-2022 15:22:43 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3db4d301-16f9-494e-a64e-ddd1f5b18b7b-tuct7c4ee43&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 17 Jun 2021 15:22:43 GMT
via
1.1 varnish
x-served-by
cache-hhn11571-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1623943364.838038,VS0,VE8
x-vcl-time-ms
8
content-length
0
141
match.deepintent.com/usersync/ Frame 7E0C
0
16 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 17 Jun 2021 15:22:43 GMT
server
b
check
pixel.tapad.com/idsync/ex/receive/ Frame 6CF2
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
154 B
Document
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN (),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1623943364152; TapAd_DID=ab7fde0e-3e3d-4d0b-ba3f-f6dcda905f68
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 17 Jun 2021 15:22:44 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Thu, 17 Jun 2021 15:22:44 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1623943364151;Expires=Mon, 16 Aug 2021 15:22:44 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=8f0c3083-cd0d-4c6a-89bf-9cab81bb5569;Expires=Mon, 16 Aug 2021 15:22:44 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame 61FC
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
42 B
211 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; PugT=1623943362; KRTBCOOKIE_107=1471-uid:uVXSSrX61LTTQT5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/ PugT=1623943363; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:43 GMT; path=/
x-lat
amspug020:0:436
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Thu, 17 Jun 2021 15:22:43 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jteJnx0x1LTTQT5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-00d497958362b52d3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=jteJnx0x1LTTQT5; Domain=.w55c.net; Expires=Sun, 17-Jul-2022 15:22:43 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 17-Jul-2021 15:22:43 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 8C1E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd2704a8-cf7f-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
1 B
216 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd2704a8-cf7f-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:22:42 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:394
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=dd2704a8-cf7f-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
Date
Thu, 17 Jun 2021 15:22:43 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
dd2704a9-cf7f-11eb-9754-ed51a704cc59
Pug
simage2.pubmatic.com/AdServer/ Frame BAF7
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
42 B
375 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; KRTBCOOKIE_377=6810-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&22918-3c59c16a-1a06-4cb4-be13-f1834f838c79&KRTB&23031-3c59c16a-1a06-4cb4-be13-f1834f838c79; KRTBCOOKIE_336=5844-5706252579533875417; KRTBCOOKIE_22=14911-2751009170363871789; SPugT=1623943362; KRTBCOOKIE_409=22966-2uoHxe3WuQKCVYKp51E6W_g6; KRTBCOOKIE_391=22924-5565809440969734050&KRTB&23263-5565809440969734050; KRTBCOOKIE_1074=22956-e_9de1c230-afe0-4737-be5b-a35c97fd4049; KRTBCOOKIE_107=1471-uid:jteJnx0x1LTTQT5; KRTBCOOKIE_466=16530-eb44a2f8-fa70-4ed8-8af2-bc91dd0bdab0; KRTBCOOKIE_594=17105-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003&KRTB&17107-RX-3e12531d-9bdc-4cc1-a017-682926c3b39d-003; KRTBCOOKIE_279=22890-dd2704a8-cf7f-11eb-9754-ed51a704cc59&KRTB&23011-dd2704a8-cf7f-11eb-9754-ed51a704cc59; KRTBCOOKIE_860=16335-YwRIQ_olQm1kwyD-lacPdSV4iZ4; PugT=1623943363
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-PPncS4S2S8dPJuyRudL8PCV4iZ4; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:44 GMT; path=/ PugT=1623943364; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 17-Jul-2021 15:22:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:44 GMT; path=/
x-lat
amspug002:0:427
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Thu, 17 Jun 2021 15:22:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PPncS4S2S8dPJuyRudL8PCV4iZ4
Set-Cookie
sa-user-id=s%3A0-3cf9dc4b-84b6-4bc7-4f26-ec91b9d2fc3c.iqWfoC%2FBQlIAO3YIo04%2Fr5skV%2BsuE450LkT%2Fygby4Ts; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-3cf9dc4b-84b6-4bc7-4f26-ec91b9d2fc3c%24ip%2437.120.137.158.xCy2BHrq5BdS8ZzjECQXh%2BdltUH76yuWDvsKQY1ZOOI; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame F8C4
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
1 B
68 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_391=22924-7444902178821496912&KRTB&23263-7444902178821496912; KRTBCOOKIE_22=14911-2845108476452106797; KRTBCOOKIE_377=6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec; KADUSERCOOKIE=F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507; KRTBCOOKIE_336=5844-4690034062060225801; KRTBCOOKIE_218=22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4; KRTBCOOKIE_188=3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348; chkChromeAb67Sec=2; DPSync3=1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232; SyncRTB3=1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67; KRTBCOOKIE_1101=23040-6974783634662422677; KRTBCOOKIE_153=19420-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz&KRTB&22979-9E1AmvRFQMvvRBSb9xkOyaFKQMjvGxSa9RsDvLZz; KRTBCOOKIE_80=22987-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&16514-CAESEFQ_CdaLqhO_hSk787uGVrU&KRTB&23025-CAESEFQ_CdaLqhO_hSk787uGVrU; KRTBCOOKIE_27=16735-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&16736-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23019-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0&KRTB&23114-uid:7da860cb-68c1-4400-b4d2-4193ed8c6ff0; KRTBCOOKIE_57=22776-7050296395949545166; PugT=1623943363; SPugT=1623943363
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 17 Jun 2021 15:22:41 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Sep-2021 15:22:41 GMT; path=/
x-lat
amspug006:0:599
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Thu, 17 Jun 2021 15:22:43 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4340EB74F3DC4657BBC5E6B2FE2A8DF1
expires
Wed, 16 Jun 2021 15:22:43 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
usersync
match.bnmla.com/ Frame 6CFA
0
114 B
Document
General
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 17 Jun 2021 15:22:45 GMT
Content-Length
0
Connection
keep-alive
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DC8
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHkQ-wWjLYJryEKTH3gP2iLvICAAAAAA4AeAEAg&bg=!ISKlImbNAAZktE7iZLQ7ACkAdvg8WmPyVBn6q4xLi_cikytx4Vv9y5NPJTc0G0_0XMGX1f7fLqJr9QIAAAMvUgAAACBoAQcKAEtXuM52xY7za5Zb4Jh1dVe9owfoYYa0eKmr3FQbbtjs9RpFx-gUWPQ5IMcgtt5aidzgtW-qLOIGvUOKP1u51E4F6c15FVvQvP42QjeZAsSp0NMlrWFTtjJTmQUYcIjBzD2VVgP5cs8ta0pFAsepGfXMz0-oBMr_eK9GiHl5c3p3pgu8imvmyf91YDaDbGPb0_tjcilMGDV6MDPX7TLuMHB1wFGj2IKRF2oq1V45vI2nKkmW0Z0FRGVAyA77WM4hbcIlsMYLJzqnMab6PVYRHcOFlX0GHDwoth8V36fdNiESx9qYEg6oezvDiIgGLv1c4lSu1b_MrRtS8yMakY_TUpIqCwA0rl5vXJnwSGTNp1a71Qs5r_2m_acJVTG2zGWIVK7EjrBp92C6a4rc29HD6x5YGq04LTvFxgsfox3pr4IAV7CX9FcSRxz0zHzDYAEfDddd68eBsL1zoLYOyouWxnxsLE4W4gPHRFfaI_pVUkQwjPcRfMNDWxYpJu3C4FEwbhCcy2j7D_O6JzzyE72PSXmnLsunysfXPR0l8ubwa8h5fxHtj4J7feKEnN44cQ5DxrxlMfHmaVWwPLmKxJICswvFKnBflDd5ZuZAeF3tm-Wzljg1877sr8SlMBiUfofinc_UHxZ0Vov25UvchAx-iHNiRGIQfnIiQ3cWSzQjRS0xlq_-T12l6x2xKiDaUUw73vzqKxAxVbhevh24RCfPy4WMvp3VZhOpAo19-BZ6c__5IG1MEubucfR6NQ9UOqUudPH-WWltmN_K4xe5uKCR846GSWZuLaLCFvSbWjtdeL9h4RBjS4HL2eQSDrqBhFRTXy3_FvemJn1uPqp0oBlkGz9k-ZnEiMBkg3u6NlG7vrrkRr6cPH4TOdlzBgC5rm6lZ99FSFRvZBFsOuTNGuPzYnj-tb4AwCi5GjVgCqP4IvAprFZrN423TX9hxYGdExU47MmzsB1WjaxrXRgi6RikSfGvW26EiIkvXWLZNjqAwwgu3aSLY9qhlduFixjrcA2DDLn2psE_ksPLZfN4P-YuVCBXItY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
pagead2.googlesyndication.com/bg/ Frame CA82
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
2218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5750
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 14:45:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 621A
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0QCIwWjLYN7kKZaMjuwPtpypyAYAAAAAOAHgBAI&bg=!tbaltvLNAAZktE7iZLQ7ACkAdvg8WlYJzQ5bcXP1qh2J1UwDvagn1kTmvenZlbyWTczC7NR675tUoQIAAAPFUgAAAENoAQeZAslNMupwSz_QFPvQr9rFT3KZvmOp6H6dItPhhEqnqqjfpgHLx1QEjgvppzzXxEwQLFq5mr_8mc5KrVeVMo47ol_lf0OD01CwgsoHr9WAQkSGx_g57nbbUMcnjcwV-XbxhOF94uzcNN6zCKJ1Q2yPe3JA5F1khXHYOvwWrEOTeMPpmjV7G7n152S38-Ez5WdDzOoq-1PSwB30vnHgwU9crWK8YEgF6Hcd4MeIiqlgVj39QMNelFV4_Ss02cuKFFzb4htLKYo67b_GZtAWNjcBtaYGm1R361wwR83XQKnEUyLOQwgWiJLBxOStzgURDJZ29vO0ezNrZi5mavJDi_4wq-YS7aHkTpzX1diD-BsDIQM8NFCpHD51BweJ2HjTzQ1cJcVQ2_2t7YoZwn9AJdnsiIDMGmpCS57w2B4ZxrOLzZE4a2bgG83K15SLd4qFKYSmF44EuTHZRJ_fczTF4qoYtDyRkqFuV4qFuupc1oL6TZb59FZ9QZGuc0xUoGmYUUEq2yMHDXSBICHbvmFA6S0KWcrGZYMSyWpTpywiRpg4GR5nH-OmSrgbcNslnEJVmW7OKZCk0IZnsJTs6P7zjk-D_xNyvrB15yVbLis9AhtFJ41eQ9LH2YcO_CV_d0_BCpFebNd364TeG2a2FYUVom9ThG6YWvjZ9xFTCHMSkkxE59F7CTFeX2h9iQROVFEpdFD8kFZ87E-cIcuiVH7At9UXF9lWmu8AIq85310QBMj--Yofqj5CSBZqvJUS3b4BfBb3IthOFWYXjDRu-ZIowhW0qdzNp2H9GdwP-JyMFMTxczeovGP7vKREKlOfj_XtZ9GjRLXpTU-SSNeZf0bivBoVRL-IvxZ2JlkO5aCPR760UEN6Z6s3P0JsfdNjYiXYNEMewDzCFErjNLHtk7luyV4OHGiCiXCCgCYWxy3NHIzgt4kzzBgdQVZZOUD_qA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061502&jk=2247514414496879&bg=!CAulC0_NAAZktE7iZLQ7ACkAdvg8WnGuOxbAxXV6eUglWIqz8RDvNNPhVZsJ-8ndMsrRxH-n2hjxUAIAAAEWUgAAACdoAQcKAE8YzBPVr5BxEc2Ji6uygFRYwI6mJs5TrUC2iL66UG9-tY4EaUKzS9jIPl9iLt9l9sGZAScR915Lmba8iqU70OlXJGs9h3EtpVc-2ZRWxJAHmQJyDR-f6klXEJPnUHvG0Y2QyVioeezhiw0uCQhNdtJOsdB6kBKMQoznXwi8Qihxc2sCoAQ1IwgcC39XHJLeXU7GO1zUehwwTNijBQzeb-zoFoJAGZuGTY3jJYwbGMYL70uuxKPZXFUBcEdttTkVb7gW1jYGLqkDbjIfJbip0loQtxgNjOp4qvOk9xaD7se7dmmxayrIU7Ov4Nk5OYFfoZzDiGsfa9glVufbOTfKxkaKOTkCJDeusL7ReiLSwr8pwqATKq-SxAk0B0b2xhTE9QF7C8DYh5j1aPSL_bdODZhYSqVgbMkwHEqZnnHej397tGImrG6Smw_E5_RsQrEmfBu_PimWfmg2WrgPe4VCWIVYrjTnTP8WG1tYxWBgdW09wfxjQHIPJPvyQ4647xxAWl2rbkkUALvHACHnGpCCzc8vA_7y9W2afPGI9eF6aC7H44LpDzxJVwkwLPova7a0DRsKBDsLmjuB6X_G43Jtcq900UsZcY9ky8O7ugu6imn1ewSxVmVWD-VPmFjaTJNfdRWQz0hRSNxlVImf_cDPjq1AdLAdoAE9AzxmZSsKtilwiPoCJJSvrGCE3x9qFN3q4BUgG_X8VQOFM8c1CGA32LlUPPXVGauiengFkjR64e8jyM2gsO-8S6XR1mapT_j3kKzCNmg79CaSW353qEhX22nf1qmsw76nlx7VPZfvDlGQMjy1bz2pJ7i3M-1Myi3QOsBgzAZnHZw7hQr2Vc7mnYU8wKWWMVumaNhOktuNycTZutRUDPGLuyt_sPVNY7ZbKHH0_vr67n2NI99fc7KWD_kizu9NglJrlNyuXu-xremyq-BP8j8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 436B
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 12:29:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame CA70
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 12:30:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 8C1E
0
48 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 12:29:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
jquery-1.8.3.min.js
s.isanook.com/sh/0/js/
91 KB
33 KB
Script
General
Full URL
https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/26e57cc433838abc0ffd5e04c06d69731b5dc4e8.88ab629e351d2314d04e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
93636
server
Lego Server
age
0
etag
W/"PSA-aj-0IhQ85x_cu"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2591997
x-nws-log-uuid
4255842866101613741
accept-ranges
bytes
content-length
33384
expires
Mon, 12 Jul 2021 10:03:38 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzMjEvc2Fub29rX3RodW1ibmFpbF8xMjAweDcyMC0yLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/
35 KB
35 KB
Image
General
Full URL
https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEzLzE1NjYzMjEvc2Fub29rX3RodW1ibmFpbF8xMjAweDcyMC0yLmpwZw==.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
9a9ed77e0dfc82bcf6b2ced632c3e0cdd52a0f248e51d15e6a0df9b565ce9d57

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:33:02 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9227439063357177525
accept-ranges
bytes
content-length
35984
expires
Sat, 17 Jul 2021 14:33:02 GMT
sanook-notification.1.0.3.min.js
s.isanook.com/no/1/js/
2 KB
1 KB
Script
General
Full URL
https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/26e57cc433838abc0ffd5e04c06d69731b5dc4e8.88ab629e351d2314d04e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 03:31:24 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
2114
server
Lego Server
age
19180
etag
W/"5d9c5150-842"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7592077822159251744
accept-ranges
bytes
content-length
1054
expires
Fri, 16 Jul 2021 03:31:24 GMT
sanook-notification-v1.017b.css
s.isanook.com/sh/0/cs/
3 KB
1012 B
Stylesheet
General
Full URL
https://s.isanook.com/sh/0/cs/sanook-notification-v1.017b.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 01:31:54 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
3433
server
Lego Server
age
19202
etag
"5d9c5105-d69"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
16716344316700645614
accept-ranges
bytes
content-length
825
expires
Fri, 16 Jul 2021 01:31:54 GMT
socket.io.min.1.0.js
s.isanook.com/no/1/js/
42 KB
14 KB
Script
General
Full URL
https://s.isanook.com/no/1/js/socket.io.min.1.0.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 09:03:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 18 Sep 2013 05:33:33 GMT
server
Lego Server
age
25400
etag
W/"52393b2d-a942"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11042817808511769201
accept-ranges
bytes
content-length
14046
expires
Fri, 16 Jul 2021 09:03:22 GMT
dc_oe=ChMI2ta8ufye8QIVpKN3Ch12xA6JEAAYACC3_LBIQhMIptHzuPye8QIVhsp3Ch0nogQp;met=1;&timestamp=1623943373441;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 3E66
42 B
515 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2ta8ufye8QIVpKN3Ch12xA6JEAAYACC3_LBIQhMIptHzuPye8QIVhsp3Ch0nogQp;met=1;&timestamp=1623943373441;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN (),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Jun 2021 15:22:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
notification.sanook.com/socket.io/1/
71 B
309 B
XHR
General
Full URL
https://notification.sanook.com:8403/socket.io/1/?t=1623943374989
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
203.151.133.54 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
Software
/
Resource Hash
25591a0a7c5fe51adcf3c0af8c69de1b1c8af0b89ba4a186c7b3ba6d6fb9302c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Thu, 17 Jun 2021 15:22:56 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p3.isanook.com
URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjAUMUwojztFhc_GsuXcDq8z4iM5unKuCbw3MKRv6xqFXipSMGbBHMsApJYB_uIoOfsOoW_r1_Uetm-372CQ7oeKQq1fqIwuGhizavyS8&sig=Cg0ArKJSzO_iRnXaa0zaEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=345054422&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1623943359912&dlt=0&rpt=691&isd=0&msd=0&esd=0&r=u
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviKmU5rNRBGg7m8ywpGHc1adkoJhtk96sHfAMlsYHbcL_pWAm121NeYHZ_GkDeyop2Ze5ezYgqx-DtKRo-A2tqwvNZPBboE9GCoswmVzg&sig=Cg0ArKJSzByZeiGNtfdBEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1033481451&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1623943361618&dlt=0&rpt=356&isd=0&msd=0&esd=0&r=u
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_cver=1&google_push=AYg5qPJEIxx7womMFtrkU7Nhpxr1KFl8k41PgfAMI-NyHdY2x3AEOyaMbE35CsYu5usFpz2G75LAaQpQW7tf2RAEXK8AVZ29bR1s
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YMtowX6_fDkfLuTo-m8DqwAABF0AAAAB&google_cver=1&google_gid=CAESEAtgss07PAHry5UICS-sKjQ&google_push=AYg5qPJHYmbg996hksKWH-3aOPmoolYbWmccOh-vT3hz8lE2B0uKSaSuU3DuziniuiXIZneoig9uw-egQTvpVO30Ma6EX4VZEA

Verdicts & Comments Add Verdict or Comment

488 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| objGTMInitialValue object| smiData boolean| GTMFirstLoad object| dataLayer function| getPage boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL object| m function| fbq function| _fbq object| NREUM object| newrelic function| __nr_require string| deviceOS object| _izq string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link object| PWT object| googletag object| criteo_pubtag object| criteo_pubtag_109 object| Criteo object| Criteo_109 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_optimize function| _UA-8147095-6_sendHitTask function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key object| ggeac object| google_js_reporting_queue object| _comscore object| innityDataLayer object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq function| udm_ object| ns_p object| COMSCORE function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| bG5f47736a47e7049801000002 object| webpackJsonp string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal object| __NEXT_P object| regeneratorRuntime object| __NEXT_DATA__ function| __BUILD_MANIFEST_CB function| __NEXT_PRELOADREADY object| next object| __BUILD_MANIFEST boolean| isLottoContent object| __consolidated_events_handlers__ boolean| snBillboardPlaceholder object| _taboola object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| container undefined| _izAlt function| Izooto object| izConfig object| _izooto object| iframe object| scCGSHMRCache object| vttjs function| WebVTT object| Base64 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| billboardRefreshList function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| msgData object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager string| DataCollectionObject function| datCol number| time_interval number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult function| calcTime undefined| width undefined| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter object| machine_rules function| isInteger number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy function| myTimer number| myVar function| isVisible number| randomval1 number| network1 number| network2 number| percent1 number| namemc function| bidadjust1 number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| pbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop function| andbeyonddisps function| addListenerMulti boolean| idleStates object| idleTimers string| pathurl12 number| geoindiablock function| callbackand0 function| $ string| Ct string| At string| cd35 string| cd36 function| jQuery object| adloox_pubint object| ignore object| GoogleGcLKhOms object| google_image_requests number| refreshval number| number5 number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2 number| newflag number| diff number| flagnewone number| passivergptbillboard6 number| activergptbillboard6 number| time_refreshunitrgptbillboard6 number| nextnumberrgptbillboard6 number| passivergptSkyscraper3 number| activergptSkyscraper3 number| time_refreshunitrgptSkyscraper3 number| nextnumberrgptSkyscraper3 number| passivergptreca8 number| activergptreca8 number| time_refreshunitrgptreca8 number| nextnumberrgptreca8 number| passivergptrecb4 number| activergptrecb4 number| time_refreshunitrgptrecb4 number| nextnumberrgptrecb4 number| passivergptnative17 number| activergptnative17 number| time_refreshunitrgptnative17 number| nextnumberrgptnative17 number| passivergptthemead5 number| activergptthemead5 number| time_refreshunitrgptthemead5 number| nextnumberrgptthemead5 object| SanookNotification object| io boolean| WEB_SOCKET_DISABLE_AUTO_INITIALIZATION

35 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlgK9MDBhh5v1q1yBkRT-I4cVR7Gv0vVVuP5XbLtaVG91sIMwSvA1Y22ikIg0s
.casalemedia.com/ Name: CMST
Value: YMtowWDLaMIA
.casalemedia.com/ Name: CMRUM3
Value: c460cb68c1276003030001_60cb68c155db9&2d60cb68c22760CAESEAnPssy-LS_j6Wht0GjCmBs
.casalemedia.com/ Name: CMPS
Value: 3269
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AACdl07BltIAADHiFrJ8dQ
.criteo.com/ Name: uid
Value: f1eeef4e-a390-433c-b855-fed511f9a93c
.casalemedia.com/ Name: CMID
Value: YMtowX6-fDkfLuTo.m8DqwAA
.adnxs.com/ Name: uuid2
Value: 7050296395949545166
.pubmatic.com/ Name: DPSync3
Value: 1625097600%3A201_197_219_221_226_227%7C1623974400%3A174%7C1626480000%3A232
.casalemedia.com/ Name: CMPRO
Value: 1117
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1807299555491511333
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F0BA4EA7-BDA9-47C2-9596-E5AC6BEFC507
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4690034062060225801
.ads.pubmatic.com/ Name: repi
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YMtowAAB4BFG9AA4&KRTB&23194-YMtowAAB4BFG9AA4&KRTB&23209-YMtowAAB4BFG9AA4&KRTB&23244-YMtowAAB4BFG9AA4
.openx.net/ Name: i
Value: d53ce58c-0093-451a-9f4b-7b4833d02264|1623943362
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: SyncRTB3
Value: 1624752000%3A63%7C1625184000%3A35%7C1626480000%3A203%7C1629072000%3A69%7C1625097600%3A57_56_13_3_88_104_21_99_222_8_161_189_231_55_176_78_5_54_71_22_81_234_230_165_204_7_166_220_233%7C1624492800%3A15_2_223_67
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb8un`42!1yIE`fS1ueD1W-044)d+]UfZpnqHSB.X8j)>+`g@-$KrV>Y<92=)m7l/>mvP(hw9P-HC_#tu$@*0vu$
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X&KRTB&22979-dh4OwnYWDpBtFgvGc0hAkHIeVMJtG1iYcxza0p3X
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&16736-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23019-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187&KRTB&23114-uid:6b2260cb-68c0-4d00-aa4f-2877330b7187
www.sanook.com/ Name: uuid
Value: 2b853fd6-006e-3713-7793-a2beabac36fc
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6974783621786957973
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&22918-0432562f-926e-4677-88ae-c9807d3e9cec&KRTB&23031-0432562f-926e-4677-88ae-c9807d3e9cec
.pubmatic.com/ Name: PugT
Value: 1623943361
.pubmatic.com/ Name: SPugT
Value: 1623932986
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2845108476452106797
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-26109c83-b178-4ffe-a153-a61a6b798354-60cb68c1-4348
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7444902178821496912&KRTB&23263-7444902178821496912
.sanook.com/ Name: __gads
Value: ID=4f93ea7983d9efb8:T=1623943359:S=ALNI_MZUzxxtEaWwd6tOXOlp3IrMUC19vA
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&16514-CAESEG2Ng1EThtomNH5wavw6Ko4&KRTB&23025-CAESEG2Ng1EThtomNH5wavw6Ko4

36 Console Messages

Source Level URL
Text
console-api warning URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/www.sanook/desktop/all/indexpage/billboard".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/www.sanook/desktop/all/indexpage/billboard".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061502.js?31061476(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api info URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17)
Message:
Powered by AMP ⚡ HTML – Version 2105281634000 https://www.sanook.com/
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32)
Message:
a: 0.0029296875 ms
console-api log (Line 17439)
Message:
Country1CH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

279139b216d50708ee96d298a4ab7a8d.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
a.teads.tv
a.tribalfusion.com
a91f2b825aee652cf3b134b941f326d0.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.avads.net
ads.playground.xyz
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.u1sf.com
aud.pubmatic.com
avd.innity.com
avd.innity.net
b1sync.zemanta.com
bam.nr-data.net
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cdn.izooto.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eu-u.openx.net
fw.adsafeprotected.com
global.cloud.netacuity.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.sanook.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img-as.fsanook.com
js-agent.newrelic.com
js-sec.indexww.com
loadm.exelator.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
notification.sanook.com
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-eu.andbeyond.media
rtb.gumgum.com
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.pubmatic.com
tencentth-d.openx.net
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
cm.g.doubleclick.net
p3.isanook.com
pagead2.googlesyndication.com
101.33.11.45
101.33.11.88
104.111.224.62
119.81.216.16
13.248.242.197
142.250.185.130
142.250.185.162
142.250.185.226
142.250.186.98
146.59.148.16
150.109.191.116
150.109.206.145
151.101.113.108
151.101.114.49
151.101.14.110
159.253.128.188
162.247.242.19
162.55.6.210
169.197.150.7
172.105.199.172
173.231.180.197
178.162.133.149
178.250.0.163
178.250.0.165
178.250.2.146
178.62.202.251
18.156.0.31
18.210.5.212
184.30.21.51
185.29.135.233
185.33.220.244
185.33.221.13
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.226
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.107
193.0.160.129
198.148.27.140
199.232.137.44
2.18.233.180
2.18.234.21
2001:4de0:ac18::1:a:3a
2001:678:cb4:bbbb::11
203.151.133.54
213.155.156.181
213.19.147.44
216.58.212.162
23.22.239.72
23.37.38.181
2606:4700:10::6816:1957
2606:4700:20::681a:ad1
2606:4700::6812:d05
2606:4700::6812:d841
2620:116:800d:21:51e4:db4b:4436:b305
2620:119:50e1:101::6cae:b25
2a00:1288:110:c305::8000
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c04::9b
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:16::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.66.135.160
34.107.231.31
34.251.173.19
34.98.107.212
35.156.158.150
35.173.0.225
35.190.0.66
35.201.96.126
35.205.207.25
35.227.248.159
35.244.159.8
37.157.2.236
38.27.122.101
51.178.20.139
51.68.39.188
51.89.21.20
52.17.202.120
52.209.246.140
52.215.97.146
52.30.14.23
54.72.136.29
54.78.254.47
61.91.93.188
61.91.94.132
61.91.94.198
65.9.82.63
66.155.71.149
70.42.32.127
72.21.206.140
77.243.60.138
77.245.57.78
80.64.106.148
85.114.159.93
87.98.228.78
018f975cac19b045936b6b2f51927fa51e9d60c11f795c5caea12383ba66efdd
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0517939adf31a748c050f6346b0b33a4f702b7cd49600c0dfb4664a67c965fc3
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
07a4456a253eafbae8ca967f6d8d80c531d8140f55b767aabf9bfcc32255a381
097fd71be450d266fde4a961b060bbe7e758e051c2a06c7888e444b96ea67d63
0a419d02e11deedca8f2782c692be6185d0f1e588d4d747d992323c9a2f1ff70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdebf332d3618da868300642219a30c2c7b807728685b8986379a318ecf5fdf
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d5a51d1cfd4c9c94ea57f6c8f1706883b9303735fffb5f72b229d5493417fd0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13fddc04b2c9562fc41facd921cdf8eeace3f4e7f954374f3934cfad44a880bb
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b
15980f681ddb5e251b4e0ad65b79173af6f042e2d33edb41d496c3c276eb6a6e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16b6712bb0e8b96ef51ee1898e487bbf652b4ac82436e77efb82bbd73106cbbb
170c0ad9b955a9af6dc766e12b8a199e45d9d58769ed8114774720fb147f74b4
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1923d80074cb1c0adebc7cf62681da3dc1502b06f7f8b03ddcd8d20a7d6047b8
1955fdb95aa4534a05fee4a3084e36f30857e4f39d2ff5aca46f632928365d00
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377
1acc2adcaf6ce530c15df6381743228c4f04c87001bec4e9f2b5fb9bd7f4ac08
1db5deb58a44fcc8f03e499f735494523624ae54c8b710cdb3af91536e79de19
1e05c513890dfe5ed032afd2ef6aa8621f8cc1cd231b3094472cfa795d01b4f2
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db
1fca6af4fb10a144d6759ed63c196455d44d235616391d3532c7d0d364ef71cb
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78
20e9dd5a44bfc6b252fc8aa780dd10f4f60eb0fa45fe3de96fcc81b963224b0c
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23
25591a0a7c5fe51adcf3c0af8c69de1b1c8af0b89ba4a186c7b3ba6d6fb9302c
25d8e265f2cc90dc5767f18d5e03f9a2b9b2e4d08e0f299b0f70d9e68f95d998
28fc16368231dc391eaf63180d2f3c469e8a8e8a8237121c9eca7b4285188c48
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2c003389936cf0796514f0d6dd1a6254e7cf80241452c93ce135c13401057872
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e024d2635ce2f90bbdfbb28275fb07356861355cc41a1fbbd941090b4f1500d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
313bc1d183c3afddcbdbcc4974b7b52a294d6048abfbf22f8f458eb07f5f68ec
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a
346b47cc32af221672e98b0ec2811bc32b5cc578fe7de77118d80e1cd6d3e294
35b684a020b50c10e1b42cc6d725b0a4db17190f26eb6a93ce8a9527dfc775c9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
391b9bd107cd37096dc2ed770bb52e4f34d577f54dee4319f563ea482ce6f8b6
3d44c7e3f4a2a94bad0da6eb43938696afbc8f2a58cb8a74c71200875a0f8bad
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db55ba67b886a7c0d4f317b266a3f19f5aff866f08f7978a739c6bcd76c9811
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4145b1c3dc67dbf7e7633324f42330d2467ccb902d874494695567ca2dac42f0
43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
4510c424b1e231feccf2d713061ef7b73829f075a9f91a75e49dd3556051d5a3
461301b0bc46c1f0f8eebfdb301d3976e7e65c5f5ecf3e1e684f1008ded4fd75
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4996a083825c331e56e13372d3eb0660679a2c19b84032b9bcc6eb1e0792f569
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c28c0bea0fa5730a0a1c07a00d822c5cfcbba07c9619f92595f733f4732a761
4de2d3b0129049642fc1f0f54a49aa96e79de7c2e3ccf077c5da5ed21437eb79
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecfa657a94c57109985f7d07882a68936fe311340910a2f592ebd80a1c82906
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51748a5942d66b489df0745ec6fb22fd8930d2b62fc06c448a1bd3168b5d99c3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
547f226c6e04b6654144617685448d360e2a92d908c6fb646761a1e6d4850004
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
56350012a78fa8493bcb38fe6e0e06a29c70582ed2ab2d45a6babdef2b195c9e
56e6ed5bbbb9077c8bfdda4d8ca32afff6c7368bb1ade4a6f57ecf3a26df870c
57aad0eb32478aac681048ab9824a8b427c40d19e85897db861bb403f8f13c7b
5800186dfe1f045bf506a3981070d552a8d1da1d9ef16899e1987e57102e7092
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5d23cbd2a9a33bd91cc49c18cec7e2ea6c1b0650c19c418d533c0c9083cad8e5
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0
60fad079dc91b61a311881988011fcfee25a6f5e9899a937e6e7294c5bd0c442
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5
62689a2ba5327bbf1d225f66c3de6506816831bbdb326864992abaab063e2a66
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
678bca8a699320e0bd46136b88ee78c9e5525d9f81a809383e8b6a909fcede5b
69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ab30c05860dc5426ee66e700ae6c5a5ede1ac7d4432b6580f93661f33994ff1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c44405ab70a28ddb28bb5930646a069e59076fcd530ac435f6350f14a1ead72
6da2d71f0662c4f3dfab496c7a7e5510cc2ceab4725452758669f68cd3ffc95a
6f4edf42f57ab049ff5c1e111189c998762737248dca9a5556ef97cc2210ea67
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
756a4617cc8422cc1474c9e67bcf9eec18604e0e4e4d4217a1384de409636b3b
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
788113b5149e8260aecd7fc881e07f3be400bf8ae53f04135f54d46e0d9d5d17
7955771d2fe473ec86fe88d6eaf05702eacabb3887252305d6cd3675e5bebcae
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7a636173433040eaadd28a28bb7b07173bd735977615b9b783d25e915c231666
7b0f134d3c5fc97ef8feb1488957d50fb3fe61134848ad8c7e4a292c73d1071a
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f90dcd0fba90d90c2bb4b845ecacdfb21873fef07fc57d931fce0a5a43f4a40
8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea
822bd9d006dbb6645f5d81a7ecd887f2ac3b966c3ac98ef6c4e3964c5d568b15
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840af75bc8b3a5fbc16c4871c3f1a15c95fa59abd76f2a6fbed17718e2c29884
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
874abc6a94982dcf142e6b53fc1589ff578b760966a738766d5f0066c6741dbd
896cf85f87c399105e58561f2c31b353ef3fc91b6180d5cb92ffa376a723b371
8b64e9644f2f8cf98b093aec08032e56ebc4becf2b6768eaf24163a423dae655
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
92cda8cd6907fe242599f75e1dcca214ea3a56ffc20de464274671cfa7e84359
92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97072232e06c3504d24e712480dc926fedf5c77a8c23737c673982ebcb725540
97366ccdc6b19deea73abc010d5f78af83b22403e122129e1ed250d2ba35f004
97dd2b26c7e555d537095fb4147d2d8cf99fd87e8135246b92dbfa1acb62d913
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d6a9fabcf841ba995fe8b71f1c9c1e960f6df646a0e73cbdd08fb1f8913e69
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9a9ed77e0dfc82bcf6b2ced632c3e0cdd52a0f248e51d15e6a0df9b565ce9d57
9c361370e5b93024f75c586ec20a5692f4a4e7dbe2ef15905b75cd47d74dfceb
9cdfcda365e1b66d3f880c979ac8cdc83e178cef320c33c75f53b55f3e3c1c18
9eab4bc0eec58056c3b00a50a62561731b2620c59302f501f34ba4de6421aa31
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a38be1af053ab88f66edd53f84ef3df0d69c2447ccb801d17d62ee74e03fcf2e
a39d2ec9bcdaae22f3c1e9ce78d608ccb743b7c52d072d01475e69fd4ef32f34
a3efab061ef483ca4d6d0ead3c0b415ddba24a57d55366f89738c12b5da174b8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad
a6bcc9a15c4f7b2e65d2b24ef72efa9e373791cf4bd9576c78a9c53009a9aadf
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9b0042ee62511bb68c172c7281de2e2e392790dad297d85055e98be565930bc
aa8ed414357cc5d42fb3b8530b68f3964b43bb585ffd80c65055a91af19c2b2d
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
ae0940a8bbb0d579de4f4cdfb221b8addc01275d7d1327c06e00689f42a22c29
aefa474da0458e44b73f36cee85fbcb2acd8bf5b571748f454c8a45161ba000f
af5e9b35433ec684aea2833e3650071a7a8592889b74142df73fa84c22c15b2d
afab4cddb39ebfcfd288a219afa7f3d2713c0f23c7469506b235b9a90a8ebd31
b02098980576153147ea9762d8aeaaec7447decca7bddc419a1e7b333583de46
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152
b30a5db854ba342c274c09d698a14b5e44e33659edce46b9f74784f7fa21955d
b349c8bfd7eec7cb879275d711f5efb8e849546f5d822090c928bbb9841d136f
b48893b6aa61aa39b43f18ef69b68f3b160c0e4372edd8f05c078b7025bfb93f
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30
be5f112e2769401e53cb3336a1ff34d48469c5b2a8a2f3940ae41c725bd0d19d
bed19ef32432a609feca36d2bc6b49255d34674724d5c03ec4b790c4d73d550c
bf693376bfcfc1b85adad412d8ca798a23092967b57fa68f6109443572f15342
c00442991f84b40f39671db850b3a2a446442fa9c2053ee17963c2eaba1ebc2b
c07d8d1de782177a97372172e2c5dfed7946b584afe569e2353fb158715743dd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3378aee23a57a68806cea8a91688a6d01be7ae6b16b1915ba93e1a0613ab17c
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cc139102469d1642b0d6deb4bbdb6ac89a2ba409d24c24a96ed6bfd288072c9a
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f
ce0a25dc618c0bfbc4bd472a7ffad89c9c2f386b3f0d9e396b0a70bced07ed26
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d14abb44a7716fc2800014e868021b15da2b75db9703de98e54ed31de56a4241
d1587636a9c7a7b7b4d2195816df56f74691d6f79aada1fa9dd165a604f18055
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a
dc8acdb75d8e5a18b6c02d03a842bf4383df926b7a4aad907614a037e5eaa277
dca1f4e2612b116221b7c2544644cf400809ec7a2e5c4d5f1b6569536eceba87
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df5748b46d35365a88c5de066e301538b0326e3ec1324300bfa160cc26abfdc2
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e1eea1640a99dad163f68e61551270bfe0548820de1463cf1acb8fe4e7c53c00
e23a9250c7455b9e53738ce705913e613af48255184dba0b4847f7561d1a6c37
e307cbea956bb4cd15b157afe146353365f7769055929cc41171eff14706ee55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e4f23332d4748e331a4d57b5d6007ba7af36ca5bda105942ed74f68ce365f144
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e6a40ab2403813d5a0a4eaa2156a8514276bff4df070c9211e10960151878276
e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f
e8246b428a5957d64eca65688abc8ab94b252835cded7bc43ca1ad0db5b3666d
ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d
ea97cb8133264d34a7c9a2969e45ea82b20956ec88c1b8bb4892fda102f4c6f7
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4e71e9a2ab98f6494be890955e6426a21459dd86f030cce59f05e61b9b5016
f0871f0a815917ca984a52c4bdb7834994310b382aca767fffc2ae96bf9cdfb0
f0b002f3bbd864cec1fe3869c5add1468504ef19e6593bb5fb5c3a498c3edb9e
f4531c23652f58a8c6e1bf3b03517515df38ebdd06ac48f69432ac02bca3b5b6
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f694d27b06b472d3776ce0fa1c5449e90ed98eaac957785afd6321e3ed4e1e04
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
f7b5d1e9db0177888752dd0c53ca76d1f2e94b4831052b5a3c465fefac7bf2b4
fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e
fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b
fec554dc67cf85228a5b76981f07b368a75d285eddd3d67f2537eb61fd6d9f10