www.sanook.com Open in urlscan Pro
203.151.128.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sanook.com/
Effective URL:
https://www.sanook.com/
Submission: On July 21 via manual (July 21st 2023, 11:39:31 am UTC) from MY — Scanned from GB

Summary HTTP 371 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 101 IPs in 16 countries across 91 domains to perform 371 HTTP transactions. The main IP is 203.151.128.172, located in Mueang Samut Prakan, Thailand and belongs to INET-TH-AS Internet Thailand Company Limited, TH. The main domain is www.sanook.com. The Cisco Umbrella rank of the primary domain is 86916.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 16th 2023. Valid for: a year.

This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	203.151.128.172 203.151.128.172	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
4	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
72	43.152.42.15 43.152.42.15	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
5	2620:100:a005::6 2620:100:a005::6	19750 (AS-CRITEO) (AS-CRITEO)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	203.154.58.214 203.154.58.214	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
4	203.151.133.6 203.151.133.6	4618 (INET-TH-A...) (INET-TH-AS Internet Thailand Company Limited)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:6e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	43.175.22.45 43.175.22.45	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	108.138.7.113 108.138.7.113	16509 (AMAZON-02) (AMAZON-02)
3	23.75.64.175 23.75.64.175	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	61.91.93.46 61.91.93.46	7470 (TRUEINTER...) (TRUEINTERNET-AS-AP TRUE INTERNET Co.)
1 4	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 6	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:7e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
3	119.81.192.134 119.81.192.134	36351 (SOFTLAYER) (SOFTLAYER)
13	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	2620:100:a005... 2620:100:a005::17	19750 (AS-CRITEO) (AS-CRITEO)
13	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3 7	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:5a00:a:e047:753:be1	() ()
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	74.119.118.138 74.119.118.138	19750 (AS-CRITEO) (AS-CRITEO)
21	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
9	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 4	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
5 8	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	54.164.204.95 54.164.204.95	14618 (AMAZON-AES) (AMAZON-AES)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
5 5	52.214.14.119 52.214.14.119	16509 (AMAZON-02) (AMAZON-02)
10 12	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1 1	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
4 6	52.213.109.107 52.213.109.107	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.158.85.140 54.158.85.140	14618 (AMAZON-AES) (AMAZON-AES)
3 5	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
2 3	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3601:da00:7cb3:2a5d:49ee	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
3 3	18.196.48.221 18.196.48.221	16509 (AMAZON-02) (AMAZON-02)
1 1	3.65.77.190 3.65.77.190	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2 6	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	77.245.57.78 77.245.57.78	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	23.218.210.30 23.218.210.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	35.214.167.243 35.214.167.243	15169 (GOOGLE) (GOOGLE)
4 4	72.251.241.196 72.251.241.196	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2491:0:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.31.235.128 52.31.235.128	16509 (AMAZON-02) (AMAZON-02)
5	185.64.189.226 185.64.189.226	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2 4	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	141.94.242.206 141.94.242.206	16276 (OVH) (OVH)
4 4	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
2	162.55.120.196 162.55.120.196	24940 (HETZNER-AS) (HETZNER-AS)
8 8	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 4	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	141.94.171.214 141.94.171.214	16276 (OVH) (OVH)
2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 2	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.228.182.143 34.228.182.143	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2600:9000:236... 2600:9000:236e:8000:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
371	101

6 203.151.128.172 (Mueang Samut Prakan, Thailand) 1 redirects

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 172.128.151.203.sta.inet.co.th

www.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graph.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 43.152.42.15 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

s.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p3.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a005::6 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.154.58.214 (Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 203-154-58-214.northern.inet.co.th

lvs2.truehits.in.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.151.133.6 (Mueang Samut Prakan, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 6.134.151.203.sta.inet.co.th

sal.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 43.175.22.45 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

s.isanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ocmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.113 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-113.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.75.64.175 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-64-175.deploy.static.akamaitechnologies.com

avd.innity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.91.93.46 (Bangkok, Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-46.static.asianet.co.th

sloth-api.sanook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:7e4 (United States)

ASN13335 (CLOUDFLARENET, US)

t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.81.192.134 (Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com

avd.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:100:a005::17 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.47.127.19 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:5a00:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a3b65afb36bf1c013a0f10340391d328.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.118.138 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.52 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.204.95 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-204-95.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (South Africa)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.214.14.119 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-14-119.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.66 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.213.109.107 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-109-107.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.158.85.140 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-85-140.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.20 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:da00:7cb3:2a5d:49ee (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.48.221 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-48-221.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.77.190 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-77-190.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.19.138.83 (Frankfurt am Main, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

rtb-eu.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

tencentth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.167.243 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 243.167.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.241.196 (Amsterdam, Netherlands) 4 redirects

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rtbdemand.apiip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:0:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.235.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-235-128.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.220.229.2 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.163.6 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.242.206 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.94.171.213 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.228.174.117 (United Kingdom) 8 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.94.171.214 (France) 5 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.17.21 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.253.54 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.228.182.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-182-143.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

rtbpass-us.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:8000:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	isanook.com s.isanook.com — Cisco Umbrella Rank: 88405 p3.isanook.com — Cisco Umbrella Rank: 117347 sal.isanook.com — Cisco Umbrella Rank: 106335	1 MB
55	pubmatic.com 3 redirects ads.pubmatic.com — Cisco Umbrella Rank: 558 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 583 image6.pubmatic.com — Cisco Umbrella Rank: 764 simage2.pubmatic.com — Cisco Umbrella Rank: 740 image2.pubmatic.com — Cisco Umbrella Rank: 916 t.pubmatic.com — Cisco Umbrella Rank: 2781 simage4.pubmatic.com — Cisco Umbrella Rank: 1266	285 KB
34	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 116 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 cm.g.doubleclick.net — Cisco Umbrella Rank: 243 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 355	435 KB
32	googlesyndication.com d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 a3b65afb36bf1c013a0f10340391d328.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153	174 KB
21	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2609 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1723	62 KB
12	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 567 eus.rubiconproject.com — Cisco Umbrella Rank: 631 pixel.rubiconproject.com — Cisco Umbrella Rank: 382 token.rubiconproject.com — Cisco Umbrella Rank: 626	15 KB
12	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2424 bidder.criteo.com — Cisco Umbrella Rank: 727 dis.criteo.com — Cisco Umbrella Rank: 588	9 KB
10	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 648 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612	8 KB
10	amazon-adsystem.com 3 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1078 s.amazon-adsystem.com — Cisco Umbrella Rank: 320 c.amazon-adsystem.com — Cisco Umbrella Rank: 364	69 KB
9	onaudience.com 9 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 16572 pixel.onaudience.com — Cisco Umbrella Rank: 3286	4 KB
9	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 acdn.adnxs.com — Cisco Umbrella Rank: 568 secure.adnxs.com — Cisco Umbrella Rank: 447	23 KB
8	id5-sync.com 2 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 856 id5-sync.com — Cisco Umbrella Rank: 426	56 KB
8	crwdcntrl.net 4 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 979 sync.crwdcntrl.net — Cisco Umbrella Rank: 868 bcp.crwdcntrl.net — Cisco Umbrella Rank: 876 id.crwdcntrl.net — Cisco Umbrella Rank: 2757	15 KB
7	sanook.com 1 redirects www.sanook.com — Cisco Umbrella Rank: 86916 graph.sanook.com — Cisco Umbrella Rank: 126962 sloth-api.sanook.com — Cisco Umbrella Rank: 149338 dc.sanook.com Failed	40 KB
6	1rx.io 6 redirects sync.1rx.io — Cisco Umbrella Rank: 613	3 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1490 tencentth-d.openx.net — Cisco Umbrella Rank: 151509 u.openx.net — Cisco Umbrella Rank: 733 google-bidout-d.openx.net — Cisco Umbrella Rank: 1488	1 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 386	1 KB
5	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 8063 c1.adform.net — Cisco Umbrella Rank: 601	3 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 592	3 KB
5	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2911	796 B
5	criteo.net static.criteo.net — Cisco Umbrella Rank: 595	96 KB
4	zeotap.com 1 redirects mwzeom.zeotap.com — Cisco Umbrella Rank: 3084 spl.zeotap.com — Cisco Umbrella Rank: 3148	1 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 791 s.tribalfusion.com — Cisco Umbrella Rank: 1862	2 KB
4	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 726	1 KB
4	adgrx.com 4 redirects cm.adgrx.com — Cisco Umbrella Rank: 1590	2 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2519	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	197 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 848 beacon.taboola.com — Cisco Umbrella Rank: 16316	7 KB
3	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 1720 wrappers.geoedge.be — Cisco Umbrella Rank: 25507	152 KB
3	loopme.me 3 redirects csync.loopme.me — Cisco Umbrella Rank: 969	707 B
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 892	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 346	1 KB
3	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 461 ups.analytics.yahoo.com — Cisco Umbrella Rank: 321	1 KB
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 865	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 25441 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22551	897 B
3	innity.com avd.innity.com — Cisco Umbrella Rank: 29098	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 56	21 KB
3	innity.net avd.innity.net — Cisco Umbrella Rank: 38716	13 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	5 KB
3	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 50485 t.ocmhood.com — Cisco Umbrella Rank: 11119	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	247 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 3900	128 B
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 25496	2 KB
2	playground.xyz 2 redirects ads.playground.xyz — Cisco Umbrella Rank: 4856	683 B
2	bidtheatre.com 2 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2859	1 KB
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 731	374 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1326	1 KB
2	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 8099
2	erne.co 2 redirects green.erne.co — Cisco Umbrella Rank: 28045	824 B
2	mrtnsvr.com 2 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 3529	352 B
2	gammaplatform.com 2 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3371	1 KB
2	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 6494	572 B
2	iprom.net core.iprom.net — Cisco Umbrella Rank: 6868	554 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1091	802 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 695 cdn.indexww.com — Cisco Umbrella Rank: 1609	2 KB
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1467	1022 B
2	andbeyond.media rtb-eu.andbeyond.media — Cisco Umbrella Rank: 152004 rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 30399	177 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1611	315 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	233 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	134 KB
2	truehits.in.th lvs2.truehits.in.th — Cisco Umbrella Rank: 87453	9 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 297	555 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 488	10 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 900	666 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 584	218 B
1	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 21553	4 KB
1	apiip.net rtbdemand.apiip.net — Cisco Umbrella Rank: 27143	411 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 710	30 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 322	127 KB
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 23693	269 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 372	646 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 406	30 KB
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4176	104 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 7159	345 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615	702 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 594	655 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2241	418 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 766	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1589	524 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 818	589 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	795 B
1	de17a.com d5p.de17a.com — Cisco Umbrella Rank: 4461	125 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1620	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	901 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1632	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1598	8 KB
1	ocmtag.com cdn.ocmtag.com — Cisco Umbrella Rank: 52659	689 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 158	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1198	49 KB
0	semasio.net Failed uipus.semasio.net Failed
0	rlcdn.com Failed api.rlcdn.com Failed
371	91

	Domain	Requested by
73	s.isanook.com	www.sanook.com
21	simage2.pubmatic.com	ads.pubmatic.com www.sanook.com
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.sanook.com d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com rumcdn.geoedge.be
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net www.sanook.com rumcdn.geoedge.be
13	securepubads.g.doubleclick.net	www.googletagservices.com www.sanook.com securepubads.g.doubleclick.net
12	cm.g.doubleclick.net	10 redirects www.sanook.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com www.sanook.com googleads.g.doubleclick.net rumcdn.geoedge.be
9	image2.pubmatic.com	ads.pubmatic.com
7	image6.pubmatic.com	3 redirects ads.pubmatic.com
6	sync.1rx.io	6 redirects
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	id5-sync.com	2 redirects www.sanook.com
6	bidder.criteo.com	www.sanook.com static.criteo.net
6	www.google.com	1 redirects www.sanook.com tpc.googlesyndication.com d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com rumcdn.geoedge.be
5	pixel.onaudience.com	5 redirects
5	t.pubmatic.com	www.sanook.com
5	pixel.rubiconproject.com	3 redirects www.sanook.com
5	match.adsrvr.org	ads.pubmatic.com www.sanook.com ssum-sec.casalemedia.com
5	sync.crwdcntrl.net	4 redirects ads.pubmatic.com
5	match.prod.bidr.io	5 redirects
5	ib.adnxs.com	2 redirects www.sanook.com acdn.adnxs.com
5	hbopenbid.pubmatic.com	www.sanook.com
5	www.google.co.uk	www.sanook.com
5	ads.pubmatic.com	s.isanook.com www.sanook.com ads.pubmatic.com
5	p3.isanook.com	www.sanook.com s.isanook.com p3.isanook.com
5	static.criteo.net	www.sanook.com s.isanook.com securepubads.g.doubleclick.net
4	pixel-eu.onaudience.com	4 redirects
4	sync-tm.everesttech.net	2 redirects ads.pubmatic.com
4	cm.adgrx.com	4 redirects
4	token.rubiconproject.com	4 redirects
4	c1.adform.net	2 redirects ads.pubmatic.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	aax-eu.amazon-adsystem.com	2 redirects ads.pubmatic.com www.sanook.com
4	www.googletagservices.com	s.isanook.com securepubads.g.doubleclick.net d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
4	gum.criteo.com	1 redirects static.criteo.net www.sanook.com
4	graph.sanook.com	s.isanook.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	sal.isanook.com	www.sanook.com
3	mwzeom.zeotap.com	www.sanook.com ads.pubmatic.com
3	simage4.pubmatic.com	ads.pubmatic.com
3	c.amazon-adsystem.com	www.sanook.com
3	secure.adnxs.com	3 redirects
3	csync.loopme.me	3 redirects
3	s.amazon-adsystem.com	1 redirects www.sanook.com ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	ad.turn.com	3 redirects
3	x.bidswitch.net	3 redirects
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	avd.innity.com	avd.innity.net www.sanook.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.sanook.com
3	www.google-analytics.com	www.googletagmanager.com www.sanook.com
3	avd.innity.net	p3.isanook.com avd.innity.net www.sanook.com
3	sb.scorecardresearch.com	1 redirects p3.isanook.com www.sanook.com
3	www.googletagmanager.com	www.sanook.com www.googleoptimize.com www.google-analytics.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	www.sanook.com
2	loada.exelator.com	2 redirects
2	ads.playground.xyz	2 redirects
2	match.adsby.bidtheatre.com	2 redirects
2	pixel-sync.sitescout.com	www.sanook.com ads.pubmatic.com
2	sync.targeting.unrulymedia.com	2 redirects
2	matching.truffle.bid	ads.pubmatic.com
2	green.erne.co	2 redirects
2	ad.mrtnsvr.com	2 redirects
2	s.tribalfusion.com	ads.pubmatic.com
2	a.tribalfusion.com	2 redirects
2	cm-supply-web.gammaplatform.com	2 redirects
2	ipac.ctnsnet.com	ads.pubmatic.com
2	core.iprom.net	ads.pubmatic.com
2	lb.eu-1-id5-sync.com	www.sanook.com
2	rumcdn.geoedge.be	www.sanook.com rumcdn.geoedge.be
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	eus.rubiconproject.com	ads.pubmatic.com eus.rubiconproject.com
2	a.teads.tv	www.sanook.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects www.sanook.com
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	cr.frontend.weborama.fr	2 redirects
2	d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.id5-sync.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
2	region1.analytics.google.com	www.googletagmanager.com
2	t.ocmhood.com	sdk.ocmhood.com
2	www.facebook.com	www.sanook.com
2	beacon.taboola.com	www.sanook.com
2	connect.facebook.net	www.sanook.com connect.facebook.net
2	lvs2.truehits.in.th	www.sanook.com
2	cdn.taboola.com	www.sanook.com rumcdn.geoedge.be
2	www.sanook.com	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.sanook.com
1	wrappers.geoedge.be	www.sanook.com
1	rtbpass-us.andbeyond.media	www.sanook.com
1	sync.mathtag.com	1 redirects
1	stags.bluekai.com	www.sanook.com
1	spl.zeotap.com	1 redirects
1	id.crwdcntrl.net	www.sanook.com
1	p.adlooxtracking.com	www.sanook.com
1	rtbdemand.apiip.net	www.sanook.com
1	code.jquery.com	www.sanook.com
1	s0.2mdn.net	d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	px.ads.linkedin.com	www.sanook.com
1	js-sec.indexww.com	ads.pubmatic.com
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	a3b65afb36bf1c013a0f10340391d328.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	acdn.adnxs.com	ads.pubmatic.com
1	u.openx.net	ads.pubmatic.com
1	bcp.crwdcntrl.net	www.sanook.com
1	htlb.casalemedia.com	www.sanook.com
1	fastlane.rubiconproject.com	www.sanook.com
1	tencentth-d.openx.net	www.sanook.com
1	rtb-eu.andbeyond.media	www.sanook.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	sonata-notifications.taptapnetworks.com	1 redirects
1	ups.analytics.yahoo.com	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	t.adx.opera.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	1 redirects
1	p.rfihub.com	1 redirects
1	dis.criteo.com	1 redirects
1	d5p.de17a.com	ads.pubmatic.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	mug.criteo.com	www.sanook.com
1	sloth-api.sanook.com	www.sanook.com
1	cdn.ocmtag.com	sdk.ocmhood.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	sdk.ocmhood.com	cdn.taboola.com
0	dc.sanook.com Failed
0	uipus.semasio.net Failed	www.sanook.com
0	api.rlcdn.com Failed	www.sanook.com
371	141

This site contains links to these domains. Also see Links.

Domain
truehits.net
season.sanook.com
news.sanook.com
www.joox.com
wetv.vip
www.wecomics.in.th
www.facebook.com
sso.member.sanook.com
muan.sanook.com
www.sanook77.co
comics.sanook.com
tv.sanook.com
learning.sanook.com
guru.sanook.com
www.tencent.co.th
twitter.com
instagram.com
www.youtube.com
www.linkedin.com
line.me
sport.sanook.com

Subject Issuer	Validity	Valid
*.sanook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-16` - `2024-07-16`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.isanook.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-04` - `2023-10-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
lvs2.truehits.in.th Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-02-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-29` - `2023-07-28`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.innity.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-24` - `2024-02-26`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-12-09`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-30` - `2023-12-30`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2023-02-14` - `2024-03-17`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-02-21` - `2023-10-10`	8 months	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2023-07-19` - `2023-10-17`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
*.iprom.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
truffle.bid R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 60 frames:

Primary Page: https://www.sanook.com/
Frame ID: A95A2B3D9C340258B5CE5384D6115F5E
Requests: 214 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 1EA9A878F632FC75140D9061B309CFDB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 03772729B8BBBCC892F1FC032453C4BC
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6F4D576C23B52EBE35B91E7DC28745DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: D17750E8F2D797933E00BCDFBDFFF050
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Frame ID: CAE92175C7A6EE17CBADB2CCAC0F7920
Requests: 25 HTTP requests in this frame

Frame: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 54F3D7CEF78DAF5A61EBFF53C53E250B
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 3D5474E055E71470BD3A4949C692568A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7584B4787BBDCB87055E20E960840ADE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826094650416
Frame ID: 7BC8C01FE76F602B0FA88F96CD426DD6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=61333963-E834-44F8-B30A-B1FF9512E3D3&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 2EE3E6692FA60AA73EB45855D232806D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7fxGX-2tEl_28UJa7PAJCez7EVr2_BcH6PDrDPLf
Frame ID: A8CD87C74807A12E3C0F16105CB40CCF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7465697009228160066&gdpr=0&gdpr_consent=
Frame ID: 710DAC7BA969F16545E07CF3CBE557E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7258235151031793812&gdpr=0&gdpr_consent=
Frame ID: 03A6E510DED84ADFDDDBC06636C8B200
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=
Frame ID: 2E2559E6AAE8F61F1F8921114984AD78
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: FCAD3139947F90B26368814A67EE1E9F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEL7E7JdN0AACV4MVKXaA&gdpr=0&gdpr_consent=
Frame ID: 23ED229CE405915BD61B06328E6843A3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKGF-0Ht72xQ0jWLVEK664YXHBwoxodc-8L3zjm7crlfCs8Yv7vC_LCab2Fel73xAWoqpFz1zj7Y3tTvtjm-r55ElCcnfL-s1_f70_m58pmv1zesZGWvA_NZBHEggYtvjKjnxqLxhnYDaJ7q_hNK-mPJlfdEND07Ezn3OzM1j07TS3h-y3ox29Wt8Q_D6M0ZUpAe1lUltnlL5pO-ttLGhxPV_CPE2KhHMRirVf-f5cGt9hzeUqUoAPKjTmjzTVZM2aFUvOOM6udqIzfX99ZYpaTE_m6CQnFB9BkIwtY7i9e9kllYTn1kClP_12rdq7Zy5P4lY0D_vaAtC745w7bcfp7M9ctTgAxNbT9AY2rBcTfCW1&sai=AMfl-YQFS6fPht10O3Q_71JCVUZ_9C61bgpYYGE21AjHdmkIAaKRiVgDiQ6Hx8T_ErHJAdKpIX5AmVSAvGOhWf12RZEExkt09BrGtUiDigT_KYI5v7g6A4qR1nqNin_9gw&sig=Cg0ArKJSzMd-uSAt_fhIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 052707AED90377C7E475459F045F4B88
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C0858639A98412100165AC974FD5EFF5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E77BE4A6E56CD39005DD4F76C6494A5F
Requests: 3 HTTP requests in this frame

Frame: https://a3b65afb36bf1c013a0f10340391d328.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: EA539286E13345743FA66EF8B0E96FE4
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: ABFA86D1ED43D6FF6AA1A307B4DC5C2D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3F21096657E68BF61E67A479F297285D
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszNzHfALYog-2947ShbYKfZWkOy757bah4T8WGF7pFbbBP9kuZs_MONEnIJ_by3IBSJL8TfLeehOltKXVJ-i7vb7SB51CJaRNSjgzW71mNtJ7gMh5coR16UJjJh64lBCS79FmPMwDeoTpx3hSnjNsWx0QVJGvOxRNiNTgL0dIIT0AGNOnkxTqtqK0Z-B4eUPOU9rdBxM8kEFIE58KNNWKq8xdLLmelqAEVbzb3zv88QcATbNVgKBzNdG70OwVbzy5EWd9RGDp4rx3t8u2091CIYY-Wf3ghjBZYmTI6Nk8Lrh7Pcx7lwfb9GWZ6wzwJQPqkBgNap5udYGPlQyCL&sai=AMfl-YREiZZU8WbrP-iqAJGjn1oOkEA7zgmhhpc3dvwKmZHKyqOD4YT5T0YAfUxYoiEMt6iAOu92FqqYXJABlhJGmasj_nGX77nkOWl4dUqZyWFbRRU26uvrtL3pYO_OHQ&sig=Cg0ArKJSzO2pe-fDi2nwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 42162AB77D98D4A28C8654F0AB197ED6
Requests: 5 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3F86E4E5F8B9EC72CD24DCEDC19061EF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C3345EA4B0AA50262D31D01684FD7448
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C20C950CB77D0F3F5135AFDED8B41BF8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01C00A771E4730F24D6FFFB68864479C
Requests: 2 HTTP requests in this frame

Frame: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F6CD669BF044C2CBE3432E2CC319E5A
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhiXwrfoATAB&v=APEucNUhX9apR4V1-Gca6Q0DFwG7uqDEsS9DBdzlX_m-lEQxtM4j0IW2kH3Da-D3z7Ais2IOKDyHLKj2zeosjMAUYU6qV_7hCw
Frame ID: 1E3ED76502E928CBABC399AE40F7460A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CCBFD5712FC33757465BCF147515C369
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
Frame ID: D3CD2FAB899DA106743E38D23BC6E320
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLpubQACedcupgAN
Frame ID: A1346714DFC7CEFEFE0041652E7C1899
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 900DE0100EC73CEF66FA6F0050A70043
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
Frame ID: 163C49434610FA041816DD072C55AB60
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 1E8D2CC51E87AB8E65197BB22D489EAE
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2C77CF2F152CAC45F3F80427439D57B6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=mh2ampfceqsu
Frame ID: 5A2508EF3F3C65F00CB3774A4A0D9F3A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C41EB2C3772D9DB3D22F29CCDE05FCA5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
Frame ID: 2AB15E16CC888BD3B85A839243DCC0E7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=
Frame ID: 8740939BA68F70E267890B961040CD4F
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 46D5879939CF6A6236932D270CC13A50
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=
Frame ID: 666DBB1D24C5E4CDF105376AA275E59A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003
Frame ID: A8881FE55EA5686B5213CD13438F9EC1
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
Frame ID: FD47C407116986BEF6BFE21993AA6007
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLpubQACe5EujgAN
Frame ID: A07306EA608E33E9C6DD9EA50A8D7FD9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2ED524C1028BB265673E13AEA3D130D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
Frame ID: 27158403D6452716886AB4C5DEB7E967
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: E3777594E6AE09EAEC6ECE89A707A783
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CA38045CAF2F21D1D2660B607871ACE8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=tphgy09bj201
Frame ID: 8B1CD47978ED7A26AB91232FD894D7F2
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: AB852F795BF28F3C0B5F5728F169B646
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
Frame ID: 087357A50C06F59C3E7EEFEEB9638DDB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=
Frame ID: 061CA8E7E250CC6A5557A9CB51B682AD
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E1A5DC30575E86B693C5B3C8F1CEBAEE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=
Frame ID: 8D5360E279D0542B958D4DBE93B0C210
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003
Frame ID: 8EB2B28AB64543801A5F9371A45555B0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/webpush/tgframe.html
Frame ID: 72959A996A6CEABD69A812C686B5CBD1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E8EF1757E845157D2AE53D801C8E5D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A81B1925146CFAFB7AD89822A644CD2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sanook.com รวมข่าว ดูดวง หวย ผลบอล เพลง Joox เกม

Page URL History Show full URLs

http://www.sanook.com/ HTTP 302
https://www.sanook.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

371
Requests

89 %
HTTPS

31 %
IPv6

91
Domains

141
Subdomains

101
IPs

16
Countries

3823 kB
Transfer

12163 kB
Size

149
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://truehits.net/stat.php?login=sanook

Search URL Search Domain Scan URL

URL: https://season.sanook.com/hbdproject/september/nominee/

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto
Title: ตรวจหวย

Search URL Search Domain Scan URL

URL: https://www.joox.com/th
Title: ฟังเพลง

Search URL Search Domain Scan URL

URL: https://wetv.vip/th?language=th
Title: ดูหนัง

Search URL Search Domain Scan URL

URL: https://www.wecomics.in.th/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PUBGMOBILE.TH.OFFICIAL
Title: เล่นเกมส์

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/login.php?psnid=000001-000046-000049-000001&autologin=1&option=&surl=https://www.sanook.com/&registerUrl=http%3A%2F%2Fsso.member.sanook.com%2Fregister%2Fmini.php
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://sso.member.sanook.com/member/signup.php?psnid=000001-000046-000049-000001&surl=https://www.sanook.com/&autologin=1&eventID=&option=&mail=
Title: สมัครสมาชิก

Search URL Search Domain Scan URL

URL: https://muan.sanook.com/
Title: ข่าวลาว

Search URL Search Domain Scan URL

URL: https://www.sanook77.co/
Title: ข่าว 77 จังหวัด

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/
Title: หวยไทย

Search URL Search Domain Scan URL

URL: https://news.sanook.com/lotto/lotto-stats/
Title: สถิติหวยไทย

Search URL Search Domain Scan URL

URL: https://comics.sanook.com/
Title: อ่านการ์ตูน

Search URL Search Domain Scan URL

URL: https://tv.sanook.com/
Title: ดูทีวี

Search URL Search Domain Scan URL

URL: https://learning.sanook.com/
Title: เรียนออนไลน์

Search URL Search Domain Scan URL

URL: https://guru.sanook.com/
Title: กูรู-รอบรู้

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/th/jobs/
Title: ร่วมงานกับเรา

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sanookeveryday

Search URL Search Domain Scan URL

URL: https://twitter.com/sanook

Search URL Search Domain Scan URL

URL: https://instagram.com/sanook.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SanookTV

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1013623?trk=tyah&trkInfo=clickedVertical%3Acompany%2CclickedEntityId%3A1013623%2Cidx%3A2-1-2%2CtarId%3A1465882069006%2Ctas%3ASanook

Search URL Search Domain Scan URL

URL: https://line.me/ti/p/@sanook.com

Search URL Search Domain Scan URL

URL: https://sport.sanook.com/football/table/premierleague/
Title: ตารางคะแนนพรีเมียร์ลีก

Search URL Search Domain Scan URL

URL: https://www.tencent.co.th/
Title: เกี่ยวกับเรา

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sanook.com/ HTTP 302
https://www.sanook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=94766284&cv=11&fst=1689939560138&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1406557898.1689939560&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=aG66ZM3LOJOYiM0P9NGBoA8&sscte=1&crd=&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMo8TVDI1jCtJLAWQZ0qYLxYYE1ljH14_6s&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1M2dUNNM082VUhUQVFiN2dCN3k5LWkyX2lyd1A1Q3J2YTBWZkRQVk5ZZFlGQlEaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxNEFLN0lEQkRCd1gyUk83UWo5V2hkSzVpMTM5QUowajIyNHJpSmJLcWQyaGRra1N5WEhPbVkwZyITCM2f4rnbn4ADFRMMogMd9GgA9A HTTP 302
https://www.google.com/pagead/1p-conversion/1007499765/?random=94766284&cv=11&fst=1689939560138&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1406557898.1689939560&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1M2dUNNM082VUhUQVFiN2dCN3k5LWkyX2lyd1A1Q3J2YTBWZkRQVk5ZZFlGQlEaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxNEFLN0lEQkRCd1gyUk83UWo5V2hkSzVpMTM5QUowajIyNHJpSmJLcWQyaGRra1N5WEhPbVkwZyITCM2f4rnbn4ADFRMMogMd9GgA9A&is_vtc=1&ocp_id=aG66ZM3LOJOYiM0P9NGBoA8&cid=CAQSKQBpAlJWovGJLStg1U4T4a_0cluNYtueoWAJTf0bomOwuBfa1rg_FisR&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMpfdpfoauJQ3emtvXEoTUDigooPbncm8Wg&random=2444241752 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/1007499765/?random=94766284&cv=11&fst=1689939560138&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1406557898.1689939560&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1M2dUNNM082VUhUQVFiN2dCN3k5LWkyX2lyd1A1Q3J2YTBWZkRQVk5ZZFlGQlEaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxNEFLN0lEQkRCd1gyUk83UWo5V2hkSzVpMTM5QUowajIyNHJpSmJLcWQyaGRra1N5WEhPbVkwZyITCM2f4rnbn4ADFRMMogMd9GgA9A&is_vtc=1&ocp_id=aG66ZM3LOJOYiM0P9NGBoA8&cid=CAQSKQBpAlJWovGJLStg1U4T4a_0cluNYtueoWAJTf0bomOwuBfa1rg_FisR&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMpfdpfoauJQ3emtvXEoTUDigooPbncm8Wg&random=2444241752&ipr=y

Request Chain 101

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689939561427&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689939561427&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=

Request Chain 107

https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=EH0oenxGQTZkd1JoWmxwSzRsNmtjQU52eGw1ZkRkQmVsQXFxbE40OGpLLzJwdHZqd2lTOXFNSW8xUXpwM085QlJCWUtWQVR2OUhTcmRCSk5RWHJGbzE4dXhCbk5LNGdHaHpiZ1ZySko0UU93aW5QVUlKK3M2SlgvbDZmSlo5UHFuRnBwTHkrK2E1U2R0Ty8xczkwUVlaTm5zcHR4MEZXQ1liWm9Vb3lTcGU0SzZFaVc0SDNZMHIrRER5cFRBTTAreWRqekZDWDcvOWUrOW44UEZKOHUwSCtWdG5KdFYveFoxOHVnK2ZtRWgrdWRPdytYeEIrcm51RTNBKzh3Wmk0THNkR0hWU2RFQXZna09pVVRaY1djRDhKZHBMdz09fA&cppv=2

Request Chain 148

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 149

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826094650416

Request Chain 150

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=61333963-E834-44F8-B30A-B1FF9512E3D3&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=61333963-E834-44F8-B30A-B1FF9512E3D3&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 151

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7fxGX-2tEl_28UJa7PAJCez7EVr2_BcH6PDrDPLf

Request Chain 152

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7465697009228160066&gdpr=0&gdpr_consent=

Request Chain 153

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7258235151031793812&gdpr=0&gdpr_consent=

Request Chain 154

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=

Request Chain 156

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFTDdFN0pkTjBBQUNWNE1WS1hhQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEL7E7JdN0AACV4MVKXaA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEL7E7JdN0AACV4MVKXaA&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEL7E7JdN0AACV4MVKXaA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5105884918991444935&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEL7E7JdN0AACV4MVKXaA&gdpr=0&gdpr_consent=

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YTM5Y-g0RPizCrH_lRLj0w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 158

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=&ct=y

Request Chain 159

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3104798370 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=61333963-E834-44F8-B30A-B1FF9512E3D3

Request Chain 160

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=61333963-E834-44F8-B30A-B1FF9512E3D3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWFobzFpLWtsUlFRYWFKRXFKUE45dVRvQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=6944312430359264284&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjEzMzM5NjMtRTgzNC00NEY4LUIzMEEtQjFGRjk1MTJFM0Qz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEfvHTTKCveIn7G_Ct1xKhw&google_cver=1

Request Chain 164

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6944312430359264284

Request Chain 168

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8c236a56-bd72-40c7-821e-231ca3fc6555&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_ebe63144-29bc-4b0b-a30a-acf880281b2f&bsw_param=8c236a56-bd72-40c7-821e-231ca3fc6555&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8c236a56-bd72-40c7-821e-231ca3fc6555&gdpr=0&gdpr_consent=&gdpr_pd=

Request Chain 170

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2569436704448451549&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 174

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1

Request Chain 221

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL8neSUBS-7sSUZKnCn5QLM&google_cver=1

Request Chain 224

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/V8TMX6ItO0t63_SgPb_cvg?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Fya5OZlE2oJNvTct6pYMA22CvC9ObV.nhA_JsA--~A

Request Chain 226

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HK_qhvx_SceEZaqrvJdTyg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HK_qhvx_SceEZaqrvJdTyg

Request Chain 227

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AQd1dlkBTmWmgFKlpWY_Gg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AQd1dlkBTmWmgFKlpWY_Gg

Request Chain 228

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtDSURTMFctRy1JRkIw&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFdXgBBX8KIyTJcQQaqD_J8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtDSURTMFctRy1JRkIw&google_push=

Request Chain 229

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4NzdkNzJiNjliNjdhYzkxYjMwMWY5NDFhYmM0M2I1ZDZjMWFmZQ&us_privacy=1---

Request Chain 230

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKCIDS0W-G-IFB0&us_privacy=1---

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLpua14KQ6-PcFtkoXRwugAADIUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDxoGsQsIMisU8lRjt6y6Ww&google_cver=1

Request Chain 238

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLpua14KQ6.PcFtkoXRwugAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJaynnKaTbBTwy5BjkPolbc&google_cver=1&google_hm=2

Request Chain 239

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=76ab6422-0a47-4f72-8526-9cfff272d370

Request Chain 240

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a4fda342-4052-4fde-8873-b8aab2c27185&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 241

https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f

Request Chain 242

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7465697009228160066

Request Chain 296

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLpubQACedcupgAN

Request Chain 297

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 298

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f

Request Chain 301

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=mh2ampfceqsu

Request Chain 302

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 303

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=

Request Chain 304

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7AicPGkHMbTWTUhQjWRSUXgn%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=98e1c1f9e973d5f3aedc201d53917156&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D7AicPGkHMbTWTUhQjWRSUXgn%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=

Request Chain 306

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=

Request Chain 307

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1689939565475 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3010559829 HTTP 302
https://sync.1rx.io/usersync/turn/2569436704448451549?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003

Request Chain 309

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 310

https://pixel.onaudience.com/?partner=214&mapped=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7e63be29b9ef4780/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=98e1c1f9e973d5f3aedc201d53917156&gdpr=0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=f17476bdc49862ae HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9544c3b4-e0b7-4434-591a-d05589ffc835&reqId=77609f1c-2a64-44d8-7e63-b299f0ac15e5&zcluid=f17476bdc49862ae&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEOEvhg4OUJrWBGKIkWF9rhc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9544c3b4-e0b7-4434-591a-d05589ffc835&reqId=77609f1c-2a64-44d8-7e63-b299f0ac15e5&zcluid=f17476bdc49862ae&zdid=1332

Request Chain 312

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:81654084-ad24-4467-baaf-23b33c691072&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 313

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7465697009228160066

Request Chain 315

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 316

https://pixel.onaudience.com/?partner=214&mapped=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e541ee83906507e4c0ddcd5ad9da3c07&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=9657d1d21dcbbbad

Request Chain 318

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLpubQACe5EujgAN

Request Chain 320

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 321

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d24daff9-041d-45cd-a86c-8e6468dec0da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 322

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f

Request Chain 325

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=tphgy09bj201

Request Chain 326

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 327

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=

Request Chain 328

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7AicPGkHMbTWTUhQjWRSUXgn%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=98e1c1f9e973d5f3aedc201d53917156&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D7AicPGkHMbTWTUhQjWRSUXgn%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=

Request Chain 329

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7465697009228160066

Request Chain 331

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=

Request Chain 332

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1689939565475 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6232962119 HTTP 302
https://sync.1rx.io/usersync/turn/2569436704448451549?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003

Request Chain 340

https://id5-sync.com/i/984/8.gif?id5id=ID5*daQUwWEsik_QwpLLP6a-gtypczqJ_Pn8HZzVMDF4ho1Wslq-PZQGHIT1kpVj2m-vVrOkK1kVyNfC1SMmnlHASg&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-040bJLyu7JVStmh6NpohmTlXmcxs3V9YDPGTdOiiLg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F984%2F3%2F7%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/984/3/7/2.gif?puid=b42864ba-6e6d-4900-b9a0-bc205d39367d&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=

371 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.sanook.com/
Redirect Chain

http://www.sanook.com/
https://www.sanook.com/

281 KB
35 KB

622ms
219ms

Document
text/html

203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

5f7ef40973ad557f38316781fa84abd570077a0c7a038f3d7524324a04562f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: public, s-maxage=15, max-age=5, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Jul 2023 11:39:19 GMT
Proxy-Cache-Status: HIT
SN-Cache-Status: MISS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
X-Cache-Status: MISS
X-Ua-Device: desktop
X-Ua-Exp: notset
X-Ua-Key: cover_display
X-Ua-Type: human

Redirect headers

Connection: keep-alive
Content-Length: 151
Content-Type: text/html
Date: Fri, 21 Jul 2023 11:39:18 GMT
Location: https://www.sanook.com/
Proxy-Cache-Status: STALE
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: User-Agent, Accept-Encoding
X-Cache-Status: MISS

GET
H2 200 taboola-push-sdk.js Show response
cdn.taboola.com/webpush/publishers/1011713/ 15 KB
6 KB 85ms
21ms Script
application/octet-stream 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8154cda85e61a93a4d07d9bc7ae8ff13274434f42af641b2fc3d791057105ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: 2Tl19F_OxK7yrtgQTZxy9bfk.gZvtT6N
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Jul 2023 11:39:19 GMT
x-amz-request-id: DYGV53XBHCXCNV4G
age: 27719
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5656
x-amz-id-2: Vvw8PF110qjn13kVtqiF+k52S9CFiR6IcXCzlZzqZBecla4z/d4KQ/QXXomcN5sne7kzCfEodJw=
x-served-by: cache-lcy-eglc8600077-LCY
last-modified: Wed, 21 Jun 2023 09:19:40 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689939560.706488,VS0,VE0
etag: "54c8d206f4dea3bc529d1f60e7b84fb6"
vary: Accept-Encoding
content-type: application/octet-stream
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 112

GET
H2 200 pubmatic_desktop.1.0.0.js Show response
s.isanook.com/sh/0/js/ 1 KB
739 B 1290ms
123ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 03:08:00 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 16 May 2018 08:30:09 GMT
server: Lego Server
age: 0
etag: W/"5afbec11-43f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16149280388032243876
accept-ranges: bytes
content-length: 548
expires: Wed, 26 Jul 2023 03:08:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 127 KB
41 KB 512ms
250ms Script
text/javascript 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

cfe5353a092600c0a14d95620f3dc6609bef7a0d3ea9a50d6bb4be26ecd33c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-1fa57"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jul 2023 11:39:20 GMT

GET
H2 200 beacon.v1.js Show response
p3.isanook.com/sh/0/js/ 319 B
554 B 964ms
29ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7884ea512c3977a6c9bfa2835b3fd5200d2760b691d0ed3adf02adf271808359

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 03:22:10 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 319
server: Lego Server
age: 1018970
etag: W/"PSA-aj-wjZq0flWx2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1024335
x-nws-log-uuid: 10576144196751767182
accept-ranges: bytes
content-length: 239
expires: Tue, 27 Jun 2023 04:51:36 GMT

GET
H2 200 2466d17da40262d78469.css
s.isanook.com/sr/0/_next/static/css/ 42 KB
9 KB 1197ms
30ms Stylesheet
text/css 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/css/2466d17da40262d78469.css
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b7f07c9706cebd204611cc45f8401c546ee69e1292421463cd5f081a368e43ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 02:32:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 05 Jul 2023 02:26:11 GMT
server: Lego Server
age: 1
etag: W/"64a4d4c3-a6d3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17338754897892337774
accept-ranges: bytes
content-length: 9195
expires: Fri, 04 Aug 2023 02:32:24 GMT

GET
H2 200 webpack-1264b6ec6a181bc9eb3f.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
5 KB 1028ms
60ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/webpack-1264b6ec6a181bc9eb3f.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8bc88e26013cef1ce84cb63b1a64df1f4a4b7b60ecec0cdc4030e59b8137c116

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 02:36:29 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:31 GMT
server: Lego Server
age: 0
etag: W/"64b0b30b-2385"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 15716800404058201318
accept-ranges: bytes
content-length: 4550
expires: Sun, 13 Aug 2023 02:36:29 GMT

GET
H2 200 framework-bccd505f411f10b308c7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 147 KB
45 KB 1028ms
60ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/framework-bccd505f411f10b308c7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 23:35:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 150360
server: Lego Server
age: 1608642
etag: W/"647effdc-24b58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 3047512692510061470
accept-ranges: bytes
content-length: 45781
expires: Thu, 06 Jul 2023 23:35:46 GMT

GET
H2 200 main-6fc29b940dae36eaf931.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 75 KB
24 KB 1029ms
61ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/main-6fc29b940dae36eaf931.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 07:31:47 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 29 Jun 2023 07:22:23 GMT
server: Lego Server
age: 2
etag: W/"649d312f-12ae6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17148466137719227130
accept-ranges: bytes
content-length: 24851
expires: Thu, 29 Jun 2023 07:31:56 GMT

GET
H2 200 _app-40e1c708b7e473568acd.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/ 552 KB
158 KB 1027ms
60ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-40e1c708b7e473568acd.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6d72060c52be9a515cbe1615fcc35fec3143dcabe1ef2441ae13fb95c5f4f2e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 02:36:29 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:32 GMT
server: Lego Server
age: 0
etag: W/"64b0b30c-8a049"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 14119259250945182888
accept-ranges: bytes
content-length: 161876
expires: Sun, 13 Aug 2023 02:36:29 GMT

GET
H2 200 7918-3bbc8a6036bbcdb09d83.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
8 KB 67ms
59ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7918-3bbc8a6036bbcdb09d83.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8acb5c888f88d9948d9729db88e737b9dd92ae3653dd11557aa286a55eeaeb09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:45:50 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 0
etag: "64950480-7567"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 3054141803287174875
accept-ranges: bytes
content-length: 7717
expires: Wed, 26 Jul 2023 07:45:50 GMT

GET
H2 200 8229-a3ffb213d38ea4b85bad.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 29 KB
7 KB 66ms
59ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/8229-a3ffb213d38ea4b85bad.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 03:46:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:35 GMT
server: Lego Server
age: 0
etag: W/"649a498f-7506"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1211295914886305283
accept-ranges: bytes
content-length: 6889
expires: Thu, 27 Jul 2023 03:46:46 GMT

GET
H2 200 9669-b56602280eb9384c191d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 13 KB
5 KB 66ms
60ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9669-b56602280eb9384c191d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 08:04:34 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:35 GMT
server: Lego Server
age: 0
etag: W/"649a498f-35e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 4246296943709568869
accept-ranges: bytes
content-length: 4817
expires: Thu, 27 Jul 2023 08:04:34 GMT

GET
H2 200 1354-e6e263fd45386d27bc3d.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 50 KB
17 KB 66ms
60ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1354-e6e263fd45386d27bc3d.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 00:45:24 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-c680"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 17702284306391223798
accept-ranges: bytes
content-length: 17204
expires: Thu, 27 Jul 2023 00:45:24 GMT

GET
H2 200 2962-603a28e62dde6ed2aedb.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
3 KB 66ms
60ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2962-603a28e62dde6ed2aedb.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:45:50 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-2ebe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 8422914341865309380
accept-ranges: bytes
content-length: 2738
expires: Wed, 26 Jul 2023 07:45:50 GMT

GET
H2 200 9047-2d652cafc35943e20d62.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
5 KB 66ms
60ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9047-2d652cafc35943e20d62.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 04:45:09 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 737101
etag: W/"648a7d31-38a5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 12567708883107029514
accept-ranges: bytes
content-length: 4567
expires: Sun, 18 Jun 2023 16:00:19 GMT

GET
H2 200 3253-079293c535abc2a452b6.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 22 KB
7 KB 67ms
61ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3253-079293c535abc2a452b6.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 07:03:11 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:36 GMT
server: Lego Server
age: 0
etag: W/"649a4990-57ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 16436087266053003711
accept-ranges: bytes
content-length: 6665
expires: Thu, 27 Jul 2023 07:03:11 GMT

GET
H2 200 1350-ccbe2b949cfdea577ff1.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
5 KB 67ms
61ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1350-ccbe2b949cfdea577ff1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 14:49:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Thu, 15 Jun 2023 02:53:37 GMT
server: Lego Server
age: 530088
etag: W/"648a7d31-3614"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 14879559523962311321
accept-ranges: bytes
content-length: 4649
expires: Tue, 20 Jun 2023 11:35:09 GMT

GET
H2 200 1216-75cdf64a6bee3b4a0f08.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 7 KB
3 KB 67ms
61ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1216-75cdf64a6bee3b4a0f08.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 15:24:43 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 0
etag: W/"64950480-1ad7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 11585163308716821282
accept-ranges: bytes
content-length: 2537
expires: Tue, 25 Jul 2023 15:24:43 GMT

GET
H2 200 617-5cad0d06573dab8c8b0a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
5 KB 98ms
92ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/617-5cad0d06573dab8c8b0a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:58:11 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 0
etag: W/"64950480-3fa3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1931159756807135882
accept-ranges: bytes
content-length: 4725
expires: Wed, 26 Jul 2023 16:58:11 GMT

GET
H2 200 3051-bf42533dcd722fe36384.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 82 KB
26 KB 98ms
92ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3051-bf42533dcd722fe36384.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 02:57:31 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 84332
server: Lego Server
age: 0
etag: W/"64a23723-1496c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 3356352828126387356
accept-ranges: bytes
content-length: 26699
expires: Wed, 02 Aug 2023 02:57:31 GMT

GET
H2 200 5616-5f8425f3631c502b5b56.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 9 KB
3 KB 98ms
93ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5616-5f8425f3631c502b5b56.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 04:37:59 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 9072
server: Lego Server
age: 2476750
etag: W/"647072d2-2370"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 2997480520032853041
accept-ranges: bytes
content-length: 3074
expires: Wed, 28 Jun 2023 12:36:02 GMT

GET
H2 200 6066-d50250a536141f89d39a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 37 KB
10 KB 98ms
92ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6066-d50250a536141f89d39a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 14:21:58 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-95e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7892959969805572030
accept-ranges: bytes
content-length: 9981
expires: Mon, 26 Jun 2023 14:22:09 GMT

GET
H2 200 6394-9d75fe0634e8f8d312de.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 5 KB
2 KB 99ms
93ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/6394-9d75fe0634e8f8d312de.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6fd14c4f026b06f579fb9a453c01c19865421bbeb3efa399ab3cc9f1557b327d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 08:11:02 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 28 Apr 2023 05:28:32 GMT
server: Lego Server
age: 0
etag: W/"644b5980-1242"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 1897117582025843763
accept-ranges: bytes
content-length: 2147
expires: Fri, 30 Jun 2023 08:11:13 GMT

GET
H2 200 5311-b8cc675d0a8702e01b54.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 204 KB
32 KB 100ms
94ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5311-b8cc675d0a8702e01b54.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: df717b10ddeb15f06ae868f361d169961c86c803cfe1e98d5b1cebe3a3a22eae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 02:32:25 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 05 Jul 2023 02:26:10 GMT
server: Lego Server
age: 0
etag: W/"64a4d4c2-33180"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 9064947350266238492
accept-ranges: bytes
content-length: 32740
expires: Fri, 04 Aug 2023 02:32:25 GMT

GET
H2 200 2996-02c93ea9f8ef187330a7.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 92 KB
17 KB 99ms
94ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2996-02c93ea9f8ef187330a7.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 535499bf25b6a149637ce611286da6239dee803fda1191102371595c8d23d63e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 03:25:48 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Mon, 03 Jul 2023 02:49:06 GMT
server: Lego Server
age: 0
etag: W/"64a23722-16f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6974599009043414116
accept-ranges: bytes
content-length: 16728
expires: Wed, 02 Aug 2023 03:25:48 GMT

GET
H2 200 7263-a144dab9798f38f3f5c6.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 200 KB
44 KB 99ms
93ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7263-a144dab9798f38f3f5c6.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7b16892944693b726b546079861ead3df8a626a8af2df606a9cbc919c274bc10

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 02:36:29 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:31 GMT
server: Lego Server
age: 0
etag: W/"64b0b30b-321e5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4602954001485989644
accept-ranges: bytes
content-length: 45180
expires: Fri, 14 Jul 2023 02:36:40 GMT

GET
H2 200 3316-c2db2abb0c275a7040e2.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 18 KB
5 KB 99ms
93ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/3316-c2db2abb0c275a7040e2.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 02:51:27 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:36 GMT
server: Lego Server
age: 0
etag: W/"64950480-4663"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15120104236233950622
accept-ranges: bytes
content-length: 4488
expires: Wed, 26 Jul 2023 02:51:28 GMT

GET
H2 200 5269-1d0561d680f1a96c6cdf.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 239 KB
23 KB 99ms
93ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/5269-1d0561d680f1a96c6cdf.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: f3d9ef2604c7f5133d7096b134f0c873884577caf93cf6bc16833050afea301d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 08:04:34 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:36 GMT
server: Lego Server
age: 0
etag: W/"649a4990-3bb4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 11261425247894280523
accept-ranges: bytes
content-length: 23620
expires: Thu, 27 Jul 2023 08:04:34 GMT

GET
H2 200 2182-c812998b9bfd40b7bc57.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
3 KB 99ms
94ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2182-c812998b9bfd40b7bc57.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9ccdbec9e927128d190882fdc2b16952ae59a95bfe6f179416ecd98d4aeef7ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 23:07:43 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: W/"6495047f-39ae"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 6622716966875374434
accept-ranges: bytes
content-length: 3109
expires: Tue, 25 Jul 2023 23:07:43 GMT

GET
H2 200 7634-9c48588a06a20cc2cfaa.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 14 KB
3 KB 100ms
94ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/7634-9c48588a06a20cc2cfaa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 696ebff2f6fb069f9f94ffe87bf3afc534a4dc68dee592c312549170a6e0e9d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 07:45:56 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:35 GMT
server: Lego Server
age: 0
etag: "6495047f-371e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 6654358786542805400
accept-ranges: bytes
content-length: 2599
expires: Wed, 26 Jul 2023 07:45:56 GMT

GET
H2 200 9063-2e4030278330f44c6889.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 12 KB
4 KB 100ms
94ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/9063-2e4030278330f44c6889.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d89283684cb24ba91c98a1770227e73387eac767ceda63637a7264d77bd5f462

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 06:43:52 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 11926
server: Lego Server
age: 0
etag: W/"64a4fb14-2e96"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 3542395823445229453
accept-ranges: bytes
content-length: 3787
expires: Fri, 04 Aug 2023 06:43:52 GMT

GET
H2 200 2511-62bbd9193827fbf1398a.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 16 KB
3 KB 100ms
95ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2511-62bbd9193827fbf1398a.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 691d114327be68dbc2bdb308e1e90c090f997ab883293781706f47dcfbfbe85e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 02:58:11 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 16100
server: Lego Server
age: 0
etag: W/"64a23723-3ee4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 15947206537852952000
accept-ranges: bytes
content-length: 3108
expires: Wed, 02 Aug 2023 02:58:11 GMT

GET
H2 200 2820-42cb5f15989e8b325524.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 15 KB
4 KB 106ms
101ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/2820-42cb5f15989e8b325524.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 93eb2558997c67e86a9031b77b19cf035a5c3c96c00c8e96d76a5c772d73b4eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 07:04:04 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 31 May 2023 02:47:16 GMT
server: Lego Server
age: 2346762
etag: W/"6476b534-3a84"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 11420974382881568322
accept-ranges: bytes
content-length: 3600
expires: Fri, 30 Jun 2023 03:11:23 GMT

GET
H2 200 1116-edb90c105fa3b3f24692.js Show response
s.isanook.com/sr/0/_next/static/chunks/ 39 KB
9 KB 107ms
102ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/1116-edb90c105fa3b3f24692.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: e8672b51d74f3e9356e66760704282c9e176c4d00eb900c78390e31837ae5fd6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 13:20:58 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
x-original-content-length: 40222
server: Lego Server
age: 1593405
etag: W/"64813ef5-9d1e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-nws-log-uuid: 16128801563717049385
accept-ranges: bytes
content-length: 8873
expires: Sat, 08 Jul 2023 02:42:47 GMT

GET
H2 200 firstpage-e1713323ebf4ef118ce1.js Show response
s.isanook.com/sr/0/_next/static/chunks/pages/common/ 285 KB
49 KB 107ms
101ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/common/firstpage-e1713323ebf4ef118ce1.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c6cdae0503d1325814118b921d15798941694c9436533a1dd4ba366d81183f99

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 02:36:35 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:31 GMT
server: Lego Server
age: 0
etag: W/"64b0b30b-473fe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 4552484852927144594
accept-ranges: bytes
content-length: 49513
expires: Sun, 13 Aug 2023 02:36:35 GMT

GET
H2 200 _buildManifest.js Show response
s.isanook.com/sr/0/_next/static/HLvYPMtzlgg2xVKXXVqPl/ 23 KB
7 KB 107ms
102ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/HLvYPMtzlgg2xVKXXVqPl/_buildManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 053375c538674c061b4f65450333ad1ea6a60bd1d7e2110b3cc43a8a0198d2a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 02:36:22 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:30 GMT
server: Lego Server
age: 0
etag: W/"64b0b30a-5c28"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 15511502847567374672
accept-ranges: bytes
content-length: 6476
expires: Sun, 13 Aug 2023 02:36:22 GMT

GET
H2 200 _ssgManifest.js Show response
s.isanook.com/sr/0/_next/static/HLvYPMtzlgg2xVKXXVqPl/ 77 B
264 B 115ms
110ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/_next/static/HLvYPMtzlgg2xVKXXVqPl/_ssgManifest.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 02:36:28 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:30 GMT
server: Lego Server
age: 0
etag: "64b0b30a-4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 18292262378199965494
accept-ranges: bytes
content-length: 77
expires: Sun, 13 Aug 2023 02:36:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 266 KB
86 KB 140ms
62ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85b43b72140bb32ba40727e447915be95dc992134109decb73f73d269703b5ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87584
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Jul 2023 11:39:19 GMT

GET
H2 200 d0004449.js Show response
lvs2.truehits.in.th/dataa/ 9 KB
9 KB 1035ms
208ms Script
application/x-javascript 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 60ab4f954e7743bffc67eb6abb6a58fec4291a0b0ff21e1b1efa57bbf8b939fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:20 GMT
last-modified: Thu, 20 Jul 2023 07:02:00 GMT
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
content-type: application/x-javascript
cache-control: max-age=604800
content-length: 8719
expires: Fri, 28 Jul 2023 11:39:20 GMT

GET
H/1.1 200
OK a102.js Show response
sal.isanook.com/js/ 23 KB
10 KB 1766ms
211ms Script
application/javascript 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/js/a102.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 11:39:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Aug 2020 09:23:14 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 20 Aug 2023 11:39:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 102ms
34ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e237cfb5b51efd58bf08a6d1cf3f4e49c2ce2e595ef16c2060aa6cb4d966fb3a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jul 2023 11:39:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46990
x-xss-protection: 0
pragma: public
x-fb-debug: p0YT/QlqTjAjpxYpuEx4WlU0uWiRR0a0TZD2rhl0QlKfwk+ucK5xAkXK3uOJGWLo9WcFDy7GJrWHEQkIFgf4wg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ht.js Show response
sdk.ocmhood.com/sdk/ 29 KB
12 KB 123ms
63ms Script
application/javascript 2606:4700:20::681a:6e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/webpush/publishers/1011713/taboola-push-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Jul 2023 09:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ba515c-2e63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prahUiYGeU65PZOf2pCLpEo8h8Tr0I3CgYPmx4hzdGmAmc2qlumtLe1n7%2FcRNx81sHHLzfXDtUzS7r3AxiKnKEwMHo0T7pS3EiGXpuHIiuZaEo5LqwSgLwcqee7uLdCFUYXTbd%2BNwYGHA3U3bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7ea329abc92fdd72-LHR
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /

GET
H2 200 spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 43 B
198 B 459ms
30ms Image
image/gif 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 12:27:22 GMT
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
etag: "4d5107cb-2b"
vary: Accept-Encoding
content-type: image/gif
x-nws-log-uuid: 11393916762962472322
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Jul 2023 12:27:22 GMT

GET
H2 200 ic-lotto.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 3 KB
3 KB 697ms
32ms Image
image/png 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/ic-lotto.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 11:42:12 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:52 GMT
server: Lego Server
age: 0
etag: "64950490-b1f"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 9784305002248201750
accept-ranges: bytes
content-length: 2847

GET
H2 200 joox.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 1 KB
762 B 695ms
30ms Image
image/svg+xml 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/joox.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 07:03:46 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:46 GMT
server: Lego Server
age: 0
etag: W/"649a499a-4e7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 7689454232486495824
accept-ranges: bytes
content-length: 548
expires: Thu, 27 Jul 2023 07:03:46 GMT

GET
H2 200 wetv.svg
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 7 KB
2 KB 696ms
30ms Image
image/svg+xml 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wetv.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:53 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:46 GMT
server: Lego Server
age: 0
etag: W/"649a499a-1a5b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 6538513747159048616
accept-ranges: bytes
content-length: 1827
expires: Thu, 27 Jul 2023 06:55:53 GMT

GET
H2 200 wecomics-d.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 3 KB
3 KB 697ms
32ms Image
image/png 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/wecomics-d.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 09:27:32 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:46 GMT
server: Lego Server
age: 0
etag: "649a499a-bec"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 1399459642880970864
accept-ranges: bytes
content-length: 3052

GET
H2 200 pubg.png
s.isanook.com/sr/0/images/firstpage/desktop/icons/ 2 KB
2 KB 699ms
34ms Image
image/png 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/firstpage/desktop/icons/pubg.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 20:55:48 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:52 GMT
server: Lego Server
age: 0
etag: "64950490-8c6"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 8443481096384390739
accept-ranges: bytes
content-length: 2246

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/380/1902605/ 35 KB
36 KB 698ms
33ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902605/tagline-template-update-april.jpg?ip/crop/w555h333/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

bc44581cf7fecf1d46dfbd0474fce7d3dbc8315eaf90aab3aa50751e60ce5ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:22:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 6256244745484138866
accept-ranges: bytes
content-length: 36298

GET
H2 200 vv(1).jpg
s.isanook.com/fi/0/fp/380/1902393/ 13 KB
13 KB 699ms
33ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902393/vv(1).jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

6b5c31bb43ebf2ad8c7dd800319227d1138e990778c011a2f6285fb7407f88c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 03:19:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 11209521010110069384
accept-ranges: bytes
content-length: 13100

GET
H2 200 f.jpg
s.isanook.com/fi/0/fp/380/1902553/ 7 KB
7 KB 66ms
62ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902553/f.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

ec0b5b53e3a623e222e8a77be302d528e72de4bf4b79cb1d5f4bf3257db9d2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:10:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 10943874000744778007
accept-ranges: bytes
content-length: 6862

GET
H2 200 penis.jpg
s.isanook.com/fi/0/fp/380/1902521/ 10 KB
10 KB 66ms
62ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902521/penis.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

aef8500012c78812c36aaa40a0aa20a35b5be54afcea9c2156a91036cc2c94e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:10:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 2191540567336261438
accept-ranges: bytes
content-length: 10216

GET
H2 200 tagline-template-update(7).jpg
s.isanook.com/fi/0/fp/380/1902417/ 13 KB
13 KB 67ms
62ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902417/tagline-template-update(7).jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

503c0cb24eb60b02255937d291d658062dde41620da822900dea10d989d10c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:10:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 13896966591515204567
accept-ranges: bytes
content-length: 13209

GET
H2 200 i.jpg
s.isanook.com/fi/0/fp/380/1902321/ 6 KB
6 KB 68ms
63ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902321/i.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

1e6ed261e5f7029eb2f8353da6c6c19f6800be2108cac86bf6e92a78af7ab16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:18:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 15927599943579262436
accept-ranges: bytes
content-length: 5811

GET
H2 200 wow.jpg
s.isanook.com/fi/0/fp/380/1902601/ 4 KB
4 KB 67ms
62ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902601/wow.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

e33e3c96fca28ef2ec5971f9af31e934cdd14e0ef723fb5ffde39b679b174c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:13:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 6157805941959867633
accept-ranges: bytes
content-length: 3945

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/380/1902661/ 5 KB
5 KB 67ms
62ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902661/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d18f8eec648c72c51e02afa4755f5b7f6bf94ae6a20f4003ffa7e5365e5f25b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:17:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 16810404154175181328
accept-ranges: bytes
content-length: 5147

GET
H2 200 eyeglasses_1567425639.jpg
s.isanook.com/fi/0/fp/256/1282297/ 3 KB
3 KB 67ms
62ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/256/1282297/eyeglasses_1567425639.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

3088fa2d4cd08551ee70af003fb1ee35a2bc77f7a9c395eadb0bca8a4e4387d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:08:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 3553501847282716432
accept-ranges: bytes
content-length: 3278

GET
H2 200 3.jpg
s.isanook.com/fi/0/fp/380/1902573/ 6 KB
6 KB 67ms
63ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902573/3.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

6c0128a553f251b6d2d33303e0eb175ee5ed5d867331a9df30d471408fd87f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 07:09:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 100
content-type: image/jpg
x-nws-log-uuid: 7637464278537429082
accept-ranges: bytes
content-length: 5732

GET
H2 200 honkai-star-rail-code-version.jpg
s.isanook.com/fi/0/fp/380/1902513/ 6 KB
6 KB 67ms
63ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902513/honkai-star-rail-code-version.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

4e60297f05db0014c89a7484aa3081711da0900f9dfc72836b64433afcbedac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:13:51 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 3153879789914516506
accept-ranges: bytes
content-length: 6472

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/380/1902589/ 4 KB
4 KB 68ms
63ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902589/tagline-template-update-april.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

d345d41ea4be8addbc7626f46354ec989c913319f267dc0be150af708e9d0878

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:10:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 203358339620592186
accept-ranges: bytes
content-length: 3840

GET
H2 200 gundam.jpg
s.isanook.com/fi/0/fp/329/1646093/ 5 KB
5 KB 68ms
63ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/329/1646093/gundam.jpg?ip/crop/w172h97/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

1c1c7761ec06eb4da3558ace2e9eaf0d963fdcedc7875307521e58236c129d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:03:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 16997536593879759551
accept-ranges: bytes
content-length: 5440

GET
H2 200 oppa.js Show response
p3.isanook.com/sh/0/js/ 537 B
590 B 370ms
29ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/sh/0/js/oppa.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 16:32:05 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Wed, 17 May 2017 08:37:40 GMT
server: Lego Server
age: 64603
etag: "591c0bd4-219"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
x-nws-log-uuid: 7531753157850747046
accept-ranges: bytes
content-length: 363
expires: Mon, 24 Jul 2023 16:32:05 GMT

GET
H2 200 logo-sanook-n.svg
s.isanook.com/sr/0/images/ 11 KB
4 KB 696ms
30ms Image
image/svg+xml 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/logo-sanook-n.svg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 07:27:28 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:49 GMT
server: Lego Server
age: 0
etag: W/"649a499d-2b18"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 2253573090910118538
accept-ranges: bytes
content-length: 4394
expires: Thu, 27 Jul 2023 07:27:28 GMT

GET
H2 200 prompt-regular-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
51 KB 812ms
30ms Font
font/woff2 43.175.22.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-regular-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.175.22.45 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:07:41 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:39 GMT
server: Lego Server
age: 0
etag: "64950483-c8dc"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 3939110117778543703
accept-ranges: bytes
content-length: 51420
expires: Wed, 26 Jul 2023 16:07:41 GMT

GET
H2 200 SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
31 KB 810ms
31ms Font
font/woff2 43.175.22.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.175.22.45 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 15:01:28 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:40 GMT
server: Lego Server
age: 0
etag: "64950484-7a90"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 2667682986320730142
accept-ranges: bytes
content-length: 31376
expires: Wed, 26 Jul 2023 15:01:28 GMT

GET
H2 200 prompt-bold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 52 KB
52 KB 810ms
31ms Font
font/woff2 43.175.22.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-bold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.175.22.45 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 05:17:58 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:39 GMT
server: Lego Server
age: 0
etag: "649a4993-cf40"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 15276314408899591496
accept-ranges: bytes
content-length: 53056
expires: Thu, 27 Jul 2023 05:17:58 GMT

GET
H2 200 prompt-semibold-webfont.woff2
s.isanook.com/sr/0/fonts/prompt/ 50 KB
51 KB 875ms
97ms Font
font/woff2 43.175.22.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/prompt/prompt-semibold-webfont.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.175.22.45 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 03:03:50 GMT
x-cache-lookup: Cache Hit
last-modified: Tue, 27 Jun 2023 02:29:39 GMT
server: Lego Server
age: 0
etag: "649a4993-c930"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 13647447258269338768
accept-ranges: bytes
content-length: 51504
expires: Thu, 27 Jul 2023 03:03:50 GMT

GET
H2 200 SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 31 KB
32 KB 810ms
32ms Font
font/woff2 43.175.22.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.175.22.45 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 10:30:09 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:40 GMT
server: Lego Server
age: 0
etag: "64950484-7df4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 9279476079480568921
accept-ranges: bytes
content-length: 32244
expires: Wed, 26 Jul 2023 10:30:09 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 126 KB
49 KB 164ms
60ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39b7ee41871a555d5426dc4550f88e0a5495ccad79d581abe05a7b2c38b76f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 11:39:20 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1007499765/ 3 KB
2 KB 174ms
79ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1007499765/?random=1689939560138&cv=11&fst=1689939560138&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&bttype=purchase&auid=1406557898.1689939560&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

a747e4e59e47f9fd2483a07dad6ee91341062e3e8c7fc41852681ad89c3a9087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1676
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 3 KB
2 KB 150ms
72ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1689939560145&cv=11&fst=1689939560145&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=1406557898.1689939560&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcfaf18be1af962cc457ee0c00465dde9d5db7865a3922022ef23be26c432214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1356
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1489944661112333 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 274ms
273ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1489944661112333?v=next&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1ae202d99bb752cc6451e1d02bac7d3e5a8b4d90542caa34b6535f2dd2efb45

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Jul 2023 11:39:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 3lMZ52LO41N/ouZW+fPd5ICxmfR4Htw7sM1abLHlEhXcQwNcG9cvyTRfg0qQ1h7TNhaDhQWQwHYqBaNWW4UJ+A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js Show response
cdn.ocmtag.com/tag/ 191 B
689 B 112ms
37ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ocmtag.com/tag/NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL.js
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5299
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /
last-modified: Thu, 27 Apr 2023 11:52:10 GMT
server: cloudflare
etag: W/"644a61ea-bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvu6Mz4GEui50%2BkdZsBwH0GGCKlVGsPvA2u%2B5R0DacFuH7FGQmkHnefkRN5qo7bEw2rIlsA9QXsCVYFMzpvnFXmVa7KYh0W1EpileJlaKnus8V6h1qLJKsztfURUsqu0D4kUVSTkq2fVXpGeQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7ea329affd1e23f6-LHR

GET
H2 204 /
beacon.taboola.com/ 0
159 B 34ms
21ms Image
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=ask&features=adblock
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600077-LCY
date: Fri, 21 Jul 2023 11:39:20 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1689939561.942644,VS0,VE0
access-control-allow-methods: GET, POST
content-type
x-cache: HIT
cache-control: private, no-store
access-control-allow-credentials: true
accept-ranges: bytes
retry-after: 0
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 106ms
34ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1689939560572&sw=1600&sh=1200&v=next&r=stable&ec=0&o=30&fbp=fb.1.1689939560571.1395776728&it=1689939560246&coo=false&rqm=GET

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Jul 2023 11:39:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 8 KB
4 KB 127ms
41ms Script
application/javascript 108.138.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 125bae6d5c0255748d46352540c62c2907721067fb829fdf55646824f1517590

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:48:14 GMT
content-encoding: gzip
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 14:46:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 75143
x-amz-server-side-encryption: AES256
etag: W/"478ff7d954cc355359ddc496dde10f4a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: uEIfHP41y_sNlY6baGn0_dbQQwWiXLzxFBbchKGDppKcQFK6Opoerw==

GET
H/1.1 200
OK container_57b51f2f1c51b15b6d1e8553.js Show response
avd.innity.net/225/ 8 KB
4 KB 179ms
50ms Script
application/javascript 23.75.64.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.75.64.175 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-64-175.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Unused62: 8096267
Date: Fri, 21 Jul 2023 11:39:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 08:27:45 GMT
Server: nginx/1.18.0
ETag: "5f48c001-20eb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=622567
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3222
Expires: Fri, 28 Jul 2023 16:35:28 GMT

GET
H2 200 base-icon-v1.0.46.woff2
s.isanook.com/sr/0/fonts/icon/ 40 KB
40 KB 45ms
31ms Font
font/woff2 43.175.22.45
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.46.woff2
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.175.22.45 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 33bae8a9b9507c2b7121eee535d21afcb6e66be73d082d127d54c6b3f1135ffe

Request headers

Referer: https://www.sanook.com/
Origin: https://www.sanook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 02:32:26 GMT
x-cache-lookup: Cache Hit
last-modified: Wed, 05 Jul 2023 02:26:14 GMT
server: Lego Server
age: 0
etag: "64a4d4c6-9e18"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-nws-log-uuid: 16663216556139979273
accept-ranges: bytes
content-length: 40472
expires: Fri, 04 Aug 2023 02:32:26 GMT

GET
H2 200 goggen.php
lvs2.truehits.in.th/ 91 B
292 B 211ms
210ms Image
image/jpeg 203.154.58.214
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=1BWxVj0s6Ywi6xJ/Q0HWUw%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=30804A78.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.154.58.214 , Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 203-154-58-214.northern.inet.co.th
Software: nginx/1.23.3 /
Resource Hash: 44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/jpeg
pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx/1.23.3
p3p: CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 2 MB
238 KB 126ms
39ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 90dc8ea5f4689b21cfb8a0a192e3e017aa6d81ba6eaa93d00b17db3efcbd4121

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:21 GMT
content-encoding: gzip
last-modified: Tue, 30 May 2023 09:15:23 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=31192
accept-ranges: bytes
content-length: 243421
expires: Fri, 21 Jul 2023 20:19:13 GMT

GET
H2 200 hub.html Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 1EA9 236 B
415 B 422ms
422ms Document
text/html 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by: Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-40e1c708b7e473568acd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1832618
cache-control: no-cache, max-age=0
content-length: 236
content-type: text/html
date: Fri, 30 Jun 2023 06:35:42 GMT
server: Lego Server
vary: Accept-Encoding
x-cache-lookup: Cache Miss Cache Miss
x-nws-log-uuid: 8131478297486810027
x-page-speed: 1.11.33.4-0

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 944ms
217ms Preflight 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22hotnews%22%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902605%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902405%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902701%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902665%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902337%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902393%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902553%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902521%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902417%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902321%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902601%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902661%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1282297%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902573%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1646093%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Fri, 21 Jul 2023 11:39:22 GMT
G-API-Cache-Status: BYPASS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: Origin

OPTIONS
H/1.1 204
No Content /
graph.sanook.com/ Frame 0
0 945ms
217ms Preflight 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902605%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902405%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902701%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902665%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902337%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902393%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902553%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902521%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902417%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902321%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902601%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902661%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1282297%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902573%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1646093%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Max-Age: 300
Connection: keep-alive
Date: Fri, 21 Jul 2023 11:39:22 GMT
G-API-Cache-Status: BYPASS
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Vary: Origin

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 127 KB
41 KB 162ms
162ms Script
text/javascript 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-40e1c708b7e473568acd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

cfe5353a092600c0a14d95620f3dc6609bef7a0d3ea9a50d6bb4be26ecd33c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-1fa57"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jul 2023 11:39:21 GMT

GET
H2 200 cookiepolicy.png
s.isanook.com/sr/0/images/ 17 KB
17 KB 31ms
31ms Image
image/png 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/cookiepolicy.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 00:39:22 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 23 Jun 2023 02:33:50 GMT
server: Lego Server
age: 0
etag: "6495048e-428b"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 14804656304781566955
accept-ranges: bytes
content-length: 17035

GET
H/1.1 200
OK sanook_trend Show response
sloth-api.sanook.com/api/ 775 B
1 KB 2531ms
219ms XHR
application/json 61.91.93.46
TRUEINTERNET-AS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://sloth-api.sanook.com/api/sanook_trend?channel=all&t=469427
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 61.91.93.46 Bangkok, Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS: 61-91-93-46.static.asianet.co.th
Software: nginx / Express
Resource Hash: 149ee5e20d73852c879236b861c19bf99cd6548d4772672d0ed518eaee06509a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

X-Response-Time: 4.168ms
Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"307-K7uCZO8ufKTVey9amjLY/o67ndQ"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Content-Length: 775
Expires: Sun, 20 Aug 2023 11:39:23 GMT

GET
H2 200 title-nominee.png
s.isanook.com/sr/0/images/events/2023/hbdproject/september/desktop/ 67 KB
67 KB 29ms
29ms Image
image/png 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/events/2023/hbdproject/september/desktop/title-nominee.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 177869e84a42777b6a2f264d8ab7c7ee8050f0bd2a41e3aa727bbb35af89e4a2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 17:41:02 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:37 GMT
server: Lego Server
age: 0
etag: "64b0b311-10c2d"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 10637117092490420646
accept-ranges: bytes
content-length: 68653

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 6 KB
2 KB 469ms
468ms Fetch
application/json 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-40e1c708b7e473568acd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

1db8ec0cab6099607f77fd5fd4eb0f03cf86f8b07236cb2755eb47903cbd587d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
content-type: application/json

Response headers

Date: Fri, 21 Jul 2023 11:39:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Server: nginx
ETag: W/"19be-f5ZGDqndlrrTGPyOZ3J9vHipVhY"
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
G-API-Cache-Status: HIT
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization

GET
H/1.1 200
OK / Show response
graph.sanook.com/ 6 KB
2 KB 422ms
421ms Fetch
application/json 203.151.128.172
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.sanook.com/?operationName=getFirstpageLatestEntryConnection&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22categorySlugs%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22slugs%22%3A%5B%22ch-entertain%22%5D%7D%5D%2C%22first%22%3A4%2C%22excludeEntries%22%3A%5B%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902605%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902405%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902701%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902665%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902337%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902393%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902553%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902521%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902417%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902321%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902601%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902661%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1282297%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902573%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902513%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1902589%7D%2C%7B%22type%22%3A%22content%22%2C%22channel%22%3A%22firstpage%22%2C%22id%22%3A1646093%7D%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e838b992f7a7cc1c8b668a941703f23d86e1cac625b856a8370085b3e2cd253f%22%7D%7D

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/pages/_app-40e1c708b7e473568acd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

203.151.128.172 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),

Reverse DNS

172.128.151.203.sta.inet.co.th

Software

nginx /

Resource Hash

0673fd495a15111e5825988fd96fa81e42651caba6c3025aab672bb2351db48e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept: */*
Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
content-type: application/json

Response headers

Date: Fri, 21 Jul 2023 11:39:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains;
Server: nginx
ETag: W/"1820-0ovEEQ3Dbb6hDTNzQwgmxsE1Y2k"
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.sanook.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Credentials: true
G-API-Cache-Status: HIT
Connection: keep-alive
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,XNAME,Authorization

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0377 15 KB
6 KB 97ms
34ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:39:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 365796
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 btn-close.png
s.isanook.com/sr/0/images/events/2023/hbdproject/september/desktop/ 2 KB
2 KB 30ms
29ms Image
image/png 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/events/2023/hbdproject/september/desktop/btn-close.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 6245fcbdcfa07b8eb1cb9fd45b0d1d4d66891679116c2a02c6f95fe0237f54ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 17:41:02 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:37 GMT
server: Lego Server
age: 0
etag: "64b0b311-87d"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 10426547630098309375
accept-ranges: bytes
content-length: 2173

GET
H2 200 bg-nominee.png
s.isanook.com/sr/0/images/events/2023/hbdproject/september/desktop/ 149 KB
150 KB 30ms
29ms Image
image/png 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/events/2023/hbdproject/september/desktop/bg-nominee.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 8e183be119b6987473a140cfdecd28e76e021f0e2c976a7941de4dcb1a4a46fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 17:41:01 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:38 GMT
server: Lego Server
age: 0
etag: "64b0b312-255da"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 6087081483251432579
accept-ranges: bytes
content-length: 153050

GET
H2 200 button.png
s.isanook.com/sr/0/images/events/2023/hbdproject/september/desktop/ 3 KB
4 KB 30ms
29ms Image
image/png 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.isanook.com/sr/0/images/events/2023/hbdproject/september/desktop/button.png
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 7a29389c763e1db437d92ff272e72ece49b8155a7b5335a4ad952fb7e16acd54

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 17:41:03 GMT
x-cache-lookup: Cache Hit
last-modified: Fri, 14 Jul 2023 02:29:38 GMT
server: Lego Server
age: 0
etag: "64b0b312-def"
content-type: image/png
cache-control: s-maxage=10
x-nws-log-uuid: 9303281207979092064
accept-ranges: bytes
content-length: 3567

GET
H2 200 /
www.google.com/pagead/1p-user-list/408516141/ 42 B
455 B 129ms
46ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/408516141/?random=1689939560145&cv=11&fst=1689937200000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&random=2582317935&rmt_tld=0&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/408516141/ 42 B
455 B 140ms
56ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/408516141/?random=1689939560145&cv=11&fst=1689937200000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&fmt=3&is_vtc=1&random=2582317935&rmt_tld=1&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.co.uk/pagead/1p-conversion/1007499765/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=94766284&cv=11&fst=1689939560138&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.s...
https://www.google.com/pagead/1p-conversion/1007499765/?random=94766284&cv=11&fst=1689939560138&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=Jx...
https://www.google.co.uk/pagead/1p-conversion/1007499765/?random=94766284&cv=11&fst=1689939560138&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=...

42 B
108 B

50ms
49ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/1007499765/?random=94766284&cv=11&fst=1689939560138&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1406557898.1689939560&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1M2dUNNM082VUhUQVFiN2dCN3k5LWkyX2lyd1A1Q3J2YTBWZkRQVk5ZZFlGQlEaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxNEFLN0lEQkRCd1gyUk83UWo5V2hkSzVpMTM5QUowajIyNHJpSmJLcWQyaGRra1N5WEhPbVkwZyITCM2f4rnbn4ADFRMMogMd9GgA9A&is_vtc=1&ocp_id=aG66ZM3LOJOYiM0P9NGBoA8&cid=CAQSKQBpAlJWovGJLStg1U4T4a_0cluNYtueoWAJTf0bomOwuBfa1rg_FisR&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMpfdpfoauJQ3emtvXEoTUDigooPbncm8Wg&random=2444241752&ipr=y

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.uk/pagead/1p-conversion/1007499765/?random=94766284&cv=11&fst=1689939560138&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.sanook.com%2F&label=JxFSCKqXqfMBEPXztOAD&hn=www.googleadservices.com&frm=0&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&value=0&auid=1406557898.1689939560&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5ub3BRWVFpdHl5dGRyYnlQMFlFaVlBZlRmY1M2dUNNM082VUhUQVFiN2dCN3k5LWkyX2lyd1A1Q3J2YTBWZkRQVk5ZZFlGQlEaWkNoRUk4Tm5vcFFZUTNmeWZ6cWEyNVkySkFSSXVBRGdGZzUxNEFLN0lEQkRCd1gyUk83UWo5V2hkSzVpMTM5QUowajIyNHJpSmJLcWQyaGRra1N5WEhPbVkwZyITCM2f4rnbn4ADFRMMogMd9GgA9A&is_vtc=1&ocp_id=aG66ZM3LOJOYiM0P9NGBoA8&cid=CAQSKQBpAlJWovGJLStg1U4T4a_0cluNYtueoWAJTf0bomOwuBfa1rg_FisR&eitems=ChEI8NnopQYQwOHX8YyI5fK9ARIdAGt3bMpfdpfoauJQ3emtvXEoTUDigooPbncm8Wg&random=2444241752&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 activity
t.ocmhood.com/v2/ 0
267 B 123ms
57ms Ping
application/octet-stream 2606:4700:20::681a:7e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.ocmhood.com/v2/activity
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 11:39:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5kojaLovHfVbk%2FWLXhSY2z%2FZLl16bsNK9ufuxj0vOAHOAAa9v8P7hli8EUaeHXAPYItO4pTW0HdmXN%2FdUAkZf%2BIq1Ph4lSTdRYtDvGdm8c2cDk0g2J1npYG3L0o3fOtx%2F87c0rk8SOMuKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 7ea329b31ec400a7-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Jul 2023 10:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3842
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 21 Jul 2023 12:35:19 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 6F4D 0
48 B 35ms
21ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.sanook.com
Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.sanook.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:39:21 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 activity
t.ocmhood.com/v2/ 0
438 B 71ms
52ms Ping
application/octet-stream 2606:4700:20::681a:7e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.ocmhood.com/v2/activity
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4seBuNQBnQjQ2C88xNDY4MjE0NjCL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 11:39:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Bkcih5yc2slTmkypEUYC8Uk%2BmCD3XaYAqiFC7riD%2Bv9JDdvdj%2FXhDLrGEdfN8TAR2cQ%2BAxqp0LCjT6ttPubzjJcNaelJdKkHV3Rp4COy4YLMDLAb%2F4mGFRb9nQ8kzk2rQyYQ%2Fg2TBhpSCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 7ea329b31ec700a7-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
82 KB 65ms
50ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=GTM-NBRLWV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa525f20d8f9843d2d68fdc3a6f0bbe651802c3546e7bad3b236877d0a61d1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83797
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 11:39:21 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=14617386&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689939561427&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B...
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689939561427&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%...

0
222 B

36ms
35ms

Image
text/plain

108.138.7.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689939561427&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 108.138.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-113.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:21 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: JKmvl7ag0mhZoq_1zxVHYvlN83OeL9cH02zjiupat6-aFA2b6p_r5Q==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 21 Jul 2023 11:39:21 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=14617386&cs_it=m9&cv=4.1.0%2B2306211052&ns__t=1689939561427&ns_c=UTF-8&c7=https%3A%2F%2Fwww.sanook.com%2F&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c9=
content-length: 0
x-amz-cf-id: 2wM3Z42g-bFtOas0G60HCrpS8avKyqTImQAkzJE4KCahaNBMxedHLw==

GET
H2 204 /
beacon.taboola.com/ 0
78 B 28ms
23ms Image
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.taboola.com/?cat=webpush&v=1.5&src=Sanook&event=cancel&features=adblock
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-served-by: cache-lcy-eglc8600077-LCY
date: Fri, 21 Jul 2023 11:39:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1689939561.448343,VS0,VE0
access-control-allow-methods: GET, POST
content-type
x-cache: HIT
cache-control: private, no-store
access-control-allow-credentials: true
accept-ranges: bytes
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK dc.js Show response
avd.innity.net/lib/ 20 KB
7 KB 199ms
197ms Script
application/javascript 23.75.64.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/lib/dc.js
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.75.64.175 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-64-175.deploy.static.akamaitechnologies.com
Software: nginx/1.20.2 /
Resource Hash: 0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 11:39:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Oct 2021 06:40:46 GMT
Server: nginx/1.20.2
ETag: "61725cee-5149-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1411961
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6407
Expires: Sun, 06 Aug 2023 19:52:02 GMT

GET
H/1.1 200
OK container_5f47736a47e7049801000002.js Show response
avd.innity.net/261/ 8 KB
3 KB 134ms
43ms Script
application/javascript 23.75.64.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.75.64.175 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-75-64-175.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Unused62: 8096267
Date: Fri, 21 Jul 2023 11:39:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 01:58:26 GMT
Server: nginx/1.18.0
ETag: "5f73e642-1eac-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1422680
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2870
Expires: Sun, 06 Aug 2023 22:50:41 GMT

GET
H2 200 floors.json Show response
ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/ 3 KB
824 B 104ms
35ms XHR
application/json 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/floors/155976/781/floors.json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f0b4e02ec77f44276a9c64328a2fbba2a2abbb5f1148e96bee2858dcfb31c933

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:21 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 03:33:01 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: application/json
cache-control: max-age=57240
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 423
expires: Sat, 22 Jul 2023 03:33:21 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 88 KB
28 KB 213ms
112ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e7559e0a186df6d87cb491a5deb7a6161347b8f1cf8804ebaaa3191945b01f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28580
x-xss-protection: 0
server: cafe
etag: 794 / 19559 / 31076240 / config-hash: 4616616588498368682
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 11:39:21 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0377
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=EH0oenxGQTZkd1JoWmxwSzRsNmtjQU52eGw1ZkRkQmVsQXFxbE40OGpLLzJwdHZqd2lTOXFNSW8xUXpwM085QlJCWUtWQVR2OUhTcmRCSk5RWHJGbzE4dXhCbk5LNGdHaHpiZ1ZySko0UU93aW5QVUlKK3M2SlgvbDZmSl...

415 B
644 B

112ms
31ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EH0oenxGQTZkd1JoWmxwSzRsNmtjQU52eGw1ZkRkQmVsQXFxbE40OGpLLzJwdHZqd2lTOXFNSW8xUXpwM085QlJCWUtWQVR2OUhTcmRCSk5RWHJGbzE4dXhCbk5LNGdHaHpiZ1ZySko0UU93aW5QVUlKK3M2SlgvbDZmSlo5UHFuRnBwTHkrK2E1U2R0Ty8xczkwUVlaTm5zcHR4MEZXQ1liWm9Vb3lTcGU0SzZFaVc0SDNZMHIrRER5cFRBTTAreWRqekZDWDcvOWUrOW44UEZKOHUwSCtWdG5KdFYveFoxOHVnK2ZtRWgrdWRPdytYeEIrcm51RTNBKzh3Wmk0THNkR0hWU2RFQXZna09pVVRaY1djRDhKZHBMdz09fA&cppv=2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

613e6fb1ee0686648a9cff52881352a6be3555d8c009fa0c38f8207302c59135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1238100
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:20 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=EH0oenxGQTZkd1JoWmxwSzRsNmtjQU52eGw1ZkRkQmVsQXFxbE40OGpLLzJwdHZqd2lTOXFNSW8xUXpwM085QlJCWUtWQVR2OUhTcmRCSk5RWHJGbzE4dXhCbk5LNGdHaHpiZ1ZySko0UU93aW5QVUlKK3M2SlgvbDZmSlo5UHFuRnBwTHkrK2E1U2R0Ty8xczkwUVlaTm5zcHR4MEZXQ1liWm9Vb3lTcGU0SzZFaVc0SDNZMHIrRER5cFRBTTAreWRqekZDWDcvOWUrOW44UEZKOHUwSCtWdG5KdFYveFoxOHVnK2ZtRWgrdWRPdytYeEIrcm51RTNBKzh3Wmk0THNkR0hWU2RFQXZna09pVVRaY1djRDhKZHBMdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 282258
content-length: 0
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 92ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=45je37j0&_p=647627798&_gaz=1&cid=1484123415.1689939562&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&sid=1689939561&sct=1&seg=0&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&en=page_view&_fv=1&_nsi=1&_ss=2&ep.user_session_id=1689939561381.foe8fat7&ep.content_channel=firstpage&ep.content_page_format=indexpage&ep.adblock_tracker=false&upn.user_login=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 96ms
28ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M0RYDTKBFK&cid=1484123415.1689939562&gtm=45je37j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 67ms
65ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M0RYDTKBFK&cid=1484123415.1689939562&gtm=45je37j0&aip=1&z=507185345

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
221 B 49ms
48ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=647627798&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAEK~&jid=1662670092&gjid=492247136&cid=1484123415.1689939562&tid=UA-8147095-6&_gid=1603819851.1689939562&_r=1&_slc=1&gtm=45He37j0n81PNXLXRS&cd4=0&cd12=1689939561383.xvk3pzr&cd22=firstpage&cd23=indexpage&cd43=0&z=1520262927

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK c
sal.isanook.com/sa/ 35 B
355 B 209ms
209ms Image
image/gif 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sal.isanook.com/sa/c?v=1&_v=j41&a=252193375&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=464640570.1689939562&tid=SA-8147095-6&cd4=0&cd8=b&z=1354677989
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:21 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
154 B 32ms
29ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-8147095-6&cid=1484123415.1689939562&jid=1662670092&gjid=492247136&_gid=1603819851.1689939562&_u=YADAAEAAQAAAACAEK~&z=1239133039

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Jul 2023 11:39:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
79 KB 54ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f249f23739c39a22b4780080912da4976dd8774392c77f0e4e97498f4574b4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jul 2023 11:39:21 GMT

GET
H/1.1 200
OK / Show response
avd.innity.com/dc/cb/ 59 B
707 B 853ms
288ms Script
application/javascript 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by: Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 86.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: e5f22abf2010cbb641b4b7d2b235bd0fe1ecae8a0257a9d494ead22f20d36085

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jul 2023 11:39:22 GMT
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 79
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 61ms
59ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=1484123415.1689939562&jid=1662670092&_u=YADAAEAAQAAAACAEK~&z=931541190

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 60ms
59ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-8147095-6&cid=1484123415.1689939562&jid=1662670092&_u=YADAAEAAQAAAACAEK~&z=931541190

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hub.js Show response
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 1EA9 8 KB
3 KB 29ms
29ms Script
application/javascript 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by: Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:12:31 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit
last-modified: Fri, 18 Nov 2016 04:14:33 GMT
server: Lego Server
age: 1031599
etag: "582e8029-1e6a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-nws-log-uuid: 9994291889328714580
accept-ranges: bytes
content-length: 2483
expires: Sat, 15 Jul 2023 08:12:31 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/ 385 KB
123 KB 115ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1779a49bc11620c55dd5424776fa1e5c44b5cdb705163555ef05afc54e9cde89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 00:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41948
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125056
x-xss-protection: 0
server: cafe
etag: 10096237036492005269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Jul 2024 00:00:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-17F0RQM2JW&gtm=45je37j0&_p=647627798&_gaz=1&ul=en-us&sr=1600x1200&cid=1484123415.1689939562&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sid=1689939561&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_4=0&ep.ua_dimension_12=1689939561383.xvk3pzr&ep.ua_dimension_22=firstpage&ep.ua_dimension_23=indexpage&ep.ua_dimension_43=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 29ms
28ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17F0RQM2JW&cid=1484123415.1689939562&gtm=45je37j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-17F0RQM2JW&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 61ms
61ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17F0RQM2JW&cid=1484123415.1689939562&gtm=45je37j0&aip=1&z=2047582472

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dc-script-v2.min.js Show response
sal.isanook.com/dc/ 25 KB
10 KB 205ms
204ms Script
application/javascript 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to

Full URL: https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 11:39:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Nov 2020 11:46:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 20 Aug 2023 11:39:21 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 135ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=294
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 612ms
329ms XHR
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=139&profileId=184&cb=95093130697

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 609ms
327ms XHR
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=139&profileId=184&cb=16643223943

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 124ms
30ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=860
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 602ms
328ms XHR
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=139&profileId=184&cb=74813573875

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 213794966 Show response
fundingchoicesmessages.google.com/i/ 147 KB
49 KB 159ms
64ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/213794966?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e3d8282bb6d553cac3fc7585bddb08478e2b9a98e20e4dd2c319e23a884e559

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YdzYvFFBa8bSqY_mZ0nZpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-YdzYvFFBa8bSqY_mZ0nZpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D177 15 KB
6 KB 39ms
36ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=79477
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 21 Jul 2023 11:39:22 GMT
expires: Sat, 22 Jul 2023 09:43:59 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame CAE9 15 KB
6 KB 36ms
34ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=79477
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 21 Jul 2023 11:39:22 GMT
expires: Sat, 22 Jul 2023 09:43:59 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CAE9 4 KB
4 KB 331ms
29ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9943680&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 1832adf2dbc83d94b2994ec2d23ba772e6dc0950bf94180451e1f5d3c3fee23b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 11:39:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 AGSKWxWa9isZ3Tcuu3Uzo-es1_ewB4rtgdGNlOhAQY8xUz-vbagUWKruhhCSmUICGpMHJRV7IzveoVq3QH-7wF0rGFY= Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 245ms
245ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWa9isZ3Tcuu3Uzo-es1_ewB4rtgdGNlOhAQY8xUz-vbagUWKruhhCSmUICGpMHJRV7IzveoVq3QH-7wF0rGFY=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg5OTM5NTYyLDI1NDAwMDAwMF0sIjlFNUFCNUU4LURENjctNDI4My04QTIxLTJGMUU4QzBFODNDMCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vIixudWxsLFtbOCwibUtGcmh0cW1SY2siXSxbOSwiZW4tR0IiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mKFrhtqmRck.es5.O/d=1/rs=AJlcJMx6EWnBbOd-fadpM2aofZ2AxROHjA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e40f94eac35c138f89be96fbeca4ff3ecc934fb91d54e811db744457cce708b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_llfjzzVVabDnqDjxPYTAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_llfjzzVVabDnqDjxPYTAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 282ms
23ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 12:15:43 GMT
content-encoding: gzip
age: 1293819
x-guploader-uploadid: ADPycdvKgHDhjnXuN_UXTlmNqUtn-jSeT5xOSSU2PNrzlIo1S8x9IOqUSSYjSbXgbF6nyRtzn0mHZ3kJLltN_ivULvENTbWKPdDB
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 05 Jul 2024 12:15:43 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 231ms
231ms Script
text/javascript 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jul 2023 11:39:22 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 324ms
39ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 02:34:21 GMT
content-encoding: gzip
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 32702
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 1nTlNjniHH2XCHg8tDXl2GTMlOBzdXGAnXoLmMY-jzGhl5MUTddy8Q==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 317ms
34ms Script
text/javascript 2600:9000:2250:5a00:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5a00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: null
Date: Fri, 21 Jul 2023 00:56:56 GMT
Via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 38547
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: p5dfjC7pVPIcNNBpU5zOYcThwmO9ULCLfPz5dzKtAE9RcHXt22KY3g==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
901 B 278ms
22ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jul 2023 11:39:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1162
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-lcy-eglc8600040-LCY
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 296ms
36ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: A2H0FHJ4V6C5Z4CD
age: 1930
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ea329b9ed4475a1-LHR
x-amz-id-2: Vk/pbgZHaFGbzq7molQSeoMn1NFyfNSUDe8fTHJoeCt+4m87BulTEddPECo55mlgOMYkm+PjmUg=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 309ms
50ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: e23b5c9c49af24bf98a665b654be118f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 275ms
275ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3309895412250454&correlator=3837405705274398&eid=31076240%2C44797786&output=ldjh&gdfp_req=1&vrg=202307170101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=345054422&didk=2096832710&sfv=1-0-40&prev_scp=category%3Dall&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1689939562277&lmt=1689939562&dlt=1689939559631&idt=2348&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1484123415.1689939562&ga_sid=1689939562&ga_hid=647627798&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23cb1dd9ede94e9d78e2bdc319113646e38a0295eb896e86c9649394a163599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11904
x-xss-protection: 0
google-lineitem-id: 5582840632
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373742424
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 570 B
378 B 360ms
360ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3309895412250454&correlator=1702315694966996&eid=31076240%2C44797786&output=ldjh&gdfp_req=1&vrg=202307170101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&ifi=2&adks=908668280&didk=1874942343&sfv=1-0-40&prev_scp=category%3Dall&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1689939562286&lmt=1689939562&dlt=1689939559631&idt=2348&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=130&ga_vid=1484123415.1689939562&ga_sid=1689939562&ga_hid=647627798&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2803300a8f17dc40adcc0b88517a59328d2d94688c5047b8c6363f29c9da86d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 294
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 54F3 6 KB
3 KB 302ms
42ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:39:22 GMT
expires: Sat, 20 Jul 2024 11:39:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWINbObabXAXuWRG2yJtnq1ezyoWQb4f8_DqM8K321gKAc7Qu-Sl7BQT4mM8UCj6hLv-Ej2BgZb3_cs6Sd6w-LjdUnE7fHrm-E5n8H_NE0aDyoInguYQKZIfhX8o9jg0KozisEwXQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 78ms
78ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWINbObabXAXuWRG2yJtnq1ezyoWQb4f8_DqM8K321gKAc7Qu-Sl7BQT4mM8UCj6hLv-Ej2BgZb3_cs6Sd6w-LjdUnE7fHrm-E5n8H_NE0aDyoInguYQKZIfhX8o9jg0KozisEwXQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg5OTM5NTYyLDUwODAwMDAwMF0sIjlFNUFCNUU4LURENjctNDI4My04QTIxLTJGMUU4QzBFODNDMCIsbnVsbCxudWxsLFtudWxsLFs3LDEwXV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vIixudWxsLFtbOCwibUtGcmh0cW1SY2siXSxbOSwiZW4tR0IiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2848334f1f86feb6ff0f691ca399708bc582e97ddd61ce41ba7d457c257f8c88

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-saHnWIjsJE-wCfHnGAO2_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-saHnWIjsJE-wCfHnGAO2_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/dc/ 43 B
590 B 185ms
185ms Image
image/gif 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/dc/?cl=225&cuid=df745fb0356e487fae60870b56b3fac5&cb=1689939562510&douid=&sess=129755865.225.1689939562510&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 86.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:22 GMT
Last-Modified: Fri, 21 Jul 2023 11:39:22 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H/1.1 200
OK /
avd.innity.com/sync/ 43 B
452 B 377ms
191ms Image
image/gif 119.81.192.134
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avd.innity.com/sync/?partner=innity&token=df745fb0356e487fae60870b56b3fac5&type=cookie&itmcb=1689939562510
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS: 86.c0.5177.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:22 GMT
Last-Modified: Fri, 21 Jul 2023 11:39:22 GMT
Server: Apache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 43
Expires: Wed, 04 Aug 1985 12:59:00 GMT

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame 3D54 35 B
125 B 164ms
51ms Document
image/gif 213.155.156.165
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.165 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7584
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

22ms
22ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:39:22 GMT
expires: Fri, 21 Jul 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1934891
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7BC8
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826094650416

42 B
273 B

32ms
30ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826094650416
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Fri, 21 Jul 2023 11:39:22 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210826094650416
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 2EE3
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=61333963-E834-44F8-B30A-B1FF9512E3D3&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=61333963-E834-44F8-B30A-B1FF9512E3D3&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

196ms
196ms

Document
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=61333963-E834-44F8-B30A-B1FF9512E3D3&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 21 Jul 2023 11:39:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: NEZBCQM0S99ZTY7QWK6B

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 21 Jul 2023 11:39:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=61333963-E834-44F8-B30A-B1FF9512E3D3&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 54T8PENR4CXB71RHHJT5

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A8CD
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7fxGX-2tEl_28UJa7PAJCez7EVr2_BcH6PDrDPLf

42 B
417 B

113ms
30ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7fxGX-2tEl_28UJa7PAJCez7EVr2_BcH6PDrDPLf
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 21 Jul 2023 11:39:22 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7fxGX-2tEl_28UJa7PAJCez7EVr2_BcH6PDrDPLf
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 710D
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7465697009228160066&gdpr=0&gdpr_consent=

42 B
297 B

22ms
22ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7465697009228160066&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 58e8bfaa-9c5f-4073-a2d1-250e7005ea8e
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 11:39:22 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7465697009228160066&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 5.187.21.105; 5.187.21.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 03A6
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7258235151031793812&gdpr=0&gdpr_consent=

42 B
447 B

81ms
22ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7258235151031793812&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Fri, 21 Jul 2023 11:39:22 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7258235151031793812&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2E25
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=

42 B
299 B

22ms
22ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Fri, 21 Jul 2023 11:39:22 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=FGHNDo15WyJ0HjlPtoKovAW7FWk&gdpr=0&gdpr_consent=

GET
H2 417 sync Show response
t.adx.opera.com/pub/ Frame FCAD 0
418 B 111ms
31ms Document
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , South Africa, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 21 Jul 2023 11:39:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Tengine

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 23ED
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFTDdFN0pkTjBBQUNWNE1WS1hhQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEL7E7JdN0AACV4MVKXaA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEL7E7JdN0AACV4MVKXaA&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEL7E7JdN0AACV4MVKXaA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5105884918991444935&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEL7E7JdN0AACV4MVKXaA&gdpr=0&gdpr_consent=

42 B
199 B

30ms
30ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEL7E7JdN0AACV4MVKXaA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEL7E7JdN0AACV4MVKXaA&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CAE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YTM5Y-g0RPizCrH_lRLj0w%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

35ms
34ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=79477
accept-ranges: bytes
content-length: 5606
expires: Sat, 22 Jul 2023 09:43:59 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame CAE9
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=&ct=y

49 B
264 B

63ms
59ms

Image
image/gif

52.213.109.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Server: 52.213.109.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-107.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.65
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.45.12.39
content-length: 0
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame CAE9
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3104798370
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=61333963-E834-44F8-B30A-B1FF9512E3D3

0
284 B

82ms
30ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=61333963-E834-44F8-B30A-B1FF9512E3D3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
via: 1.1 google
last-modified: Fri, 21 Jul 2023 11:39:22 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=61333963-E834-44F8-B30A-B1FF9512E3D3
date: Fri, 21 Jul 2023 11:39:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame CAE9
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=61333963-E834-44F8-B30A-B1FF9512E3D3
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWFobzFpLWtsUlFRYWFKRXFKUE45dVRvQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=6944312430359264284&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

99ms
98ms

Image
image/png

54.158.85.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: HTTP/1.1
Server: 54.158.85.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-85-140.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CAE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjEzMzM5NjMtRTgzNC00NEY4LUIzMEEtQjFGRjk1MTJFM0Qz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

82ms
29ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CAE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEfvHTTKCveIn7G_Ct1xKhw&google_cver=1

42 B
300 B

84ms
31ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEfvHTTKCveIn7G_Ct1xKhw&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEfvHTTKCveIn7G_Ct1xKhw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame CAE9 43 B
610 B 125ms
40ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 20 Jul 2023 11:39:22 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CAE9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6944312430359264284

42 B
243 B

23ms
22ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6944312430359264284
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6944312430359264284
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CAE9 70 B
265 B 112ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 61333963-E834-44F8-B30A-B1FF9512E3D3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CAE9 43 B
426 B 118ms
33ms Image
image/gif 2a05:d018:d29:3601:da00:7cb3:2a5d:49ee
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/61333963-E834-44F8-B30A-B1FF9512E3D3?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:da00:7cb3:2a5d:49ee Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame CAE9 0
125 B 128ms
41ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=61333963-E834-44F8-B30A-B1FF9512E3D3&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CAE9
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8c236a56-bd72-40c7-821e-231ca3fc6555&gdpr=0&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_ebe63144-29bc-4b0b-a30a-acf880281b2f&bsw_param=8c236a56-bd72-40c7-821e-231ca3fc6555&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8c236a56-bd72-40c7-821e-231ca3fc6555&gdpr=0&gdpr_consent=&gdpr_pd=

1 B
245 B

22ms
22ms

Image
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8c236a56-bd72-40c7-821e-231ca3fc6555&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 11:39:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8c236a56-bd72-40c7-821e-231ca3fc6555&gdpr=0&gdpr_consent=&gdpr_pd=
date: Fri, 21 Jul 2023 11:39:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame CAE9 0
104 B 151ms
52ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CAE9
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2569436704448451549&gdpr=0&gdpr_consent=&us_privacy=

1 B
195 B

23ms
22ms

Image
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2569436704448451549&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2569436704448451549&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0527 0
0 74ms
73ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKGF-0Ht72xQ0jWLVEK664YXHBwoxodc-8L3zjm7crlfCs8Yv7vC_LCab2Fel73xAWoqpFz1zj7Y3tTvtjm-r55ElCcnfL-s1_f70_m58pmv1zesZGWvA_NZBHEggYtvjKjnxqLxhnYDaJ7q_hNK-mPJlfdEND07Ezn3OzM1j07TS3h-y3ox29Wt8Q_D6M0ZUpAe1lUltnlL5pO-ttLGhxPV_CPE2KhHMRirVf-f5cGt9hzeUqUoAPKjTmjzTVZM2aFUvOOM6udqIzfX99ZYpaTE_m6CQnFB9BkIwtY7i9e9kllYTn1kClP_12rdq7Zy5P4lY0D_vaAtC745w7bcfp7M9ctTgAxNbT9AY2rBcTfCW1&sai=AMfl-YQFS6fPht10O3Q_71JCVUZ_9C61bgpYYGE21AjHdmkIAaKRiVgDiQ6Hx8T_ErHJAdKpIX5AmVSAvGOhWf12RZEExkt09BrGtUiDigT_KYI5v7g6A4qR1nqNin_9gw&sig=Cg0ArKJSzMd-uSAt_fhIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0527 88 KB
28 KB 99ms
97ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d46a641e0bb0cf37d837dd9eb88caf89951ffaedbb13c81c3e0379636a1b8e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28599
x-xss-protection: 0
server: cafe
etag: 184 / 19559 / 31076267 / config-hash: 4616616588498368682
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 11:39:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0527 179 KB
56 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 11:39:22 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1

85 B
203 B

118ms
117ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 94b22956d8a756614aceb90a4c9cce164ced050e74cdc331270275c9ca2c996c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-So0RbaPSsnFIjZ+GmhLvluZ3pyg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 21 Jul 2023 11:39:22 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.sanook.com
location: /esp?url=https%3A%2F%2Fwww.sanook.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 45ms
43ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 78ec3d4d6ae24303bd49a502f7943acf422da51135c135bf91d54a09a48fd69e

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 7a986640fdef77d30ac09273f147b966
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 99ms
41ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.sanook.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 21 Jul 2023 11:39:22 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: b3ad405c980f959800da92c16d562ff1

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
323 B 116ms
39ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H/1.1 400
Bad Request hb Show response
rtb-eu.andbeyond.media/ 22 B
290 B 107ms
28ms XHR
text/plain 77.245.57.78
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:22 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://www.sanook.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 22

GET
H2 200 arj Show response
tencentth-d.openx.net/w/1.0/ 73 B
368 B 104ms
27ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0e536520-b4ad-448c-bf83-9b85412d86c5&nocache=1689939562651&aus=300x250%2C257x240%2C300x125&divids=rgpt-reca-4&aucs=%252F4899711%252Fwww.sanook%252Fdesktop%252Fall%252Findexpage%252Freca&auid=542511420
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a6abd01f2a5ef3fd5d2bdddda2a92397e790289ea9f374d088ddc8f81d09ee86

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.sanook.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 370 B
884 B 150ms
34ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&alt_size_ids=570&rf=https%3A%2F%2Fwww.sanook.com%2F&kw=%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%2C%E0%B8%AB%E0%B8%A7%E0%B8%A2%2C%E0%B8%AA%E0%B8%A5%E0%B8%B2%E0%B8%81%E0%B8%81%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9A%E0%B9%88%E0%B8%87%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%9A%E0%B8%B2%E0%B8%A5%2C%E0%B8%9F%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%2CJoox%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%2C%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B8%A7%E0%B8%B2%E0%B9%84%E0%B8%A3%E0%B8%95%E0%B8%B5%E0%B9%89%2C%E0%B8%81%E0%B8%B5%E0%B8%AC%E0%B8%B2%2C%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%2C%E0%B8%A5%E0%B8%B0%E0%B8%84%E0%B8%A3%2C%E0%B8%84%E0%B8%A5%E0%B8%B4%E0%B8%9B%E0%B8%A7%E0%B8%B4%E0%B8%94%E0%B8%B5%E0%B9%82%E0%B8%AD%2C%E0%B8%AA%E0%B8%B8%E0%B8%82%E0%B8%A0%E0%B8%B2%E0%B8%9E%2C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B8%9A%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B4%E0%B8%87%2Csanook%2C%E0%B8%A7%E0%B8%B4%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%B0%E0%B8%AB%E0%B9%8C%E0%B8%9A%E0%B8%AD%E0%B8%A5%2C%E0%B9%80%E0%B8%81%E0%B8%A1%2C%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C&tg_i.page=https%3A%2F%2Fwww.sanook.com%2F&tg_i.domain=sanook.com&tg_i.pbadslot=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tk_flint=pbjs_lite_v7.25.0&x_source.tid=0e536520-b4ad-448c-bf83-9b85412d86c5&l_pb_bid_id=14997f4c88ed363&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&slots=1&rand=0.09488641382663454
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 12dd6199ea3d042dc13b8620cbf9e06bd357c82a48126ecbefecae0602decf07

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 370
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
544 B 392ms
334ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=575406
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cff83ca0b6983822eb74ed66a82b2d12375bad6fc0c9a13679e412112770cf02

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQiubuncTpT79EpEec9TIDJTt5P%2BMaTRTbkLqoNl0708Z65FtrX4eUw0nvnYG2N7p%2FVl9Wqhh3ogPhfWPLSHOTfVEDR3PYChWoQDsCnqexbOCm5HwawJ6z71FrR4jgoCVUfQ%2BNo9"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ea329bb0ee688ad-LHR
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 52ms
52ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=429
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
814 B 33ms
33ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b4753a92f4c696d1a27e1e656ffc3c44d098eb11d7adf94bff62bae3999f1ead

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
an-x-request-uuid: 8a90f004-c1ae-4d5e-a77f-c9fcd6a63831
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.187.21.105; 5.187.21.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
380 B 280ms
176ms XHR
application/json 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 21 Jul 2023 11:39:22 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 127ms
126ms Ping
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 128ms
126ms Image
image/gif 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 15 Jul 2024 11:39:22 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 128ms
127ms Image
image/gif 2620:100:a005::6
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::6 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 15 Jul 2024 11:39:22 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 413 B
642 B 274ms
184ms XHR
application/json 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b3f752aaeb6db8ab939049c49ecf68b1cb0730cdeec6dcc0b31e9fbdbf506527

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 303
expires: Fri, 21 Jul 2023 11:39:22 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 32ms
30ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=843
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 126ms
125ms Ping
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 31ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=352
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 events
bidder.criteo.com/csm/ 0
78 B 127ms
125ms Ping
text/plain 2620:100:a005::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 125 B
677 B 54ms
41ms XHR
application/json 52.213.109.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.109.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-107.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9752d92c15dc692460f9a7be8f82516efcba0d2af6e303cbffb84a5965701f06

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.13.99
access-control-allow-credentials: true
content-length: 125
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 334 B
175 B 77ms
77ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3309895412250454&correlator=2302653585346852&eid=31076240%2C44797786&output=ldjh&gdfp_req=1&vrg=202307170101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1%7C1150x90%7C1090x250&ifi=3&adks=3448326100&didk=498303881&sfv=1-0-40&prev_scp=category%3Dall&eri=1&sc=1&cookie=ID%3D2b2664218bedf4be%3AT%3D1689939562%3ART%3D1689939562%3AS%3DALNI_MbFvoMpoJ-24-a-pwsk2Xzs5zZooQ&gpic=UID%3D00000c6e79f0c9b1%3AT%3D1689939562%3ART%3D1689939562%3AS%3DALNI_MYtzrO74LR1l1IbWepoWOoauuQ3jw&abxe=1&dt=1689939562757&lmt=1689939562&dlt=1689939559631&idt=2348&adxs=225&adys=-90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=1150x-1&msz=1150x-1&fws=4&ohw=1150&psts=ABnkTfBUmFzl7t_owf6YEAzibJdP21cZid2V1jc-Uk8POOOAn1T25SRuPmQYN8lAB62I7uJckEoTBVVBocVfohXLrPQsQ5FCLAf_K8wcGtwXtWyfzRfHD1_Nkaw%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1484123415.1689939562&ga_sid=1689939562&ga_hid=647627798&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3470839eefe22dff1fe0caf6e12c2dc192eef98543715f31caabb9f6f53c6d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame 0527 385 KB
122 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:53:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6342
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Jul 2024 09:53:40 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame C085 0
91 B 54ms
25ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 21 Jul 2023 11:39:22 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E77B 52 KB
17 KB 153ms
36ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 21 Jul 2023 11:39:22 GMT
ETag: "623de86a-cf34"
Expires: Sat, 22 Jul 2023 11:39:24 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 poh.jpg
s.isanook.com/fi/0/fp/380/1902697/ 8 KB
8 KB 30ms
29ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902697/poh.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

b7cce6664bfdeb40be15d6f177827f9ff6d2eac4747aebf96a7f32cd2bec7b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 10:27:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 17378501365209403209
accept-ranges: bytes
content-length: 8534

GET
H2 200 6.jpg
s.isanook.com/fi/0/fp/380/1902673/ 9 KB
9 KB 32ms
31ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902673/6.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

419119879eb7ae3bfe0d605a84de61d833655a29b1b91a7dca4cfbd600b1a520

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:39:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 7683981785281465651
accept-ranges: bytes
content-length: 9469

GET
H2 200 p03.jpg
s.isanook.com/fi/0/fp/380/1902597/ 3 KB
3 KB 30ms
30ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902597/p03.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

1ff156a490197a3db0dcc463a6d22ded80179df60ff6a2129087c2b4695e7798

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 07:27:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 14884270087374579483
accept-ranges: bytes
content-length: 3279

GET
H2 200 pat.jpg
s.isanook.com/fi/0/fp/380/1902569/ 7 KB
8 KB 30ms
30ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902569/pat.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

8f1e37c9b51619a5bad9f4961c4397f86fff672f5fd17cc64923cdb59583a7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:48:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 162
content-type: image/jpg
x-nws-log-uuid: 13401094325926165997
accept-ranges: bytes
content-length: 7656

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/380/1902693/ 11 KB
11 KB 32ms
29ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902693/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

f3ae74a74d38e0ced684035df16a49ad9e8ed12fee00d5d07f6ca79e3f970e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 10:21:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 10970155482849803715
accept-ranges: bytes
content-length: 11518

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/380/1902685/ 10 KB
10 KB 32ms
29ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902685/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

90b2c07260d70267751704c0528f8eb954ffe2a193550ed3495bce0f2828bf95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 10:22:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 922887644075648995
accept-ranges: bytes
content-length: 10261

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/380/1902373/ 8 KB
8 KB 33ms
31ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902373/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

1d5e6be082c1628d01bc08000477cda7009f7e0f1d1f9bd272e5846229bab11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 01:44:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 7946837084425814453
accept-ranges: bytes
content-length: 7746

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/380/1902629/ 10 KB
10 KB 33ms
30ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902629/tagline-template-update-april.jpg?ip/crop/w268h151/q80/jpg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

638f51b08a158469a7e45e909671254fcc608d156abeade26e25ea96b2ce238b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 08:25:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 3485730515054162514
accept-ranges: bytes
content-length: 10108

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0527 0
0 140ms
70ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlRlJrkCFpuaFq6rKGCy3nO1a2SLYBlYKbWgiw0zoMshMe4ex6_mwt7yiFMjXREW8m_t3NHL_tkjvwqwPqgckKrX7FrgsZ2UhTp9k7Q6XB8QpMUvYJnhlcwMMkKu_1-2Yua03zrdCrvfV3f9hPfpmTFCaZ_nN9JHeKoxImimsWId82siCbDRuZY_9VitRxI4Wo42iDDRSPe9UAPP4GMHUEgWzMfDNLW_KZF2CPCSFt8h_5XQK3fpO8MKUKtDiavf94ALMCVnC8wngWed64LskhDF2Z8NFKH4YmkR3ghKLpL6dBqg889dTKp1z9Qusec-8gHq9y7RjBlNZlQc-6BrHF2k5DwSGftjBlAQEgSrrdHWr2EIA&sai=AMfl-YQky_hWwjfFt8Cca-Sfx_ZSLjVgtdwSG_wf1mXIKFOdeIM5FFBDueRusZMs1fzQRQUCh_oaKj88K7jc-iErlPE9hLwclSDi82DkThChG7Z7S6yhF-KTNnwkZsGzuw&sig=Cg0ArKJSzFzZpLRSWwKFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 11:39:22 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0527 1000 KB
100 KB 120ms
120ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=739347119915225&correlator=1438384361222781&eid=31076267&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=178697795&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3D2b2664218bedf4be%3AT%3D1689939562%3ART%3D1689939562%3AS%3DALNI_MbFvoMpoJ-24-a-pwsk2Xzs5zZooQ&gpic=UID%3D00000c6e79f0c9b1%3AT%3D1689939562%3ART%3D1689939562%3AS%3DALNI_MYtzrO74LR1l1IbWepoWOoauuQ3jw&abxe=1&dt=1689939562908&lmt=1689939562&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=zf3yjx8ydfqy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&ref=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1484123415.1689939562&ga_sid=1689939563&ga_hid=2045110495&ga_fc=true&dlt=1689939562584&idt=289

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

609c59e03032e481cb6306fb44b1fac51ece3de699eb3ab7267f20542125957f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102506
x-xss-protection: 0
google-lineitem-id: 5849485604
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373690262
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0527 15 KB
12 KB 161ms
84ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f47e1672b0c25ec306398bb54ab09a1901cca0f8a6738afbcec0d895e88f6eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11809
x-xss-protection: 0

GET
H2 200 container.html Show response
a3b65afb36bf1c013a0f10340391d328.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EA53 6 KB
3 KB 58ms
43ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3b65afb36bf1c013a0f10340391d328.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:39:22 GMT
expires: Sat, 20 Jul 2024 11:39:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame ABFA 0
80 B 32ms
26ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 21 Jul 2023 11:39:22 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E77B 0
594 B 32ms
32ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:22 GMT
an-x-request-uuid: c912c80c-defb-4994-83d5-c59c25c44c47
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 5.187.21.105; 5.187.21.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 336 B
175 B 264ms
264ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3309895412250454&correlator=2029590477183786&eid=31076240%2C44797786&output=ldjh&gdfp_req=1&vrg=202307170101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&ifi=4&adks=3667654068&didk=3402878631&sfv=1-0-40&prev_scp=category%3Dall%26pwtverid%3D68%26pwtprofid%3D781%26pwtpubid%3D155976%26pwtbst%3D1%26pwtplt%3Ddisplay%26pwtsz%3D728x90%26pwtecp%3D0.10%26pwtsid%3D34919c94b43ceaa%26pwtpid%3Dteads&eri=1&sc=1&cookie=ID%3D2b2664218bedf4be%3AT%3D1689939562%3ART%3D1689939562%3AS%3DALNI_MbFvoMpoJ-24-a-pwsk2Xzs5zZooQ&gpic=UID%3D00000c6e79f0c9b1%3AT%3D1689939562%3ART%3D1689939562%3AS%3DALNI_MYtzrO74LR1l1IbWepoWOoauuQ3jw&abxe=1&dt=1689939562959&lmt=1689939562&dlt=1689939559631&idt=2348&adxs=0&adys=1848&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=ABnkTfBUmFzl7t_owf6YEAzibJdP21cZid2V1jc-Uk8POOOAn1T25SRuPmQYN8lAB62I7uJckEoTBVVBocVfohXLrPQsQ5FCLAf_K8wcGtwXtWyfzRfHD1_Nkaw%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1484123415.1689939562&ga_sid=1689939562&ga_hid=647627798&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b418de58ffd52a1ae77faad8eb08fc9f1606fae9b323d336d67882136d05a46a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3F21 281 B
554 B 124ms
33ms Document
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jul 2023 11:39:23 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 364ms
363ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3309895412250454&correlator=2695561471950989&eid=31076240%2C44797786&output=ldjh&gdfp_req=1&vrg=202307170101&ptt=17&impl=fif&us_privacy=1---&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&ifi=5&adks=4033539290&didk=4218483591&sfv=1-0-40&prev_scp=category%3Dall&eri=1&sc=1&cookie=ID%3D2b2664218bedf4be%3AT%3D1689939562%3ART%3D1689939562%3AS%3DALNI_MbFvoMpoJ-24-a-pwsk2Xzs5zZooQ&gpic=UID%3D00000c6e79f0c9b1%3AT%3D1689939562%3ART%3D1689939562%3AS%3DALNI_MYtzrO74LR1l1IbWepoWOoauuQ3jw&abxe=1&dt=1689939563054&lmt=1689939563&dlt=1689939559631&idt=2348&adxs=1033&adys=986&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.sanook.com%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=ABnkTfBUmFzl7t_owf6YEAzibJdP21cZid2V1jc-Uk8POOOAn1T25SRuPmQYN8lAB62I7uJckEoTBVVBocVfohXLrPQsQ5FCLAf_K8wcGtwXtWyfzRfHD1_Nkaw%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1484123415.1689939562&ga_sid=1689939562&ga_hid=647627798&ga_fc=true

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a7794366c2d6a01bd05452e1548420d4b9f85a1c252eec66be0474b0074e5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9397
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4216 0
0 71ms
71ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszNzHfALYog-2947ShbYKfZWkOy757bah4T8WGF7pFbbBP9kuZs_MONEnIJ_by3IBSJL8TfLeehOltKXVJ-i7vb7SB51CJaRNSjgzW71mNtJ7gMh5coR16UJjJh64lBCS79FmPMwDeoTpx3hSnjNsWx0QVJGvOxRNiNTgL0dIIT0AGNOnkxTqtqK0Z-B4eUPOU9rdBxM8kEFIE58KNNWKq8xdLLmelqAEVbzb3zv88QcATbNVgKBzNdG70OwVbzy5EWd9RGDp4rx3t8u2091CIYY-Wf3ghjBZYmTI6Nk8Lrh7Pcx7lwfb9GWZ6wzwJQPqkBgNap5udYGPlQyCL&sai=AMfl-YREiZZU8WbrP-iqAJGjn1oOkEA7zgmhhpc3dvwKmZHKyqOD4YT5T0YAfUxYoiEMt6iAOu92FqqYXJABlhJGmasj_nGX77nkOWl4dUqZyWFbRRU26uvrtL3pYO_OHQ&sig=Cg0ArKJSzO2pe-fDi2nwEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 4216 85 KB
30 KB 113ms
34ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 09:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 09:46:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4216 179 KB
56 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 11:39:23 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0527 17 KB
7 KB 175ms
99ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js?cb=31076267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 11:39:23 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3F21 34 KB
10 KB 34ms
34ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6398459b42d66255d9cbd874bdaeb716f781ba4e29c7ddcc2183e7fb4ce69e3b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 11:39:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jul 2023 18:43:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=25401
Connection: keep-alive
Content-Length: 10114
Expires: Fri, 21 Jul 2023 18:42:44 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3F86 3 KB
2 KB 96ms
30ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 894
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7ea329be18f24194-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 11:39:23 GMT
expires: Fri, 21 Jul 2023 15:39:23 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame C334
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

38ms
38ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 2bd43bd1d19804dd0ace87193c6c8cad1af21918a8ebbea029eb70a8818e2ea0

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1876
Content-Type: text/html
Date: Fri, 21 Jul 2023 11:39:23 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 21 Jul 2023 11:39:23 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4216 0
0 70ms
70ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIWEGI8GbQoqkRIoGX8vg7rf_RbmyLdIRzk9Lmc4IJL2FSLbxKx_Uoq2yP2KkiRYMcbHPnjvVDy_w8nf-LioPJnoTsbJAVsAEJNHVmti5IvLacOVBoc8-w3RBWeRGASvGnHjoZIbN01Hvg8IzlgIP2WR4WLa01GIgOLfs_ZPqMDY5_VgLsZW8gdSzkOy_i_9zohiWym34n-9nOHpOSmFm7kCHDCzJF_pA5Hs6lsijS2LAWrGWSkkX99eqLQYik3lnMfTGdhLvUP5hM-xdYLqjD6MuWHVEjAnAdz2DHaT0PcX_MarFlB1l17PeF8b_kURlq3hF_dxPBMgGLaXmvJvQ&sai=AMfl-YSDQE3jYqHhNvBFsns0Q6K9NX72Y_ujpE0SwB6inE-rtTkclmdrqUr4bOiaQxHBFYlr96YKcScRbAUtH7K3brUfixQz4Cm8NsMh5vD0yxnx20K37-D797nVfjXTGA&sig=Cg0ArKJSzEQrGMwjWr0eEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 11:39:23 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3F21
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL8neSUBS-7sSUZKnCn5QLM&google_cver=1

0
239 B

167ms
38ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL8neSUBS-7sSUZKnCn5QLM&google_cver=1
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEL8neSUBS-7sSUZKnCn5QLM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3F21
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/V8TMX6ItO0t63_SgPb_cvg?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Fya5OZlE2oJNvTct6pYMA22CvC9ObV.nhA_JsA--~A

0
239 B

38ms
38ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Fya5OZlE2oJNvTct6pYMA22CvC9ObV.nhA_JsA--~A
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 21 Jul 2023 11:39:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Fya5OZlE2oJNvTct6pYMA22CvC9ObV.nhA_JsA--~A
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 3F21 70 B
264 B 34ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3F21
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=HK_qhvx_SceEZaqrvJdTyg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HK_qhvx_SceEZaqrvJdTyg

43 B
479 B

106ms
105ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HK_qhvx_SceEZaqrvJdTyg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1WMZFGDP7BW81MV5R027
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=HK_qhvx_SceEZaqrvJdTyg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3F21
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=AQd1dlkBTmWmgFKlpWY_Gg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AQd1dlkBTmWmgFKlpWY_Gg

43 B
479 B

42ms
41ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AQd1dlkBTmWmgFKlpWY_Gg

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CMDPW349P0HAN8XJ2MC1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=AQd1dlkBTmWmgFKlpWY_Gg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F21
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtDSURTMFctRy1JRkIw&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFdXgBBX8KIyTJcQQaqD_J8&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtDSURTMFctRy1JRkIw&google_push=

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtDSURTMFctRy1JRkIw&google_push=

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtDSURTMFctRy1JRkIw&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F21
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4NzdkNzJiNjliNjdhYzkxYjMwMWY5NDFhYmM0M2I1ZDZjMWFmZQ&us_privacy=1---

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4NzdkNzJiNjliNjdhYzkxYjMwMWY5NDFhYmM0M2I1ZDZjMWFmZQ&us_privacy=1---

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4NzdkNzJiNjliNjdhYzkxYjMwMWY5NDFhYmM0M2I1ZDZjMWFmZQ&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 3F21
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKCIDS0W-G-IFB0&us_privacy=1---

0
646 B

166ms
114ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKCIDS0W-G-IFB0&us_privacy=1---
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 592D1CDCDF234281AC5988B775B4CCE4 Ref B: LTSEDGE1009 Ref C: 2023-07-21T11:39:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYA/bdhWFGnb1uxQ5w08Q==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKCIDS0W-G-IFB0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C20C 13 KB
5 KB 35ms
33ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:19:13 GMT
expires: Sat, 20 Jul 2024 11:19:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 01C0 783 B
536 B 45ms
45ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a85910f42aca3993c62b9458984b86e944a7f2c600c0e3cbce6e06242badbf84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lZ0rkDN5Gn16qd2kisS_7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-lZ0rkDN5Gn16qd2kisS_7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:39:23 GMT
expires: Fri, 21 Jul 2023 11:39:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 y2psJhBoNwVXJmnBojBpKT_zZdmvrjA0KY5k9hsTf1o.js Show response
pagead2.googlesyndication.com/bg/ Frame C20C 37 KB
14 KB 102ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y2psJhBoNwVXJmnBojBpKT_zZdmvrjA0KY5k9hsTf1o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6a6c2610683705572669c1a23069293ff365d9afae3034298e64f61b137f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14724
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 18:11:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 01C0 0
0 125ms
69ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=739347119915225&rc=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame C334
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLpua14KQ6-PcFtkoXRwugAADIUAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDxoGsQsIMisU8lRjt6y6Ww&google_cver=1

43 B
766 B

36ms
36ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDxoGsQsIMisU8lRjt6y6Ww&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDxoGsQsIMisU8lRjt6y6Ww&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame C334 70 B
264 B 36ms
33ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame C334 43 B
855 B 398ms
108ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLpua14KQ6-PcFtkoXRwugAADIUAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4AB3676Q87W7EZPRE9YW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C334
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLpua14KQ6.PcFtkoXRwugAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJaynnKaTbBTwy5BjkPolbc&google_cver=1&google_hm=2

43 B
632 B

46ms
37ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJaynnKaTbBTwy5BjkPolbc&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJaynnKaTbBTwy5BjkPolbc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C334
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=76ab6422-0a47-4f72-8526-9cfff272d370

43 B
632 B

54ms
37ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=76ab6422-0a47-4f72-8526-9cfff272d370
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=76ab6422-0a47-4f72-8526-9cfff272d370
date: Fri, 21 Jul 2023 11:39:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C334
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a4fda342-4052-4fde-8873-b8aab2c27185&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
271 B

89ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a4fda342-4052-4fde-8873-b8aab2c27185&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=a4fda342-4052-4fde-8873-b8aab2c27185&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date: Fri, 21 Jul 2023 11:39:23 GMT
server: _
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C334
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
https://cm.adgrx.com/bridge.gif?AG_PID=casale
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f

43 B
632 B

37ms
37ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
server: Cowboy
content-type: image/gif
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
access-control-allow-origin: *
p3p: CP="NOI OTC OTP OUR NOR"
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-5
content-length: 0
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C334
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7465697009228160066

43 B
632 B

108ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7465697009228160066
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
an-x-request-uuid: 93e7f74b-f9f1-42f7-b787-c239f2635d02
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7465697009228160066
x-proxy-origin: 5.187.21.105; 5.187.21.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame C334 43 B
353 B 96ms
30ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZLpua14KQ6.PcFtkoXRwugAA%263205
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.sanook.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 54558
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ea329bfc89c35dd-LHR
content-length: 43
expires: Sat, 22 Jul 2023 11:39:23 GMT

GET
H2 200 container.html Show response
d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F6C 6 KB
3 KB 35ms
35ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307170101/pubads_impl.js?cb=31076240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:39:22 GMT
expires: Sat, 20 Jul 2024 11:39:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1E3E 0
16 B 76ms
74ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhiXwrfoATAB&v=APEucNUhX9apR4V1-Gca6Q0DFwG7uqDEsS9DBdzlX_m-lEQxtM4j0IW2kH3Da-D3z7Ais2IOKDyHLKj2zeosjMAUYU6qV_7hCw

Requested by

Host: d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
URL: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:39:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7F6C 85 KB
29 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
URL: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 11:39:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6C 42 B
63 B 71ms
69ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DdTqB94_iMZKnCL4s7ABhHo5uSRsjOBoz826WIWzGwV-zSdNxYMVU-cFofdbLGxbQMcuG680MK4VFhUK4CL0KfpjpOCbQS5bEcArGc9rtTusmhZZQ

Requested by

Host: d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
URL: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6C 0
20 B 71ms
69ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11611818104008488306&x=1&ct=76

Requested by

Host: d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
URL: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 7F6C 3 KB
1 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
URL: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 07:08:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 07:08:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 7F6C 20 KB
8 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
URL: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:23:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7F6C 0
0 43ms
41ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4j_sbSMvS0aTUFjuyfcVc7WvMvP8FOqxXSUsRZKIDDtnH5gr_rC7vLMqwLhYZ_u2KasIq
Requested by: Host: d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
URL: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F6C 179 KB
56 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
URL: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 11:39:23 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C20C 0
10 B 32ms
32ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?19l0gg
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6C 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3679530598445&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6C 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3679530598445&version=m202306200101&ct=76&x=1&cor=11611818104008489000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7F6C 77 KB
36 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DidsM51AUDJKK7jvjo4KwDT3IpdlL25xTwYFEFflqu_uk4u6oCcoZ_XU9tmYpiGiFdDR3FS52S6mgrQq7qD41_YEe5Eg&cry=1&dbm_d=AKAmf-AJ7r5xicaUxEZ1E_OUaha1QvFKlP_6GGjopY-RAkqTFkvIJ8kcFfNg5r0AxS3Mk0W2ZugogKH0VIa2RGKh3JCVaLd51qeVfoCtgxcQmo9G9M90JHNsh45WH8YPsQicL058QzGwt4tf33WUEYTto3R84sOLmmYXaHSxlakpROn5qJL2CcSzbIudewZtyuawDMpPm8C3A5_kaGOI0KTbNKwuo0oq73n0XoQMZ9yI49mpw26BhF_wHoeciJBMn7L4nSRpwXuGDr9nnN9lLj4if_w_rmTUy0jq_KtYWNbQJuS2ROlTHnbeb_f53PfqE7A67t9W8imlAMGtDBQ06cvvizyT-Ny7KzM9nr6froO2HjJGC35CZLJy9TZAEU_WHZ3IpRCe3Gw1c-yveeJKQgOW1HOHc2AZA1ZXDKDDNY5ASXoU4CR3JJ6cMqBt32WvllZoBr_J-N_nBbnjAHwfnHiyei-49rbsn3W71UXqhkqJ_t6EdVOJcYAVAmyKXDC8Syc2DzQuV2yYYZbL5ZrrOgaMfR2VX8Bqnwgl9TGYbKYGdqMLomHfAh0tODgYay6HuRSOJLBdSS0mfOmLnRqlklPjINMtXmoH1fNdDyngMrt0XZkLAn2K5-FZeliaqZnPrt733lhAhS-i8s_A8lSDgpCJYKaF1CdpnRgperatF4StGS8lqUXjP9JNJLzJALUcmaX28A1Fik0xYoi3cinFDbOAq4wFS3Fu70v_82fYxYUUFj7iVtbju7KvwxUoz836b_SZDQps5MPlUwEE0yfePmOtPOLiseWyzZ_USPhW_qFB8u4AxsnraNEHFoqVpj2vJ81oajx18e2k7j_gPG9bDxZLw6UkRbRRDbv6h4TTm6stUg_ktXJqZHC6ORo_z4rqr2DnATsngguXVdEvGE1lvUZMtxSiPh4evG3D09GxDvEmTYH7lKI2aVO2jEz534-VGBDUvmI2We6zUGBKh8CF1ysVm19h-ZPaqRXwYL_WCW7qoE8yqgJ6WpBEMbuqLFyDbWWTPafAT5t1d9xvUTvHBeuMgcbiZQwdR_Cl2Hyq4Wwq7CJpW4ghvebPaRrMZE_OLThQR7YVw633QdmtAocrLNNEHcovHsYfw8Jli3neRmhDZV3-pQn4yWWdpmUVuS40SY3CXvhNI8J9PTBc1D-qclM29Xe1Ny2JD_qoZ7vihg6GirkFfo9f8gTaKRSFUUPAPbHJw1SiMYID8g_gxBfzPy-PfzrZ3jvi-qa2tOFTHuI5T6qRFr45vodVmKR0KBzxSA3WIO4xVSfYe5mrL8CG6U8Um39DGqyjUCoMKbWYkch9P1U1HtP5mAee1COFO-k90x59xWgvkWTym0_gk53Telvfz8h41EYxomTO6aFGAYFeECLGEv8Ak3shrJZx8Ipk17pdz-6lakTAyfwHi-rWzz2XWqodUuTbMCd6bX02fQTQ2XRxWiarHxD3lpKk2GgxO1cyiJUMRPPTJQFhE8CZYOec8e-JFPUGaqcpsmepeZ6nxxz1E0BqkYkQuycY3Alo-0t8sEv1iISk1fmRszlz-huuJMOdwjChSIBe66D3G2H4lFXiy1nh61awdJCB5j-m-C96zyXxYeD4PzJeEOGmkxVdgaZ7i7dTPCEr7U-ZbhUB17X1AH93WpOPjuchWQgY8uPF2QqEE6njgZU1Ygm1WOvjYP6zNnVn0drO0YNiIzqeIrZXYDF6tZmu6qEKeSRW7ec2nnxJIvyS4IwuCOPHERNTcL31iwQMhibBbs5W-nlHQ8r0KdHpdVvV4NMlDDG8Md1ai_T1jYdvRneki0vOqNQJPHn1zt0e0sErOVdk1ZH0Kora5fEk-49pnzDN0pus3KondsXbpfpY_TtckMS45C0mEiKb-F8UZzsifLnmSKSStyhH7lWdPsCycVU9mQ65FoVGM0kaMOIPBy3w8BGAVCISbibsFrU5f7c2EYmIkSispsJ4uyfskRxq4M-HNpfPXoWDpyZy1nSZQfVWLRllJvPNijJjZkaQhfVTvc02mk0mc1UFC2O3s-IKyOf5OCoOQwvmja8AJBcPOeT7s5zurKv6Qn3vAJryg1ZHVgNl4bLk83_Zk2KXeWoDWRcUng98OaM6GYNFqnnSh0F9e_DqsyivYQDAoDRp-pgvZI6kZDooOejxTv44cudGMLomBzIGmc-oFmFVX-LpkU4cu50H1DsMBBhMKaoOajy04wTGQ1pOyi8ncr7euFtl2wjFGjZ_NoujCRIdKGoy7ec8zSmD6qkG0ncZcs6Hnmw6ehprDepLe04Sny9xg6AXi3SvtUEql1dmIE6-8rketHH9tPE-C8SAywIi41ks22eDCTf6mJQG6B-dWCv0mP56efutQ5UsUIqXXoG3l5BSh2jKsPrcDG8MolAOHR61TbuSv1MK5uqq3YnStD9Tpg2XjCKYBeEEfHTUhedLp9iZfxlXXP9FFGE9l79-xkQo3mxlKbthRwGgKZ5EBhslmxmb4-wceh4SYdtTpm_tHvebgY2kHukDgcafWLV7jyxoMecEfSHsACQx1Kq3bHYj0GwOpTv63LlNXiYdLUjBeGGCkpuOFYzSvtbbaldPU0RBAUF-nBmPEeuoZZ7QbhTuaub48zRk5GDKJ1vQ5tvLrhtE3E58ZkB5VMVgMW73jfGHsjifqIjSjSPctnT8MXPe1s-gPePCyC26MjkpE-HTStOUaqsRUwy8Viq_RU1SVOYp9Le-smtSaKp7XWuBM-cQvTr5DIpvm-JoC2Sjjp-j0uN_3JlYY8RTJ-18kJ3Vd4_zwK0_iWApSmkpWn_-n0Ls48U_D0pLssC3vZN3HJHoUtvbW1XTXATJ50Lkio8JLUty3Uh5DIX4khwgaW3FUDLyxyFA5_h5geM5-Qb0SKjfFSfOL4XNN1r_VO6vfRCDZp-Ff_r1_vtW7y5CIZHSDkFyWKNrdpeQFUebvbHR7OI1FYJXGC_HOB0QlSpzkXErylfElf3a3npWDSIyR4XOXZ6-im2ydYMOK8YvIRQ6W-hST_B4QnngzWQ38E5scyQ2475W96mixSicrubQq10usHDIOsrLD6Z1vRmMtURbmxApbJpqGQ9B-rlJq7AKzq-H2y2mO-jwRvYISxNOxmVfEq9SgHJQNnFzfmpGl7dFD_iJDXMbHb7ESAQMdxxzgga-ZpxDkqC61fBTgQDU2a2QDTfhlDdAuors1UhrY-v9le1EQLE4NehuY1y0ZaHajOiYBYT-mcTHFgxtCtxy_tv0Q7-jrU0NFRJrcAwajown7uFGKe7zCH4p-l3-7AWkrgk0mBniEJ0SMCWd6dKNrSBX1KgiCjkzl3DvSA7zn1iBhYNR_kzll9NAz2NL5XmMm7V47zLpfbT2cXb4OGQQ0GRuEqxBfZWOs2gVgvI79oecTgjSwQWckmw63CHMum4XS91_oC019IYQbf8DLhvAb-xauAJrRlDJpXon8LMN_HjOpdKsBo_Ux2mRAYCId-sPuo8HWbW0R95dLjhHWvJC7fJ0mfKGUBgfG49_6Mf1lKmU9bY8rHQ6QsnaSZXsfI0RhHeFTp9lBAIOeAaP48Fg6p2sNRHOdLggevXqkHIUG2jOj80eBZ2ODcOh_1YGGLcfPRQpmENndBVJPPjlvbBHaJL1rciyyHgcavczZmqzyYvCFuAyIkgIuH6b4wXMUikA-kTs43fPmtqg9wlejwV699zWINR953Y&cid=CAQSOwBpAlJWLjYwcSU414QO1LjaYx73t4fIDL6V0uq8tkTjRzPxTMxUrNZO4-sP66imGOeqeV5k-OvIpEJaGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=11611818104008489000&adk=2265872549&idt=103&cac=0&dtd=81

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f934206e3b1b6dfb691d130d506169bb2fbbd1e1144d1f3258ef751d3fde993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36492
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 49ms
49ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.842499131200132

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-9m0vjL3iBlAxLc1wVVmyLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-9m0vjL3iBlAxLc1wVVmyLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 50ms
49ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.4256743460914716

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-O6RaXrbh-ypkvS1UazadZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-O6RaXrbh-ypkvS1UazadZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 116ms
48ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vGpJS9-blKgA7zuYvG_5LA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vGpJS9-blKgA7zuYvG_5LA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 7F6C 30 KB
11 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DidsM51AUDJKK7jvjo4KwDT3IpdlL25xTwYFEFflqu_uk4u6oCcoZ_XU9tmYpiGiFdDR3FS52S6mgrQq7qD41_YEe5Eg&cry=1&dbm_d=AKAmf-AJ7r5xicaUxEZ1E_OUaha1QvFKlP_6GGjopY-RAkqTFkvIJ8kcFfNg5r0AxS3Mk0W2ZugogKH0VIa2RGKh3JCVaLd51qeVfoCtgxcQmo9G9M90JHNsh45WH8YPsQicL058QzGwt4tf33WUEYTto3R84sOLmmYXaHSxlakpROn5qJL2CcSzbIudewZtyuawDMpPm8C3A5_kaGOI0KTbNKwuo0oq73n0XoQMZ9yI49mpw26BhF_wHoeciJBMn7L4nSRpwXuGDr9nnN9lLj4if_w_rmTUy0jq_KtYWNbQJuS2ROlTHnbeb_f53PfqE7A67t9W8imlAMGtDBQ06cvvizyT-Ny7KzM9nr6froO2HjJGC35CZLJy9TZAEU_WHZ3IpRCe3Gw1c-yveeJKQgOW1HOHc2AZA1ZXDKDDNY5ASXoU4CR3JJ6cMqBt32WvllZoBr_J-N_nBbnjAHwfnHiyei-49rbsn3W71UXqhkqJ_t6EdVOJcYAVAmyKXDC8Syc2DzQuV2yYYZbL5ZrrOgaMfR2VX8Bqnwgl9TGYbKYGdqMLomHfAh0tODgYay6HuRSOJLBdSS0mfOmLnRqlklPjINMtXmoH1fNdDyngMrt0XZkLAn2K5-FZeliaqZnPrt733lhAhS-i8s_A8lSDgpCJYKaF1CdpnRgperatF4StGS8lqUXjP9JNJLzJALUcmaX28A1Fik0xYoi3cinFDbOAq4wFS3Fu70v_82fYxYUUFj7iVtbju7KvwxUoz836b_SZDQps5MPlUwEE0yfePmOtPOLiseWyzZ_USPhW_qFB8u4AxsnraNEHFoqVpj2vJ81oajx18e2k7j_gPG9bDxZLw6UkRbRRDbv6h4TTm6stUg_ktXJqZHC6ORo_z4rqr2DnATsngguXVdEvGE1lvUZMtxSiPh4evG3D09GxDvEmTYH7lKI2aVO2jEz534-VGBDUvmI2We6zUGBKh8CF1ysVm19h-ZPaqRXwYL_WCW7qoE8yqgJ6WpBEMbuqLFyDbWWTPafAT5t1d9xvUTvHBeuMgcbiZQwdR_Cl2Hyq4Wwq7CJpW4ghvebPaRrMZE_OLThQR7YVw633QdmtAocrLNNEHcovHsYfw8Jli3neRmhDZV3-pQn4yWWdpmUVuS40SY3CXvhNI8J9PTBc1D-qclM29Xe1Ny2JD_qoZ7vihg6GirkFfo9f8gTaKRSFUUPAPbHJw1SiMYID8g_gxBfzPy-PfzrZ3jvi-qa2tOFTHuI5T6qRFr45vodVmKR0KBzxSA3WIO4xVSfYe5mrL8CG6U8Um39DGqyjUCoMKbWYkch9P1U1HtP5mAee1COFO-k90x59xWgvkWTym0_gk53Telvfz8h41EYxomTO6aFGAYFeECLGEv8Ak3shrJZx8Ipk17pdz-6lakTAyfwHi-rWzz2XWqodUuTbMCd6bX02fQTQ2XRxWiarHxD3lpKk2GgxO1cyiJUMRPPTJQFhE8CZYOec8e-JFPUGaqcpsmepeZ6nxxz1E0BqkYkQuycY3Alo-0t8sEv1iISk1fmRszlz-huuJMOdwjChSIBe66D3G2H4lFXiy1nh61awdJCB5j-m-C96zyXxYeD4PzJeEOGmkxVdgaZ7i7dTPCEr7U-ZbhUB17X1AH93WpOPjuchWQgY8uPF2QqEE6njgZU1Ygm1WOvjYP6zNnVn0drO0YNiIzqeIrZXYDF6tZmu6qEKeSRW7ec2nnxJIvyS4IwuCOPHERNTcL31iwQMhibBbs5W-nlHQ8r0KdHpdVvV4NMlDDG8Md1ai_T1jYdvRneki0vOqNQJPHn1zt0e0sErOVdk1ZH0Kora5fEk-49pnzDN0pus3KondsXbpfpY_TtckMS45C0mEiKb-F8UZzsifLnmSKSStyhH7lWdPsCycVU9mQ65FoVGM0kaMOIPBy3w8BGAVCISbibsFrU5f7c2EYmIkSispsJ4uyfskRxq4M-HNpfPXoWDpyZy1nSZQfVWLRllJvPNijJjZkaQhfVTvc02mk0mc1UFC2O3s-IKyOf5OCoOQwvmja8AJBcPOeT7s5zurKv6Qn3vAJryg1ZHVgNl4bLk83_Zk2KXeWoDWRcUng98OaM6GYNFqnnSh0F9e_DqsyivYQDAoDRp-pgvZI6kZDooOejxTv44cudGMLomBzIGmc-oFmFVX-LpkU4cu50H1DsMBBhMKaoOajy04wTGQ1pOyi8ncr7euFtl2wjFGjZ_NoujCRIdKGoy7ec8zSmD6qkG0ncZcs6Hnmw6ehprDepLe04Sny9xg6AXi3SvtUEql1dmIE6-8rketHH9tPE-C8SAywIi41ks22eDCTf6mJQG6B-dWCv0mP56efutQ5UsUIqXXoG3l5BSh2jKsPrcDG8MolAOHR61TbuSv1MK5uqq3YnStD9Tpg2XjCKYBeEEfHTUhedLp9iZfxlXXP9FFGE9l79-xkQo3mxlKbthRwGgKZ5EBhslmxmb4-wceh4SYdtTpm_tHvebgY2kHukDgcafWLV7jyxoMecEfSHsACQx1Kq3bHYj0GwOpTv63LlNXiYdLUjBeGGCkpuOFYzSvtbbaldPU0RBAUF-nBmPEeuoZZ7QbhTuaub48zRk5GDKJ1vQ5tvLrhtE3E58ZkB5VMVgMW73jfGHsjifqIjSjSPctnT8MXPe1s-gPePCyC26MjkpE-HTStOUaqsRUwy8Viq_RU1SVOYp9Le-smtSaKp7XWuBM-cQvTr5DIpvm-JoC2Sjjp-j0uN_3JlYY8RTJ-18kJ3Vd4_zwK0_iWApSmkpWn_-n0Ls48U_D0pLssC3vZN3HJHoUtvbW1XTXATJ50Lkio8JLUty3Uh5DIX4khwgaW3FUDLyxyFA5_h5geM5-Qb0SKjfFSfOL4XNN1r_VO6vfRCDZp-Ff_r1_vtW7y5CIZHSDkFyWKNrdpeQFUebvbHR7OI1FYJXGC_HOB0QlSpzkXErylfElf3a3npWDSIyR4XOXZ6-im2ydYMOK8YvIRQ6W-hST_B4QnngzWQ38E5scyQ2475W96mixSicrubQq10usHDIOsrLD6Z1vRmMtURbmxApbJpqGQ9B-rlJq7AKzq-H2y2mO-jwRvYISxNOxmVfEq9SgHJQNnFzfmpGl7dFD_iJDXMbHb7ESAQMdxxzgga-ZpxDkqC61fBTgQDU2a2QDTfhlDdAuors1UhrY-v9le1EQLE4NehuY1y0ZaHajOiYBYT-mcTHFgxtCtxy_tv0Q7-jrU0NFRJrcAwajown7uFGKe7zCH4p-l3-7AWkrgk0mBniEJ0SMCWd6dKNrSBX1KgiCjkzl3DvSA7zn1iBhYNR_kzll9NAz2NL5XmMm7V47zLpfbT2cXb4OGQQ0GRuEqxBfZWOs2gVgvI79oecTgjSwQWckmw63CHMum4XS91_oC019IYQbf8DLhvAb-xauAJrRlDJpXon8LMN_HjOpdKsBo_Ux2mRAYCId-sPuo8HWbW0R95dLjhHWvJC7fJ0mfKGUBgfG49_6Mf1lKmU9bY8rHQ6QsnaSZXsfI0RhHeFTp9lBAIOeAaP48Fg6p2sNRHOdLggevXqkHIUG2jOj80eBZ2ODcOh_1YGGLcfPRQpmENndBVJPPjlvbBHaJL1rciyyHgcavczZmqzyYvCFuAyIkgIuH6b4wXMUikA-kTs43fPmtqg9wlejwV699zWINR953Y&cid=CAQSOwBpAlJWLjYwcSU414QO1LjaYx73t4fIDL6V0uq8tkTjRzPxTMxUrNZO4-sP66imGOeqeV5k-OvIpEJaGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.sanook.com%2F&ds=l&xdt=1&iif=1&cor=11611818104008489000&adk=2265872549&idt=103&cac=0&dtd=81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11528
x-xss-protection: 0
server: cafe
etag: 1206305422853166885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 17:48:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame 7F6C 11 KB
4 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 00:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 00:01:29 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7F6C 0
0 175ms
81ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5ISIwI9Wh5RitneZ1YSTEKAIJqaR8SQ8STKvZ8vH-SczYNfwwCmxGzRw4_84on7w41qF9tnlcTgkxdk7Oqvbyw02tHEaJjyDvCkv1aFxrKV-pmp5pDCFBZcyHsCfm58YtZs8a5t3xPOW9HvfcQdr3p9U73Z3sOLG69HlrGcRV3u2eoh2kmKkNNW2VCbjQC8p7nFHlVjtQPVr208_DjaO7oiXimia799hi89E2SZFirbhfMPIzsF4YXnPt_hQvlnVaD7TaquisxR3MAC7z2pH28kH0NGlGA3XIxmhynSXRq7MoY8a9YCVRJqrZ1r86D0SswXwrTWXq0JufUzZZNj0F18GyEAYvRjohRGlNWtk6sUomaSzzmUgIlpszXDrtm8aUAA1RnQkd7ppfT4UdHdUuqhrH4ezyHHJWRxkVUVIC1NOI19uQX6keGTVjFVLhvkbC_7HyRIayBTX3FxxIj2Hjd3_Qm4hOsIjY1tR4DrSxJeSsibbEVsP3Tk8chPeluNTJhttp0VmFxwxz8dbac4nxjiX6sB1eXMYywneUjKZUKelKl5zlocDGuyPMd4GY1uuyPM6pbBcXTurxJCM0YdVhws7VLFsMQsaMZjeNcHgyvDXNRutaJVKoHeLA_836InA6nfTgKmVDqgc7FeT123ctc5IrtxUhRhZYPi5eT0E-4rBbxmcFKr_TwHsslIHnGpn215GCdgzD-cnuXolzRvvi7YhcWsrJUchlMRHxMefCghynD0dLMBXrTsBOMBGzAQBbgvlifmnjRBHwQOPz1BmUQvL4u04oWCATpSN7eB0XdT04OFWaXi4isUJipRbKRDFGHopSoFm03cerH43gwJZjQMAsSP7XSZRp8f87n95Hrqd-44-G5OsxTW2DlI_ai8edHbEaI14QxlLmGQN5XRGuhjbZ-qkbLYXRXYVOwMXtdvgP_10gKXBN4SC9sYVkvFOA9bjdlb91bMN6YnOuMLcwwgHmxgreU7ptjY5pKYo9RZ14RzyLeHI-TjZ8QIr5ZxMBSnPcfvSrTw1Q5pEl-KbRGppitWFth9uavagIMyO6-5TrEV1F5G1lbqM-yJk3oU7YBO23C8lFaA5iPNwzK-vAbE6AE8_4w2KhGfJAjS9jX3ykPy11sBPA2tfxuPYJmfgjHVTo7p7tB9v4uoOdFJrkJ9C318iAtEFDDfPfhGK-LkiUBodPTA47HV2UKXFYQWNYBPmir2BH&sai=AMfl-YRkaYNY9c7N9ZDo7SM04rw_L4p1C-YZRrovzcYevt71sBoW3BVKDiWh71hKu9qmSYJIxDWKmbgQWyzgUW2ND8ZVUqiXPxbHszQSgJOH1rpO-OxTUtG_mnTc8KtdFz6KjuE73Lpcp6L2A_PsO-azyy6BH7VA7KebGtqca582A5h6rsxaR6KdidrUyW5jTFjpR8-a7cTg3D-acdyYrX_mopGRpWo_n2s-XqZudJrFGA5CzUrcGsaZS3ajhvQ17rUob38R&sig=Cg0ArKJSzDujVISziUEPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230719.56237&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Jul 2023 11:39:23 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 21 Jul 2023 11:39:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7F6C 41 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 01:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 01:53:14 GMT

GET
H2 200 11562038726807119902
s0.2mdn.net/simgad/ Frame 7F6C 126 KB
127 KB 151ms
35ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11562038726807119902

Requested by

Host: d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
URL: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e6b679072f28ceeb963c1cb0a7d1808526feb6963ad2b4f9989ff789061c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 15:29:37 GMT
x-content-type-options: nosniff
age: 158986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129098
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 09:25:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 15:29:37 GMT

GET
DATA 200
OK truncated
/ Frame 7F6C 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6b89f28ff4ba3df1cd623a76e1aa60a2a157357940d5a5faccb1a3a7f81e7d8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0527 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 4216 0
0

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 75ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:23 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15283"
vary: Accept-Encoding
x-hw: 1689939563.dop107.lo4.t,1689939563.cds278.lo4.hn,1689939563.cds318.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 check Show response
rtbdemand.apiip.net/api/ 197 B
411 B 582ms
514ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d3edd1cdf6fcb7273d035f0d6a093cc21e6936edde3a6051068396d9b4d94e9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"c5-Y8Mjm6LzvZJJ1bik+lJeUtrrzpc"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7ea329c26f8a23b1-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 244 KB
60 KB 131ms
42ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9245d86e1586ee1fefb870e532047ee807be7de4b20bde5bacda824a2b44a5cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:30:55 GMT
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 19:22:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 509
x-amz-server-side-encryption: AES256
etag: W/"868a4a1644a2d6e7983bf0f25513950a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 0uObKPmcBLdWKSRWFyQJNhNSHCMuG-wXyMwgPumh6LF3qlO0Nu-MRg==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CCBF 22 KB
8 KB 33ms
33ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 10:53:29 GMT
expires: Sat, 20 Jul 2024 10:53:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 y2psJhBoNwVXJmnBojBpKT_zZdmvrjA0KY5k9hsTf1o.js Show response
pagead2.googlesyndication.com/bg/ Frame CCBF 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y2psJhBoNwVXJmnBojBpKT_zZdmvrjA0KY5k9hsTf1o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6a6c2610683705572669c1a23069293ff365d9afae3034298e64f61b137f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14724
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 18:11:10 GMT

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/ 14 KB
6 KB 149ms
35ms Script
application/javascript 2600:9000:2491:0:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:0:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:23:34 GMT
x-amz-version-id: 3wlo9N6o9lHB.lru6pVKCS1egaNY6Ajt
content-encoding: br
last-modified: Mon, 27 Mar 2023 06:19:38 GMT
server: AmazonS3
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"22b4da07003fc88ea067e3f866ea9c5a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 951
x-amz-cf-id: pmQvA1ThA9Ru6qD8qSms3xrLyHEG7aeAIiHhd3CfD8nmfXXjkJxbDA==

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 86ms
25ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
last-modified: Tue, 22 Nov 2022 17:41:01 GMT
age: 722
etag: W/"81c857a6c52da1ca7444f198bd33b2ea"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3703

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E77B 0
594 B 42ms
42ms Script
text/html 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
an-x-request-uuid: 17437de9-2bc8-440c-b40a-7d8c1ec3a626
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 5.187.21.105; 5.187.21.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 88ms
30ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 187581
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
372 B 32ms
31ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1&lsw=1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 252831
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
543 B 35ms
35ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 152 B
822 B 141ms
52ms XHR
application/json 52.31.235.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.235.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-235-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f955b0f541d06b588b4449255383d7cebea1781ae2f97139ef979432bb0fea1d

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache
x-server: 10.45.19.138
access-control-allow-credentials: true
content-length: 152
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
388 B 34ms
34ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 0e1da213d54c1103512acc870919870909f8d4432cd6564b782b3fbcae86e36c

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 20 Aug 2023 11:39:25 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
181 B 117ms
29ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 140ms
53ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame CAE9 0
260 B 103ms
24ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 142ms
58ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 141ms
58ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
93 B 140ms
59ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=155976
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.sanook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D177 3 KB
3 KB 30ms
29ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56597483&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: d99a7d1e9b3c94f6e6a89d039a4dab2e9a6c6467f5092f79a9ac603026a33db9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 11:39:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CAE9 3 KB
3 KB 30ms
30ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=806563&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: d99a7d1e9b3c94f6e6a89d039a4dab2e9a6c6467f5092f79a9ac603026a33db9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7F6C 0
0 72ms
72ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5ISIwI9Wh5RitneZ1YSTEKAIJqaR8SQ8STKvZ8vH-SczYNfwwCmxGzRw4_84on7w41qF9tnlcTgkxdk7Oqvbyw02tHEaJjyDvCkv1aFxrKV-pmp5pDCFBZcyHsCfm58YtZs8a5t3xPOW9HvfcQdr3p9U73Z3sOLG69HlrGcRV3u2eoh2kmKkNNW2VCbjQC8p7nFHlVjtQPVr208_DjaO7oiXimia799hi89E2SZFirbhfMPIzsF4YXnPt_hQvlnVaD7TaquisxR3MAC7z2pH28kH0NGlGA3XIxmhynSXRq7MoY8a9YCVRJqrZ1r86D0SswXwrTWXq0JufUzZZNj0F18GyEAYvRjohRGlNWtk6sUomaSzzmUgIlpszXDrtm8aUAA1RnQkd7ppfT4UdHdUuqhrH4ezyHHJWRxkVUVIC1NOI19uQX6keGTVjFVLhvkbC_7HyRIayBTX3FxxIj2Hjd3_Qm4hOsIjY1tR4DrSxJeSsibbEVsP3Tk8chPeluNTJhttp0VmFxwxz8dbac4nxjiX6sB1eXMYywneUjKZUKelKl5zlocDGuyPMd4GY1uuyPM6pbBcXTurxJCM0YdVhws7VLFsMQsaMZjeNcHgyvDXNRutaJVKoHeLA_836InA6nfTgKmVDqgc7FeT123ctc5IrtxUhRhZYPi5eT0E-4rBbxmcFKr_TwHsslIHnGpn215GCdgzD-cnuXolzRvvi7YhcWsrJUchlMRHxMefCghynD0dLMBXrTsBOMBGzAQBbgvlifmnjRBHwQOPz1BmUQvL4u04oWCATpSN7eB0XdT04OFWaXi4isUJipRbKRDFGHopSoFm03cerH43gwJZjQMAsSP7XSZRp8f87n95Hrqd-44-G5OsxTW2DlI_ai8edHbEaI14QxlLmGQN5XRGuhjbZ-qkbLYXRXYVOwMXtdvgP_10gKXBN4SC9sYVkvFOA9bjdlb91bMN6YnOuMLcwwgHmxgreU7ptjY5pKYo9RZ14RzyLeHI-TjZ8QIr5ZxMBSnPcfvSrTw1Q5pEl-KbRGppitWFth9uavagIMyO6-5TrEV1F5G1lbqM-yJk3oU7YBO23C8lFaA5iPNwzK-vAbE6AE8_4w2KhGfJAjS9jX3ykPy11sBPA2tfxuPYJmfgjHVTo7p7tB9v4uoOdFJrkJ9C318iAtEFDDfPfhGK-LkiUBodPTA47HV2UKXFYQWNYBPmir2BH&sai=AMfl-YRkaYNY9c7N9ZDo7SM04rw_L4p1C-YZRrovzcYevt71sBoW3BVKDiWh71hKu9qmSYJIxDWKmbgQWyzgUW2ND8ZVUqiXPxbHszQSgJOH1rpO-OxTUtG_mnTc8KtdFz6KjuE73Lpcp6L2A_PsO-azyy6BH7VA7KebGtqca582A5h6rsxaR6KdidrUyW5jTFjpR8-a7cTg3D-acdyYrX_mopGRpWo_n2s-XqZudJrFGA5CzUrcGsaZS3ajhvQ17rUob38R&sig=Cg0ArKJSzDujVISziUEPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1574&vt=11&dtpt=1573&dett=2&cstd=0&cisv=r20230719.56237&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 11:39:25 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/ 487 KB
143 KB 43ms
43ms Script
text/javascript 2600:9000:2491:0:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:0:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 726b58f8fca916e3c4efa0afa7e16f271dda6ef58ab77c6b57d5aef8181da807

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:23:28 GMT
x-amz-version-id: onjIUxed5HlOewBnvviC_zt.HNByo1UB
content-encoding: br
last-modified: Fri, 21 Jul 2023 11:04:56 GMT
server: AmazonS3
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"8b071862dfd99cca6e5b99423b237c0c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 958
x-amz-cf-id: mcEEmfb5xTHahNYx1XFteSG6b9uZVoVExS5NA1ct7QZ8_aqxIadxRw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 486 B
841 B 39ms
38ms XHR
application/json 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sanook.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: f39a2c7f7532d8fc427e96438ad41aa48b6b57d81b1fe494e0288845216589b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 08:10:10 GMT
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 12555
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 486
x-amz-cf-id: wDlmo6-BCoX68e4sC3pgOmH4yt6J2YrBytFdSofIgsPAm5ghHTrCEA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 117ms
34ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
date: Fri, 21 Jul 2023 03:15:32 GMT
x-amz-cf-pop: FRA56-P3
age: 30643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: OE_JfiwuawutoXMrg-G28M-YpAnFjHGFV8TOX5Auxme6XiVuuz1rgw==

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 118ms
34ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

87dd7c8c26e65d03ebad026973400187c613d1f7d6bdc0e9a2c2e16fdd991b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame D3CD 35 B
600 B 47ms
47ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 21 Jul 2023 11:39:25 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame A134
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
227 B

103ms
103ms

Document
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLpubQACedcupgAN
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy-eglc8600044-LCY
x-timer: S1689939566.569290,VS0,VE82

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 21 Jul 2023 11:39:25 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLpubQACedcupgAN
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy-eglc8600044-LCY
x-timer: S1689939565.467054,VS0,VE81

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 900D
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

22ms
21ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Fri, 21 Jul 2023 11:39:25 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 163C
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f

42 B
323 B

25ms
25ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
content-type: image/gif
date: Fri, 21 Jul 2023 11:39:25 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-5

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 1E8D 43 B
277 B 225ms
62ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Fri, 21 Jul 2023 11:39:25 GMT
Vary: Accept-Encoding
X-adserver-worker: komodo-ff69ae52fd23@version_1.564
X-core-time: 0ms
X-server-arch: v2

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 2C77 43 B
369 B 93ms
27ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Fri, 21 Jul 2023 11:39:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 5A25
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=mh2ampfceqsu

42 B
229 B

30ms
29ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=mh2ampfceqsu
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Fri, 21 Jul 2023 11:39:25 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=mh2ampfceqsu
lws: 90
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame C41E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
403 B

748ms
729ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7ea329cd5ff17193-LHR
content-length: 43
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:26 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7ea329cc2e6d7193-LHR
content-type: text/html
date: Fri, 21 Jul 2023 11:39:25 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 2931

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2AB1
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=

42 B
322 B

22ms
22ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 11:39:24 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8740
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=98e1c1f9e973d5f3aedc201d53917156&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=

42 B
283 B

31ms
31ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 46D5 0
0 137ms
41ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Date: Fri, 21 Jul 2023 11:39:25 GMT
Server: nginx/1.23.3
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 666D
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=

1 B
53 B

24ms
24ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 11:39:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Fri, 21 Jul 2023 11:39:25 GMT
expires: Thu, 20 Jul 2023 11:39:25 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A888
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1689939565475
https://ad.turn.com/r/cs?pid=45&rndcb=3010559829
https://sync.1rx.io/usersync/turn/2569436704448451549?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003

42 B
254 B

23ms
22ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Fri, 21 Jul 2023 11:39:25 GMT
etag: RXe1591f7510654b7cadde0e2c5e00113d003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2 200 mw
mwzeom.zeotap.com/ Frame D177 95 B
439 B 95ms
45ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=61333963-E834-44F8-B30A-B1FF9512E3D3

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7ea329cc1d71385f-LHR
access-control-allow-headers: *
content-length: 95

GET

info
uipus.semasio.net/pubmatic/1/ Frame D177
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent=
https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent=

0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D177
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=7e63be29b9ef4780/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=98e1c1f9e973d5f3aedc201d53917156&gdpr=0
https://spl.zeotap.com/?zdid=1332&zcluid=f17476bdc49862ae
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9544c3b4-e0b7-4434-591a-d05589ffc835&reqId=77609f1c-2a64-44d8-7e63-b299f0ac15e5&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEOEvhg4OUJrWBGKIkWF9rhc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9544c3b4-e0b7-4434-591a-d05589ffc835&reqId=77609f1c-2a64-44d8-7e63-b29...

95 B
154 B

36ms
36ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEOEvhg4OUJrWBGKIkWF9rhc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9544c3b4-e0b7-4434-591a-d05589ffc835&reqId=77609f1c-2a64-44d8-7e63-b299f0ac15e5&zcluid=f17476bdc49862ae&zdid=1332

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7ea329ce189f385f-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEOEvhg4OUJrWBGKIkWF9rhc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9544c3b4-e0b7-4434-591a-d05589ffc835&reqId=77609f1c-2a64-44d8-7e63-b299f0ac15e5&zcluid=f17476bdc49862ae&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame D177 0
187 B 110ms
28ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D177
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:81654084-ad24-4467-baaf-23b33c691072&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

22ms
22ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:81654084-ad24-4467-baaf-23b33c691072&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:81654084-ad24-4467-baaf-23b33c691072&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 21 Jul 2023 11:39:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D177
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7465697009228160066

42 B
95 B

24ms
23ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7465697009228160066
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
an-x-request-uuid: ed844074-31b9-4a32-9077-0501e5557a0c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7465697009228160066
x-proxy-origin: 5.187.21.105; 5.187.21.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame CAE9 95 B
235 B 95ms
47ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=61333963-E834-44F8-B30A-B1FF9512E3D3

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7ea329cc1d72385f-LHR
access-control-allow-headers: *
content-length: 95

GET

info
uipus.semasio.net/pubmatic/1/ Frame CAE9
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent=
https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent=

0
0

GET
H2

200

52799
stags.bluekai.com/site/ Frame CAE9
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e541ee83906507e4c0ddcd5ad9da3c07&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=9657d1d21dcbbbad

62 B
218 B

298ms
201ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/52799?id=9657d1d21dcbbbad
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 21 Jul 2023 11:39:26 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/52799?id=9657d1d21dcbbbad
content-length: 0

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame FD47 35 B
600 B 48ms
47ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 21 Jul 2023 11:39:25 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame A073
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

102ms
102ms

Document
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLpubQACe5EujgAN
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy-eglc8600044-LCY
x-timer: S1689939566.567800,VS0,VE81

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 21 Jul 2023 11:39:25 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLpubQACe5EujgAN
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy-eglc8600044-LCY
x-timer: S1689939565.467157,VS0,VE78

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame CAE9 0
187 B 107ms
28ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 21 Jul 2023 11:39:24 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2ED5
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
74 B

22ms
22ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Fri, 21 Jul 2023 11:39:25 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CAE9
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d24daff9-041d-45cd-a86c-8e6468dec0da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

22ms
22ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d24daff9-041d-45cd-a86c-8e6468dec0da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:d24daff9-041d-45cd-a86c-8e6468dec0da&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 21 Jul 2023 11:39:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2715
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f

42 B
323 B

23ms
22ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
content-type: image/gif
date: Fri, 21 Jul 2023 11:39:25 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-5

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame E377 43 B
277 B 221ms
65ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Fri, 21 Jul 2023 11:39:25 GMT
Vary: Accept-Encoding
X-adserver-worker: erebus-312abb192f92@version_1.564
X-core-time: 1ms
X-server-arch: v2

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame CA38 43 B
203 B 81ms
28ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Fri, 21 Jul 2023 11:39:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8B1C
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=tphgy09bj201

42 B
229 B

30ms
29ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=tphgy09bj201
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Fri, 21 Jul 2023 11:39:25 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=tphgy09bj201
lws: 38
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame AB85
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
449 B

689ms
672ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7ea329cd5ff57193-LHR
content-length: 43
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:26 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7ea329cc2e707193-LHR
content-type: text/html
date: Fri, 21 Jul 2023 11:39:25 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 1207

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0873
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=

42 B
97 B

22ms
22ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 21 Jul 2023 11:39:24 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=61333963-E834-44F8-B30A-B1FF9512E3D3&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 061C
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=98e1c1f9e973d5f3aedc201d53917156&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=

42 B
282 B

30ms
30ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMbTWTUhQjWRSUXgn&gdpr=0&gdpr_consent=

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CAE9
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7465697009228160066

42 B
95 B

25ms
24ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7465697009228160066
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
an-x-request-uuid: 9af846d9-e3b1-49e1-b105-8a779241f4f3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7465697009228160066
x-proxy-origin: 5.187.21.105; 5.187.21.105; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame E1A5 0
0 133ms
46ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Date: Fri, 21 Jul 2023 11:39:25 GMT
Server: nginx/1.23.3
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8D53
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=

1 B
53 B

30ms
20ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 21 Jul 2023 11:39:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Fri, 21 Jul 2023 11:39:25 GMT
expires: Thu, 20 Jul 2023 11:39:25 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:52C98EC123694773A833673AA6F9E05A&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8EB2
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1689939565475
https://ad.turn.com/r/cs?pid=45&rndcb=6232962119
https://sync.1rx.io/usersync/turn/2569436704448451549?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003

42 B
254 B

23ms
22ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 21 Jul 2023 11:39:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Fri, 21 Jul 2023 11:39:25 GMT
etag: RXe1591f7510654b7cadde0e2c5e00113d003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 35ms
34ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 0AJ4W23ZKD15EXAC
age: 657
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ea329cbebd575a1-LHR
x-amz-id-2: kIm5wbOobafhtX8LRDBuWQHvKAnWJKFynbX9x/ar8wYBhG7RIJ0UZDIiYHW9oEwr9hpbLfTSBi0=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
128 B 95ms
95ms XHR
text/plain 34.228.182.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.182.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-182-143.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 21 Jul 2023 11:39:25 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 298ms
95ms Preflight 34.228.182.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.182.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-182-143.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sanook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 21 Jul 2023 11:39:25 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200 617.json Show response
id5-sync.com/g/v2/ 600 B
1 KB 104ms
36ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/617.json

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

776cb78c04fe199cff6109f991b88ac00aafef52bc7dcc904284e42edbe33ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
401 B 41ms
40ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

00ba14b8d14bfe3b23904417ace5042c5cc2fa6689b5b103bcc65495db4568c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sanook.com
date: Fri, 21 Jul 2023 11:39:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBF 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtVFYa266ZP7nKrS5x_APsK6fsAYAAAAAOAHgBAI&bg=!UVKlUgbNAAZsPphkTD47ADkAdvg8WpixTz2cKaKrfxOWdG3EoRV617mzat7QfNV9Q7_oNRnCI3y1ywPZRGznVqnlhvzH0GYHWNwCAAAAm1IAAAAHaAEHmQNHM_Nhxqn8D7FlT0azLwmY6UpCFKlDItLJE8HSWLyAnA0Re7C3UOR4rYRQ3jT_7vzlgR_vKqwrhxEFVbanRADjA5K0s-2qH1SmttfN6qVE8DKO_KWsRSxKb5Tqs6fMchjOFWznAgbCyXplNPxoO3t79NaRnufXZyui-GJ_jypRwh_67SLwZ2j_BxCsKlwJyTrM5BORbgDWv--bRdFTxXe_1_ouCEoZyOlfMIolw3wiCz27kO-t-dvyvTwOVyvsSFl00xo9yx64W12BExCTUkGShmi3zBDujAp3c7CUgEKSaKxYI7FHMjO66BYPVxyK2K9qDLmF-dRLWa78O0nCplqLBNWVY25zSF02xUhPbpWbZNj_NWm1-04rsQ7h3470JnNZ-aQLnBO_hcwokc2Zobm5ql8oCT37W_Ln6I2Ut6cwfmWC1w42oBMRfkkL1O-nLLOSyfXBVtzLCC-O8rqDTlSzE9cigOi_51xR7i1zTielJgjcjXEaGYCHz2rNMqYlRoBKYGCIp8SveTQ_n9grudsYf_L6jWXOXO4fQe_KjyhUXyiRRBY3mP1Eji9-uhuTgrioYVedZTyok7dKAwcAjeiMqYLwikvTV2rY9_jabkwiCEydOnBqlu4llLhh34BZNIRPb-TxvMs0ojhulGiVW7IjBfIKa0YeWvwxd4OF3_ljOw0qOUl3BsW2M-AOw9ocP9Lfo8pN-7Hkoo4mqVnRvIx3CaMaIx9qJrtTmrgXv06TBhRv_zw7BuPzW-jCTEr9DoRGDS7y4e81j_XK8P8GmhqLLA8HXxiG8oxyFj_1MXESVuItxpWirfbSxi0IbJ6doBBdb3lORNmaX5gwmut_zki7qB-val0QKDTzNrFPr_OGsvGQidt4lh9I4IHKkpMXaesbQI-ocyizmRqufLYEP0BBY_yRq1EWaASgTckjZ5fGEkGjMY5v4hBUF93F5l3fLif-ZXYHXBiVObTVVjk9EtQ8bABC9ApGqUfogznPV7yp85eFqxsyKLkVK-nXP8y2AhTQx5I_Qr3SexYlE340DMQSb-5lZW9_Ok0xF-aMeZGaisXGnoMt4bt1z5ob3iLnGrnQCM9DKuZsAEVy3FAqj60u8OyULVpSD2I

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 984.json Show response
id5-sync.com/g/v2/ 600 B
1 KB 87ms
40ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/984.json

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

21e4dbdbb7e3cdc5fa870a867f7c497c85048a9f6922a057452d9772b8b241d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.sanook.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://id5-sync.com/i/984/8.gif?id5id=ID5*daQUwWEsik_QwpLLP6a-gtypczqJ_Pn8HZzVMDF4ho1Wslq-PZQGHIT1kpVj2m-vVrOkK1kVyNfC1SMmnlHASg&o=api&gdpr_consent=undefined&gdpr=false
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-040bJLyu7JVStmh6NpohmTlXmcxs3V9YDPGTdOiiLg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F984%2F3%2F7%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/984/3/7/2.gif?puid=b42864ba-6e6d-4900-b9a0-bc205d39367d&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
264 B

34ms
34ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Jul 2023 11:39:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
date: Fri, 21 Jul 2023 11:39:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H3 200 advert33. Show response
fundingchoicesmessages.google.com/f/AGSKWxWXtgY_DQ_p1CIuHuXMEBYyAkITG1JVfiUt9xKZWddCIBoM9KZLLR8VLIZ2Kajr96NGcNkGf-1yNBat_LPTTgo3TQ7B0R9FplF_I5eNoFBY_fWf7WXz4EHFu4zbQDWIKY4LMFwJ_LzgZYHPKeAG2BcAAaw6h... 54 B
109 B 64ms
64ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWXtgY_DQ_p1CIuHuXMEBYyAkITG1JVfiUt9xKZWddCIBoM9KZLLR8VLIZ2Kajr96NGcNkGf-1yNBat_LPTTgo3TQ7B0R9FplF_I5eNoFBY_fWf7WXz4EHFu4zbQDWIKY4LMFwJ_LzgZYHPKeAG2BcAAaw6hQKjXzefa33_nyI8-r3i9dFxFcgEqWFh/_/PageBottomAD./adleaderboardtop._gallery_ads./gourmetads-/advert33.

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38bb1c467ced03bac525d633d19adacae5b4e4e314507926eecc6f0598b55eb9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2p9zsNeXWaw2vVKqul4yOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2p9zsNeXWaw2vVKqul4yOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 12:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 12:30:24 GMT

POST
H3 204 AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8sIgkqVq6YAjmeLP03bmbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8sIgkqVq6YAjmeLP03bmbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 49ms
49ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1UUZi2_cj32XHU9UC8cLfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1UUZi2_cj32XHU9UC8cLfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 46ms
46ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_dC-RKfAbrH1hKkjBQVk8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_dC-RKfAbrH1hKkjBQVk8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 47ms
47ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXVUoMgP7zvKZuTtNL6PTps1TBRWqiiselfSu0Pl7j7J3i4y09D7YxFeBuqC9mt-0ikPnx6CurGg48arbbmdvcrbeeu3Tr6mJjW44-wdFHPd40MXEXVFu9qM4PlKBbnhjuvo5K_gw==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BOGiVen1qP5PJwQJsEnq0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BOGiVen1qP5PJwQJsEnq0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.sanook.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUa8uU51PJ_aTScYfPITaIOLrht3ER-ZBl9LVQ1gTjRihF0uNi_Jjmwp4_4tsoNIyrZ8wdaqlOp3i5IcMeY8Wmv5vGNDlN_6HfZO-VPsK8MMYc1WURUdoK8ttMMzWDNyxsYJ2lnwQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUa8uU51PJ_aTScYfPITaIOLrht3ER-ZBl9LVQ1gTjRihF0uNi_Jjmwp4_4tsoNIyrZ8wdaqlOp3i5IcMeY8Wmv5vGNDlN_6HfZO-VPsK8MMYc1WURUdoK8ttMMzWDNyxsYJ2lnwQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg5OTM5NTY1LDg4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnNhbm9vay5jb20vIixudWxsLFtbOCwibUtGcmh0cW1SY2siXSxbOSwiZW4tR0IiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ea76c15b35c07b2699cdac2510aa3c9d57af688f0c26ae140c9e4bea481d848

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NuDyxgo7fGrR01V8lWK4oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NuDyxgo7fGrR01V8lWK4oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXlPQ1euDvQ8NoEfSrNVz-eeveYuUxN2QIdDCkP897MRNZLQRfLtrGTaBHf-Th2O3BpGjoop0Gnzw-DawDMtmqPJVW9vQsd1qTfp0wEDOqVhlpYccbmTUbb6UbBqWGJBkwkH7VaQQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 157ms
156ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXlPQ1euDvQ8NoEfSrNVz-eeveYuUxN2QIdDCkP897MRNZLQRfLtrGTaBHf-Th2O3BpGjoop0Gnzw-DawDMtmqPJVW9vQsd1qTfp0wEDOqVhlpYccbmTUbb6UbBqWGJBkwkH7VaQQ==

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Eazk2cct56hzcfuJIoGbew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Jul 2023 11:39:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-Eazk2cct56hzcfuJIoGbew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.sanook.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F6C 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3679530598445&version=m202306200101&ct=76&x=1&cor=11611818104008489000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F6C 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyY3pUOV8lkyLpHcZtM-scTpejCAlCFDr_h-X_XFFLQNB4ebovIQH2a0h0ufaKYdR8umhDC3F6ptCmoXft_mMqO3qp1BXEoCck9sKp95MaaAo4dPN2mDwON5-F6wTgUYuk3JVU7ngKQXca&sai=AMfl-YS8d_mEjfmykFxmeeMx7WmlnX9YATilaGsa-KHpJmD3mGHm_FOdqt0-OaIM-Sa0j-lzS9806ZoUaOhhxoxB3Wu9Vg8OOK04dIG8nvDsjRlbJyWNt14V7BIoIYM&sig=Cg0ArKJSzKOGI1hBnp5VEAE&cid=CAQSOwBpAlJWLjYwcSU414QO1LjaYx73t4fIDL6V0uq8tkTjRzPxTMxUrNZO4-sP66imGOeqeV5k-OvIpEJaGAE&id=lidar2&mcvt=1000&p=861,1033,1111,1333&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4033539290&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689939563430&rpt=1909&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 11:39:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prebid-custom.js Show response
rtbpass-us.andbeyond.media/ 579 KB
176 KB 316ms
24ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 11:39:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 05:05:05 GMT
ETag: "1662959105"
X-HW: 1689939566.dop241.lo4.t,1689939566.cds056.lo4.shn,1689939566.dop241.lo4.t,1689939566.cds315.lo4.c
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=22419840
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 180108

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
3 KB 142ms
36ms XHR
text/html 2600:9000:236e:8000:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: www.sanook.com
URL: https://www.sanook.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:8000:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer: https://www.sanook.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date: Fri, 21 Jul 2023 06:18:57 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 19230
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: Zb6ci2-3nAmorshjIu62KMFn-NJBJN3aikHlP60_IoNoKy9SLNR5yQ==

GET
H2 200 tgframe.html Show response
cdn.taboola.com/webpush/ Frame 7295 530 B
742 B 193ms
192ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/webpush/tgframe.html
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

abp: 66
accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: private,max-age=14400
content-encoding: gzip
content-length: 290
content-type: text/html
date: Fri, 21 Jul 2023 11:39:26 GMT
etag: "279913f0b9685fbf713832b8a94e8140"
last-modified: Tue, 25 May 2021 10:44:34 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: 7/2MRj7Yz3Px+KjqdzNfvS63dkNyYe3UU0FKcsUeQ7cAyzMuRetInEYCxkS7TFgVSrctqiwMwDI=
x-amz-replication-status: COMPLETED
x-amz-request-id: CS29MM913K4ANMZZ
x-amz-version-id: eCJpg3h26Rvju2v48GlDAqZa5i1cGp21
x-cache: HIT
x-cache-hits: 14
x-served-by: cache-lcy-eglc8600077-LCY
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689939567.825235,VS0,VE171

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ 23 KB
10 KB 82ms
23ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1071.min.js

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 varnish
date: Fri, 21 Jul 2023 11:39:26 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2HP8HRTAQJMKJH7B
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9494
x-amz-id-2: t5/yL6+iKm00KaniqWGGRobmHEhFikuC+/xfjPipp3rzVmuy4AoqUgaQWr4oq0mpFN4UPbT+t+8=
x-served-by: cache-lcy-eglc8600072-LCY
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1689939567.885902,VS0,VE0
etag: "a1a545c95f313a230157b47dca555c25"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1250

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 82ms
81ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307170101&st=env

Requested by

Host: www.sanook.com
URL: https://www.sanook.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6216e1876d6e4f68be0010735d5697fba788b6f069d36d4ed889d47d620def23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11873
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 11:39:26 GMT

GET
H/1.1 200
OK 8f062114d3 Show response
bam.nr-data.net/1/ 57 B
555 B 335ms
229ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=10201&ref=https://www.sanook.com/&be=2955&fe=10111&dc=4639&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1689939556703,%22n%22:0,%22f%22:2304,%22dn%22:2305,%22dne%22:2305,%22c%22:2305,%22s%22:2504,%22ce%22:2707,%22rq%22:2707,%22rp%22:2926,%22rpe%22:3126,%22dl%22:2928,%22di%22:3139,%22ds%22:4639,%22de%22:4641,%22dc%22:10110,%22l%22:10111,%22le%22:10114%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 11:39:27 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=iso-8859-1
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7ea329d5ef6b7198-LHR
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E8E 13 KB
5 KB 34ms
33ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:19:13 GMT
expires: Sat, 20 Jul 2024 11:19:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7A81 783 B
536 B 44ms
43ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8cb021ad9e462e75ef9bf7ad22ee919220c637cc67352cfe020135f475720e5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3yelU6PCnXzCujkWczMOHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sanook.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-3yelU6PCnXzCujkWczMOHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 11:39:26 GMT
expires: Fri, 21 Jul 2023 11:39:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 y2psJhBoNwVXJmnBojBpKT_zZdmvrjA0KY5k9hsTf1o.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E8E 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y2psJhBoNwVXJmnBojBpKT_zZdmvrjA0KY5k9hsTf1o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6a6c2610683705572669c1a23069293ff365d9afae3034298e64f61b137f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 18:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14724
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 18:11:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7A81 0
0 63ms
63ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307170101&jk=3309895412250454&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4E8E 0
10 B 33ms
32ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5l_F2w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame D177 0
128 B 22ms
22ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame CAE9 0
128 B 23ms
22ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:39:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307170101&jk=3309895412250454&bg=!VFelVwPNAAZsPphkTD47ADkAdvg8WjlI9Mox8yMVXUI3e4uScba84NfzMWPXTvMFSmPJGz6rg3r6YkKNJ0zwa2RaeMtqreY1fLQCAAAASFIAAAAIaAEHmQL0yoB-Y38bsCnGyo0hv29prOKk2mDoUSlJdgr90MUAU80m5plBvkdvcSTXS4AHWcThoUrdi828SZG2ST5I0yZurZAe486jIMCLYBfHmuEWeLVuH4ew4QxN6KbLRpwjkm-WCy1YDI13puQk3pZgLL_vVUmDYd1J7zto4MnKflEPKe3G52ruW0FQSyAD4VX7lxSbw6_dJfXIMfghNOaiJw1VQzU61Rj5J0Q3XwhS4s0oKiTBEBaGbl389aEcpBOYrniQQ211I83c_OJ4Pg8vThAUvoaCu2IzAsZRaVc5R6CKmVDpOI-fbnYr2eXU1CxBlO22Z-xlvumkOFIQS46FgcX6a3WoB_m--DHcsMW8SjCBqCsW7baV1sB6M3q0AanMHMY717_rDv6wFwwn2vYXwYjPL50ZuE4STTNmfyZn_JV5TCsexN50RUyskxVStibxnPnd5E2T2U5G92Ra72ATtCmGcUPLae8_-Eher6falBlrYuqe9zGQXCix-bI9az0RnosP3mhJSpn0UmjC2O78fHHjGS0oy7jOT2WZE40h3oPGFQM3XgYJ1ESPjUbqhF7WKrKyTqKD7FTiH1o559ULx0meXK2cLu82hlP4i11pchdNvefjcW24513rh1Uo8H9Cs889lFQK6cwLGCXHrn-SlRx4Og3Eyt4XnPb-O6BPhS-e9lvW-9s34sWW51nzdN9fNr3GwbDonXOCF_Um71PEO5OcW6ckN9HVtdCmFZlCRwmZHtVN0ptgTqio0UBH770S1wiBtrOFMhxIsIrh4xN25wOoqUhvHQdki6oYELJTlOODAbFn3_X7occ3TqJRG3rl1DJQmO8i3M9KhBXW-L7AxrxG2ZSms2akgZW5csU35WYpxv7i2L4Mf-lfskHyMAx6KZOlb3Noses_VmMiHkrhvzt8DZBy4BWvYBLf4_9rGfQlt57HXfmTaVhhHxGJkZHtee09XuHsA70mQJUhY5uWiEmxt4UoPCBkk4Qv_7tsU_4fCcm9jKC1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D177 47 B
167 B 29ms
29ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95741957&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=155976
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 21 Jul 2023 11:39:27 GMT
content-length: 47
content-type: text/html; charset=UTF-8

GET
H2 200 tagline-template-update-april.jpg
s.isanook.com/fi/0/fp/380/1902405/ 27 KB
27 KB 29ms
29ms Image
image/jpg 43.152.42.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.isanook.com/fi/0/fp/380/1902405/tagline-template-update-april.jpg?ip/crop/w555h333/q80/jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

43.152.42.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

fc7b20a846e61d36f3979b45ec6c47d71a8dbe6915179d7c554c17985c2b0002

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 11:17:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-cache-lookup: Cache Hit
server: Lego Server
age: 0
content-type: image/jpg
x-nws-log-uuid: 9841857051338088424
accept-ranges: bytes
content-length: 27373

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
33ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=647627798&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fp-eventpromote-redirect&ea=click&el=fp-eventpromote-redirect&_u=aADAAEABQAAAACAEK~&jid=&gjid=&cid=1484123415.1689939562&tid=UA-8147095-6&_gid=1603819851.1689939562&gtm=45He37j0n81PNXLXRS&cd4=0&cd12=1689939571324.kv5wpndh&cd43=0&cd44=2&z=1039412932

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jul 2023 21:50:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49761
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK c
sal.isanook.com/sa/ 35 B
355 B 202ms
201ms Image
image/gif 203.151.133.6
INET-TH-AS Intern...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sal.isanook.com/sa/c?v=1&_v=j41&a=252193375&t=event&_s=2&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fp-eventpromote-redirect&ea=click&el=fp-eventpromote-redirect&_u=SEAAAAABC~&cid=464640570.1689939562&tid=SA-8147095-6&cd4=0&cd8=b&z=421488186
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.151.133.6 Mueang Samut Prakan, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS: 6.134.151.203.sta.inet.co.th
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.sanook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 21 Jul 2023 11:39:31 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: no-cache, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET d
dc.sanook.com/sanookStat/userActBinary/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1015r6j2sOXO-YAWTktN0rYuWnNuo89y7mn2gQ7b5HNVpmcAZy0fk7WXeg2s9SJjvcoJ-vuyExW9e4mURtGE3Gl-Sk4ROY-Le6cyU9KkqrYsyveSg&sig=Cg0ArKJSzILF2wmiZ9qhEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230719&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=345054422&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1689939562584&rpt=308&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxVHBf2BzovfbYGuCBRTvuXgSqtpy8uB1YLJtuHUU38kaFYxaHxwqdUhgSnGdlm0FZIevl48nZXtvJMCxx4YtOPnK5-0jC4tTlnKHkTuPBqRtLKlmE&sig=Cg0ArKJSzEv5BbRPPIleEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230719&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=178697795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1689939563105&rpt=200&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: uipus.semasio.net
URL: https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent=

Domain: uipus.semasio.net
URL: https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=61333963-E834-44F8-B30A-B1FF9512E3D3&sInitiator=external&gdpr=0&gdpr_consent=

Domain: dc.sanook.com
URL: https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=252193375&t=event&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fp-eventpromote-redirect&ea=click&el=fp-eventpromote-redirect&cd4=0&cd22=firstpage&cd23=indexpage&_gid=1603819851.1689939562&_u=CAAAAEABC~&cid=1484123415.1689939562&tid=DC-8147095-6&z=257735515

Verdicts & Comments Add Verdict or Comment

718 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

149 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sanook.com/	1970-01-20 15:35:15	Name: _gcl_au Value: 1.1.1406557898.1689939560
.sanook.com/	1970-01-20 15:35:15	Name: _fbp Value: fb.1.1689939560571.1395776728
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose Value: 1
.sanook.com/	1969-12-31 23:59:59	Name: _cbclose45879 Value: 1
.sanook.com/	1970-01-20 22:11:15	Name: _uid45879 Value: 30804A78.1
.sanook.com/	1970-01-20 13:25:40	Name: _ctout45879 Value: 1
www.sanook.com/	1969-12-31 23:59:59	Name: verify Value: test
.sanook.com/	1970-01-20 22:11:15	Name: sa_optout Value: 2
.sanook.com/	1970-01-20 22:11:15	Name: dc_optout Value: 2
.sanook.com/	1970-01-20 22:11:15	Name: ads_optout Value: 2
.sanook.com/	1970-01-20 22:11:15	Name: _ht_v Value: 1689939561.7095742212
.sanook.com/	1970-01-20 13:25:41	Name: _ht_s Value: 1689939561.2
.criteo.com/	1970-01-20 22:47:15	Name: uid Value: edd30e37-34d3-483e-bcd9-1f9600bf9ada
.doubleclick.net/	1970-01-20 22:47:15	Name: IDE Value: AHWqTUltg4Lt95qgy_9c93UOgtADKsUEAfztIspHiZD-6QtJCgNdRxllmG2Eu2K0
.scorecardresearch.com/	1970-01-20 23:01:39	Name: UID Value: 1FE246334248bf18a0006011689939561
www.sanook.com/	1970-01-20 14:08:51	Name: _pbjs_userid_consent_data Value: 3524755945110770
.sanook.com/	1970-01-20 23:01:39	Name: _ga_M0RYDTKBFK Value: GS1.1.1689939561.1.0.1689939561.60.0.0
.sanook.com/	1970-01-20 23:01:39	Name: _ga Value: GA1.2.1484123415.1689939562
.sanook.com/	1970-01-20 13:27:05	Name: _gid Value: GA1.2.1603819851.1689939562
.sanook.com/	1970-01-20 13:25:39	Name: _gat_UA-8147095-6 Value: 1
.www.sanook.com/	1970-01-20 13:27:05	Name: freq.5f73e63e47e7040e00000000 Value: 1
.sanook.com/	1970-01-20 23:01:39	Name: _sa Value: SA1.2.464640570.1689939562
.sanook.com/	1970-01-20 22:47:15	Name: cto_bundle Value: l6xfZV9YbU45M2VMTG5KM1lMT3FaaktVWlpOZDVDMVNLMVB0QjNQNlZCd3E5NUlZUHFsTkcwU0NGNklpMzZhNmRYck0xNkVjeDZhJTJGQ3FqUkNFRU9rN3R1dWVmRFltWTA5dEU2ajdFVUEzVm50YzhBWURLaUhlcEYxZ1l3MThCZEZ3bFZKNXJ4aHdwdUpCYm16NVg5bXZxSEV3dyUzRCUzRA
.sanook.com/	1970-01-20 23:01:39	Name: _ga_17F0RQM2JW Value: GS1.2.1689939561.1.0.1689939561.60.0.0
.innity.com/	1970-01-20 23:01:39	Name: iUUID Value: df745fb0356e487fae60870b56b3fac5
.sanook.com/	1970-01-20 23:01:39	Name: iUUID Value: df745fb0356e487fae60870b56b3fac5
.sanook.com/	1970-01-20 13:25:41	Name: innity.dmp.225.sess Value: 1.1689939562510.1689939562510.1689939562510
.sanook.com/	1970-01-20 13:25:41	Name: innity.dmp.225.sess.id Value: 129755865.225.1689939562510
.sanook.com/	1970-01-20 13:27:05	Name: innity.dmp.cks.innity Value: 1
.pubmatic.com/	1970-01-20 22:11:15	Name: KADUSERCOOKIE Value: 61333963-E834-44F8-B30A-B1FF9512E3D3
.sanook.com/	1970-01-20 13:25:39	Name: lotame_domain_check Value: sanook.com
.weborama.fr/	1970-01-20 22:51:34	Name: AFFICHE_W Value: y-pn4sUB6sbL50
.adnxs.com/	1970-01-20 15:35:15	Name: uuid2 Value: 7465697009228160066
.adx.opera.com/	1970-01-20 22:11:15	Name: UID Value: OPUd268309302c345909e9327e6f3f77738
.quantserve.com/	1970-01-20 15:35:15	Name: d Value: EKsBCwHCKfijAA
.quantserve.com/	1970-01-20 22:55:53	Name: mc Value: 64ba6e6a-9fd78-7735d-43938
.adfarm1.adition.com/	1970-01-20 15:35:15	Name: UserID1 Value: 7258235151031793812
.simpli.fi/	1970-01-20 22:12:41	Name: suid Value: 52C98EC123694773A833673AA6F9E05A
.sanook.com/	1970-01-20 22:47:15	Name: __gads Value: ID=2b2664218bedf4be:T=1689939562:RT=1689939562:S=ALNI_MbFvoMpoJ-24-a-pwsk2Xzs5zZooQ
.sanook.com/	1970-01-20 22:47:15	Name: __gpi Value: UID=00000c6e79f0c9b1:T=1689939562:RT=1689939562:S=ALNI_MYtzrO74LR1l1IbWepoWOoauuQ3jw
avd.innity.com/	1970-01-20 13:27:05	Name: geo Value: EU%3BUnited%20Kingdom%3BGB%3B%3B%3B
.adform.net/	1970-01-20 14:10:17	Name: C Value: 1
.bidr.io/	1970-01-20 22:54:13	Name: bito Value: AAEL7E7JdN0AACV4MVKXaA
.bidr.io/	1970-01-20 22:54:13	Name: bitoIsSecure Value: ok
.crwdcntrl.net/	1970-01-20 19:54:25	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 19:54:25	Name: _cc_id Value: 98e1c1f9e973d5f3aedc201d53917156
.pubmatic.com/	1970-01-20 14:08:51	Name: KRTBCOOKIE_1101 Value: 23040-7258235151031793812&KRTB&23369-7258235151031793812
.sanook.com/	1970-01-20 19:54:27	Name: _cc_id Value: 98e1c1f9e973d5f3aedc201d53917156
.openx.net/	1970-01-20 22:11:15	Name: i Value: 43edf4a0-8d87-403e-87e2-7d6bfa221632\|1689939562
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_153 Value: 1923-7fxGX-2tEl_28UJa7PAJCez7EVr2_BcH6PDrDPLf&KRTB&19420-7fxGX-2tEl_28UJa7PAJCez7EVr2_BcH6PDrDPLf&KRTB&22979-7fxGX-2tEl_28UJa7PAJCez7EVr2_BcH6PDrDPLf&KRTB&23403-7fxGX-2tEl_28UJa7PAJCez7EVr2_BcH6PDrDPLf
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_80 Value: 22987-CAESEEfvHTTKCveIn7G_Ct1xKhw&KRTB&16514-CAESEEfvHTTKCveIn7G_Ct1xKhw&KRTB&23025-CAESEEfvHTTKCveIn7G_Ct1xKhw&KRTB&23386-CAESEEfvHTTKCveIn7G_Ct1xKhw
.adform.net/	1970-01-20 14:52:03	Name: uid Value: 6944312430359264284
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_57 Value: 22776-7465697009228160066&KRTB&23339-7465697009228160066
.rubiconproject.com/	1970-01-20 22:11:15	Name: khaos Value: LKCIDS0W-G-IFB0
.rubiconproject.com/	1970-01-20 22:11:15	Name: audit Value: 1\|naVuGyos1qppu747P7aQU6JvvWgC/Qcxgndhc+y7+ZCNYn/DPDvN4vOMk9QGzldMtPRa9KYHFgsSaDIhezvM4cxuhZpbWKLt/JgzSZGAY9u+xUA9sgf/4eNEKcfJxgEB
.bidswitch.net/	1970-01-20 22:11:15	Name: tuuid Value: 8c236a56-bd72-40c7-821e-231ca3fc6555
.bidswitch.net/	1970-01-20 22:11:15	Name: c Value: 1689939562
.bidswitch.net/	1970-01-20 22:11:15	Name: tuuid_lu Value: 1689939562
.rfihub.com/	1970-01-20 22:47:15	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFpaWxpamZkYWgMAH8yYSgQAAAA
.rfihub.com/	1970-01-20 22:47:15	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjOwNDEzNTAxNBPiM9QtSatMd00ud0lz9s8EALTKYXklAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjOwNDEzNTAxNBPiM9QtSatMd00ud0lz9s8EALTKYXklAAAA
.pubmatic.com/	1970-01-20 14:08:51	Name: KRTBCOOKIE_391 Value: 22924-6944312430359264284&KRTB&23263-6944312430359264284&KRTB&23481-6944312430359264284
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_18 Value: 22947-5141210826094650416
.turn.com/	1970-01-20 17:44:51	Name: uid Value: 2569436704448451549
.amazon-adsystem.com/	1970-01-20 19:32:51	Name: ad-id Value: A1Sn4Mk-40dCoOo-TVqW2FU
.amazon-adsystem.com/	1970-01-20 23:01:39	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 14:08:51	Name: KRTBCOOKIE_22 Value: 14911-2569436704448451549&KRTB&23150-2569436704448451549
sync.srv.stackadapt.com/	1970-01-20 22:11:15	Name: sa-user-id Value: s%3A0-1461cd0e-8d79-5b22-741e-394fb682a8bc.X2SM931R2myrau0tEBWJyofScOv1YEZ3SdHl2zoReoo
.srv.stackadapt.com/	1970-01-20 22:11:15	Name: sa-user-id Value: s%3A0-1461cd0e-8d79-5b22-741e-394fb682a8bc.X2SM931R2myrau0tEBWJyofScOv1YEZ3SdHl2zoReoo
sync.srv.stackadapt.com/	1970-01-20 22:11:15	Name: sa-user-id-v2 Value: s%3AFGHNDo15WyJ0HjlPtoKovAW7FWk.A8ue0zw14ovOJsp3Ji%2BAvvjkJFHK8PSzpO3CoGZAz2g
.srv.stackadapt.com/	1970-01-20 22:11:15	Name: sa-user-id-v2 Value: s%3AFGHNDo15WyJ0HjlPtoKovAW7FWk.A8ue0zw14ovOJsp3Ji%2BAvvjkJFHK8PSzpO3CoGZAz2g
sync.srv.stackadapt.com/	1970-01-20 22:11:15	Name: sa-user-id-v3 Value: s%3AAQAKIGEBXK4QipDwfyUmxUwkP9RL9mINvBWHwjU1Hcd8xfGXEHwYBCDq3OmlBjABOgTtmLXMQgT8Tm0N.knoDssWzv%2B4BKYZsHn%2FBsoWDVdeGtSZRYIEcRDBDSpY
.srv.stackadapt.com/	1970-01-20 22:11:15	Name: sa-user-id-v3 Value: s%3AAQAKIGEBXK4QipDwfyUmxUwkP9RL9mINvBWHwjU1Hcd8xfGXEHwYBCDq3OmlBjABOgTtmLXMQgT8Tm0N.knoDssWzv%2B4BKYZsHn%2FBsoWDVdeGtSZRYIEcRDBDSpY
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 36c9c3e6836602ea
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_860 Value: 16335-FGHNDo15WyJ0HjlPtoKovAW7FWk&KRTB&23334-FGHNDo15WyJ0HjlPtoKovAW7FWk&KRTB&23417-FGHNDo15WyJ0HjlPtoKovAW7FWk&KRTB&23426-FGHNDo15WyJ0HjlPtoKovAW7FWk
.audrte.com/	1970-01-20 13:47:15	Name: arcki2 Value: 9aho1i-klRQQaaJEqJPN9uToA!20220908!1689939562906!ip#5.187.21.105
.audrte.com/	1970-01-20 13:47:15	Name: arcki2_pubmatic Value: 61333963-E834-44F8-B30A-B1FF9512E3D3!20220908!1689939562909
.taptapnetworks.com/	1970-01-20 22:11:15	Name: SONATA_ID Value: csonata_ebe63144-29bc-4b0b-a30a-acf880281b2f
.smartadserver.com/	1970-01-20 22:55:53	Name: pid Value: 5105884918991444935
.smartadserver.com/	1970-01-20 22:55:53	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 22:12:41	Name: csync Value: 127:AAEL7E7JdN0AACV4MVKXaA
.audrte.com/	1970-01-20 13:47:15	Name: arcki2_ddp2 Value: 9aho1i-klRQQaaJEqJPN9uToA!20220908!1689939563061
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_466 Value: 16530-8c236a56-bd72-40c7-821e-231ca3fc6555
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_699 Value: 22727-AAEL7E7JdN0AACV4MVKXaA
.audrte.com/	1970-01-20 13:47:15	Name: arcki2_adform Value: 6944312430359264284!20220908!1689939563241
.casalemedia.com/	1970-01-20 22:11:15	Name: CMID Value: ZLpua14KQ6.PcFtkoXRwugAA
.casalemedia.com/	1970-01-20 15:35:15	Name: CMPS Value: 3205
.casalemedia.com/	1970-01-20 15:35:15	Name: CMPRO Value: 3205
.csync.loopme.me/	1970-01-20 15:38:08	Name: viewer_token Value: a4fda342-4052-4fde-8873-b8aab2c27185
.yahoo.com/	1970-01-20 22:11:37	Name: A3 Value: d=AQABBGtuumQCEG-L0dMXrUESjV87g34DGxAFEgEBAQG_u2TEZAAAAAAA_eMAAA&S=AQAAArUdCZ9HuPypJniyAIJVzPY
.adgrx.com/	1970-01-20 22:54:27	Name: ADGRX_UID Value: 3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
.adgrx.com/	1970-01-20 13:27:05	Name: ADGRX_CM_CASALE_BRIDGED Value: 1
.linkedin.com/	1970-01-20 22:11:15	Name: bcookie Value: "v=2&8f2c09ee-4c21-4872-8723-241ca5251b0a"
.linkedin.com/	1970-01-20 17:44:51	Name: li_gc Value: MTswOzE2ODk5Mzk1NjM7MjswMjGbeFqHecuNOtjnCW59yDsWEj7dmgPpgLkWqTg66xvaGQ==
.linkedin.com/	1970-01-20 13:27:05	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2941:u=1:x=1:i=1689939563:t=1690025963:v=2:sig=AQE6ikjIcpNc6-pmHpGW3fF_Xc6vd6Ud"
.doubleclick.net/	1970-01-20 17:44:51	Name: APC Value: Aa3gxNp8fn38rmELkyE9V0c-VGP7yahy7IT6PchjyX85N9e8-TyKAg
www.sanook.com/	1970-01-20 13:25:43	Name: _lr_retry_request Value: true
www.sanook.com/	1970-01-20 14:08:51	Name: _lr_env_src_ats Value: false
.pubmatic.com/	1970-01-20 13:27:05	Name: pi Value: 155976:4
.pubmatic.com/	1970-01-20 15:35:15	Name: DPSync3 Value: 1691107200%3A219_197_241_235_201_245_227_226
.pubmatic.com/	1970-01-20 15:35:15	Name: SyncRTB3 Value: 1692489600%3A203%7C1691107200%3A3_88_99_233_21_81_165_8_251_22_234_204_243_220_161_55_249_46_71_264_238_214_13_54_254_56_166_176%7C1690761600%3A63%7C1690502400%3A2_15_223%7C1695081600%3A69%7C1691193600%3A35
www.sanook.com/	1970-01-20 14:52:03	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-07-21T11%3A39%3A25%22%7D
.adgrx.com/	1970-01-20 13:27:05	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_1003 Value: 22761-3d42ae7c-27bb-11ee-8c04-e53f854a1b6f&KRTB&23275-3d42ae7c-27bb-11ee-8c04-e53f854a1b6f
.crwdcntrl.net/	1970-01-20 19:54:27	Name: _cc_cc Value: "ACZ4XmNQsLRINUw2TLNMtTQ3TjFNM05MTUk2MjBMMTW2NDQ3NDVjAIKUXXm5IBoKAFnhCrc%3D"
.crwdcntrl.net/	1970-01-20 19:54:27	Name: _cc_aud Value: "ABR4XmNgYGBI2ZWXC6SgAAAY0wH6"
.onaudience.com/	1970-01-20 13:27:05	Name: done_redirects104 Value: 1
.onaudience.com/	1970-01-20 22:11:15	Name: cookie Value: f17476bdc49862ae
.onaudience.com/	1970-01-20 13:27:05	Name: done_redirects161 Value: 1
.ctnsnet.com/	1970-01-20 22:11:15	Name: cid_910f041727834053bd97828a69423466 Value: 1
.ctnsnet.com/	1970-01-20 22:11:15	Name: cid_4868310ba17a43639792806925835b5f Value: 1
.zeotap.com/	1970-01-20 22:11:15	Name: zc Value: 9544c3b4-e0b7-4434-591a-d05589ffc835
.adsby.bidtheatre.com/	1970-01-20 13:35:44	Name: __kuid Value: d24daff9-041d-45cd-a86c-8e6468dec0da.459153565
ads.playground.xyz/	1970-01-20 13:35:24	Name: connect.sid Value: s%3A0f_JrbZjXVYCjnKCxNQuaaz2HWKwYODu.bksIYU%2BCPoTPnLrAh3XWPVx0%2Foa%2FzNXIb%2FaIYmqfFTQ
.onaudience.com/	1970-01-20 13:27:05	Name: done_redirects200 Value: 1
.sanook.com/	1970-01-20 13:35:44	Name: panoramaId_expiry Value: 1690544365429
.sanook.com/	1970-01-20 13:35:44	Name: panoramaId Value: 0217ddaef8d226dc466c0b376e9f4945a7026be847cc5549ce27e94297f4d9ed
.1rx.io/	1970-01-20 22:11:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_1305 Value: 23408-61333963-E834-44F8-B30A-B1FF9512E3D3&KRTB&23413-61333963-E834-44F8-B30A-B1FF9512E3D3&KRTB&23479-61333963-E834-44F8-B30A-B1FF9512E3D3&KRTB&23505-61333963-E834-44F8-B30A-B1FF9512E3D3
.everesttech.net/	1970-01-20 22:11:15	Name: everest_g_v2 Value: g_surferid~ZLpubQACedcupgAN
.pubmatic.com/	1970-01-20 14:08:51	Name: KRTBCOOKIE_409 Value: 22966-7AicPGkHMbTWTUhQjWRSUXgn
.onaudience.com/	1970-01-20 13:27:05	Name: done_redirects219 Value: 1
.targeting.unrulymedia.com/	1970-01-20 22:11:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003%22%7D
.pubmatic.com/	1970-01-20 15:35:15	Name: KRTBCOOKIE_594 Value: 17105-RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003&KRTB&17107-RX-e1591f75-1065-4b7c-adde-0e2c5e00113d-003
.exelator.com/	1970-01-20 16:18:27	Name: EE Value: "e541ee83906507e4c0ddcd5ad9da3c07"
.zeotap.com/	1970-01-20 13:27:05	Name: zsc Value: n%CB%A4%B8%CB.%C5%E7%85%5D%10+W%14%AA%23%BA%F63%ADVX%1D%99%07%CE%7D%FCq%DBP%2C%E6j%C1%9CQ%DD%A4%D8%E6R%A5%11c%87%00%23+%09%40%3AGXs%21%C5%DC_%C86r%FB%D3%11%95%7C%90%D2%E7%11%B4%F1%90%F5%11%BDR%27Dx%99%9D
.exelator.com/	1970-01-20 16:18:27	Name: ud Value: "eJxrXxzq6XKLQSHV1MQwNdXC2NLAzNTAPNUk2SAlJTnFNDHFMiXRONnAfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQdEl%252BUWb6InenxUUpaQyLSopPBR%252FZowAAvWUqkw%253D%253D"
.id5-sync.com/	1970-01-20 15:35:15	Name: id5 Value: e35bc910-96a4-7e3a-a4d0-e23f604d355b#1689939565717#2
.id5-sync.com/	1970-01-20 13:25:39	Name: callback Value:
.onaudience.com/	1970-01-20 13:27:05	Name: done_redirects282 Value: 1
.mathtag.com/	1970-01-20 22:51:34	Name: uuid Value: b42864ba-6e6d-4900-b9a0-bc205d39367d
.id5-sync.com/	1970-01-20 15:35:15	Name: 3pi Value: 3#1689939565903#-328688709#b42864ba-6e6d-4900-b9a0-bc205d39367d
.id5-sync.com/	1970-01-20 13:25:39	Name: cf Value: gif
.id5-sync.com/	1970-01-20 13:25:39	Name: cip Value: 984
.id5-sync.com/	1970-01-20 13:25:39	Name: cnac Value: 6
.id5-sync.com/	1970-01-20 13:25:39	Name: car Value: 3
.id5-sync.com/	1970-01-20 13:25:39	Name: gdpr Value: 0\|
.gammaplatform.com/	1970-01-20 13:27:05	Name: _aGeoIp Value: DE\|Stuttgart
.gammaplatform.com/	1970-01-20 23:01:39	Name: _aUID Value: tphgy09bj201
.pubmatic.com/	1970-01-20 14:08:51	Name: PugT Value: 1689939564
.sanook.com/	1970-01-20 22:11:15	Name: FCNEC Value: %5B%5B%22AKsRol_83XwRqGsfC_9SY-mn-DBbSduQQ43j5h2kA0qO2t1oD1R61A4BjbfqXuogHJGKzbWaRH0USSXjK67J9JGFisW8Du7zwyTr5m-wzWUMM6Srrefo9p0HBdHVBYydObsjSaJwRWQtFeOQav-eMM7zyUI9890nvw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.pubmatic.com/	1970-01-20 14:08:51	Name: KRTBCOOKIE_1310 Value: 23431-tphgy09bj201&KRTB&23446-tphgy09bj201&KRTB&23465-tphgy09bj201
.tribalfusion.com/	1970-01-20 15:35:15	Name: ANON_ID Value: avnsIHtMPmFUTgUpMDGfHZcsUFVpZcldIZctBlcM2XrOPZbbLkVdhkNFiaylovDFv8yNfC6kNZcZbrQGKffGOEbDNgdPq6
www.sanook.com/	1970-01-20 14:08:51	Name: _rtbpbjs_userid_consent_data Value: 3524755945110770
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 30ae7f78ebbe6ad9
.pubmatic.com/	1970-01-20 14:08:51	Name: SPugT Value: 1689939567
.ads.pubmatic.com/	1970-01-20 13:27:05	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 15:35:15	Name: chkChromeAb67Sec Value: 3
.ads.pubmatic.com/	1970-01-20 13:27:05	Name: pubsyncexp Value: 1689961168376

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 Message: Failed to load resource: the server responded with a status of 417 ()
network	error	URL: https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.6 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript	error	URL: https://www.sanook.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.sanook.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://www.sanook.com/ Message: The resource https://rumcdn.geoedge.be/37f9789d-147c-416e-beed-ee36939965ee/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
a.tribalfusion.com
a3b65afb36bf1c013a0f10340391d328.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ajax.googleapis.com
api.rlcdn.com
avd.innity.com
avd.innity.net
bam.nr-data.net
bcp.crwdcntrl.net
beacon.taboola.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.ocmtag.com
cdn.prod.uidapi.com
cdn.taboola.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d28b79ecc8294363f98d4269c1215c30.safeframe.googlesyndication.com
d5p.de17a.com
dc.sanook.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.sanook.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
loada.exelator.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.adlooxtracking.com
p.rfihub.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
rtb-eu.andbeyond.media
rtbdemand.apiip.net
rtbpass-us.andbeyond.media
rumcdn.geoedge.be
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
sdk.ocmhood.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sloth-api.sanook.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
t.ocmhood.com
t.pubmatic.com
tags.crwdcntrl.net
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipus.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
api.rlcdn.com
dc.sanook.com
pagead2.googlesyndication.com
uipus.semasio.net
104.18.10.47
104.18.11.47
104.18.24.185
108.138.7.113
119.81.192.134
141.94.171.213
141.94.171.214
141.94.242.206
142.250.185.162
142.250.185.66
151.101.129.44
151.101.2.49
151.101.66.137
162.19.138.119
162.19.138.83
162.247.241.14
162.55.120.196
172.217.16.130
178.250.7.13
18.196.48.221
18.198.69.109
185.29.134.244
185.64.189.112
185.64.189.226
185.64.190.81
185.64.191.210
185.80.39.216
185.86.139.103
188.166.17.21
193.0.160.131
195.5.165.20
198.47.127.19
198.47.127.205
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
203.151.128.172
203.151.133.6
203.154.58.214
208.93.169.131
213.155.156.165
23.218.209.56
23.218.210.30
23.35.236.188
23.35.236.201
23.75.64.175
2600:9000:2250:5a00:a:e047:753:be1
2600:9000:236e:8000:2:d490:4d80:93a1
2600:9000:2491:0:4:b37b:9440:93a1
2602:803:c003:200::31
2606:4700:10::6816:1857
2606:4700:10::6816:3456
2606:4700:20::681a:6e4
2606:4700:20::681a:7e4
2606:4700::6812:19ad
2620:100:a005::17
2620:100:a005::6
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9d
2a02:2638:d::d
2a02:fa8:8806:12::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::485
2a05:d018:d29:3601:da00:7cb3:2a5d:49ee
2a06:98c1:3120::3
2a06:98c1:3121::3
3.65.77.190
3.75.62.37
34.102.146.192
34.102.163.6
34.102.253.54
34.107.231.31
34.111.129.221
34.111.131.239
34.120.135.53
34.228.182.143
34.95.81.168
34.96.70.87
34.98.64.218
35.186.193.173
35.190.39.111
35.204.74.118
35.214.167.243
37.157.3.20
37.252.171.52
43.152.42.15
43.175.22.45
46.228.174.117
52.213.109.107
52.214.14.119
52.220.229.2
52.222.208.154
52.223.40.198
52.31.235.128
52.46.155.104
54.158.85.140
54.164.204.95
61.91.93.46
65.9.66.68
67.220.224.144
69.16.175.42
69.173.144.165
69.192.160.219
72.251.241.196
74.119.118.138
77.245.57.78
82.145.213.8
85.114.159.118
98.98.134.241
0014ffccade01ae1ab385b85433decef0f11f26cbe25721faa0d13bb5c0badda
00ba14b8d14bfe3b23904417ace5042c5cc2fa6689b5b103bcc65495db4568c2
053375c538674c061b4f65450333ad1ea6a60bd1d7e2110b3cc43a8a0198d2a5
0673fd495a15111e5825988fd96fa81e42651caba6c3025aab672bb2351db48e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
08a8463bf15cca775e8cc01995f1d42758cbda90dee2b7019fee15daa62822c9
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a7794366c2d6a01bd05452e1548420d4b9f85a1c252eec66be0474b0074e5ae
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b2e019fbe37d9642ad85f3194ef708e5510f4e580544587d3036d2c6a22809e
0b55ec4e5aa91ac70224085c402a372fcdd954dd4df3229b7de7efbfa86cff3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93fcce3e4ed4086f6f2e19b753dfd7f9e48213ddba0ab5b8c9dfb2dc862ae0
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e1da213d54c1103512acc870919870909f8d4432cd6564b782b3fbcae86e36c
125bae6d5c0255748d46352540c62c2907721067fb829fdf55646824f1517590
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c77ac611a4332b163f12367043df571ad45e56537880d12235f9aa3376e777
12dd6199ea3d042dc13b8620cbf9e06bd357c82a48126ecbefecae0602decf07
149ee5e20d73852c879236b861c19bf99cd6548d4772672d0ed518eaee06509a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
177869e84a42777b6a2f264d8ab7c7ee8050f0bd2a41e3aa727bbb35af89e4a2
1779a49bc11620c55dd5424776fa1e5c44b5cdb705163555ef05afc54e9cde89
1832adf2dbc83d94b2994ec2d23ba772e6dc0950bf94180451e1f5d3c3fee23b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bf2204e4bc320500b589d112b120f2c00240f6bac71af61590485ae0ebc5998
1c1c7761ec06eb4da3558ace2e9eaf0d963fdcedc7875307521e58236c129d0b
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1d5e6be082c1628d01bc08000477cda7009f7e0f1d1f9bd272e5846229bab11c
1db8ec0cab6099607f77fd5fd4eb0f03cf86f8b07236cb2755eb47903cbd587d
1e6ed261e5f7029eb2f8353da6c6c19f6800be2108cac86bf6e92a78af7ab16c
1ff156a490197a3db0dcc463a6d22ded80179df60ff6a2129087c2b4695e7798
20e6b679072f28ceeb963c1cb0a7d1808526feb6963ad2b4f9989ff789061c87
211ce11050c57b74d7f793232305a8ee5cea7f061366efaa6df4bff5cb7a2495
21e4dbdbb7e3cdc5fa870a867f7c497c85048a9f6922a057452d9772b8b241d5
23cb1dd9ede94e9d78e2bdc319113646e38a0295eb896e86c9649394a163599d
2803300a8f17dc40adcc0b88517a59328d2d94688c5047b8c6363f29c9da86d3
2848334f1f86feb6ff0f691ca399708bc582e97ddd61ce41ba7d457c257f8c88
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd43bd1d19804dd0ace87193c6c8cad1af21918a8ebbea029eb70a8818e2ea0
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3088fa2d4cd08551ee70af003fb1ee35a2bc77f7a9c395eadb0bca8a4e4387d0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33bae8a9b9507c2b7121eee535d21afcb6e66be73d082d127d54c6b3f1135ffe
3470839eefe22dff1fe0caf6e12c2dc192eef98543715f31caabb9f6f53c6d8d
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
38bb1c467ced03bac525d633d19adacae5b4e4e314507926eecc6f0598b55eb9
39a9767a33fe8b9d31f24bb9f29f98152c9f738a1bf59539cfd87285d30be231
39b7ee41871a555d5426dc4550f88e0a5495ccad79d581abe05a7b2c38b76f65
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c306814caff0bcd34236c2f17695012ea796e2e7d0d1506ec323773f70596b8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412e44de7c09f2b8d76b1ad4ca25cc6915bcca5d737aaa7c5a6b44e5965d1d6d
419119879eb7ae3bfe0d605a84de61d833655a29b1b91a7dca4cfbd600b1a520
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e60297f05db0014c89a7484aa3081711da0900f9dfc72836b64433afcbedac1
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50242617945a6f6a36fe2fd68afa582d0b765e127a17bfe46487e5cc3970bb18
503c0cb24eb60b02255937d291d658062dde41620da822900dea10d989d10c30
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
535499bf25b6a149637ce611286da6239dee803fda1191102371595c8d23d63e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ea76c15b35c07b2699cdac2510aa3c9d57af688f0c26ae140c9e4bea481d848
5f7ef40973ad557f38316781fa84abd570077a0c7a038f3d7524324a04562f09
5f934206e3b1b6dfb691d130d506169bb2fbbd1e1144d1f3258ef751d3fde993
609c59e03032e481cb6306fb44b1fac51ece3de699eb3ab7267f20542125957f
60ab4f954e7743bffc67eb6abb6a58fec4291a0b0ff21e1b1efa57bbf8b939fa
6110bd3d72d24a65ab45401d0318208e362f323aca3c84d57a36523d34a60f0b
613e6fb1ee0686648a9cff52881352a6be3555d8c009fa0c38f8207302c59135
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6216e1876d6e4f68be0010735d5697fba788b6f069d36d4ed889d47d620def23
6245fcbdcfa07b8eb1cb9fd45b0d1d4d66891679116c2a02c6f95fe0237f54ad
62998eb230205cec9dbb97bedc6654520af6e3b2b452f17c38b54eb10829a005
638f51b08a158469a7e45e909671254fcc608d156abeade26e25ea96b2ce238b
6398459b42d66255d9cbd874bdaeb716f781ba4e29c7ddcc2183e7fb4ce69e3b
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
68551662722fe4ed510f4d33fd3aee3dea77c47dff7584e8c50d1dc9241f22df
691d114327be68dbc2bdb308e1e90c090f997ab883293781706f47dcfbfbe85e
695669eab4d353184ff9d06af8b2e1d0c0aea5af143d16b84206b05f1fa7ec3d
696ebff2f6fb069f9f94ffe87bf3afc534a4dc68dee592c312549170a6e0e9d2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5c31bb43ebf2ad8c7dd800319227d1138e990778c011a2f6285fb7407f88c6
6c0128a553f251b6d2d33303e0eb175ee5ed5d867331a9df30d471408fd87f19
6d72060c52be9a515cbe1615fcc35fec3143dcabe1ef2441ae13fb95c5f4f2e2
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fd14c4f026b06f579fb9a453c01c19865421bbeb3efa399ab3cc9f1557b327d
726b58f8fca916e3c4efa0afa7e16f271dda6ef58ab77c6b57d5aef8181da807
72b957c8e33b77cbf556151dc0c974c59408561b4bf97828c5b400bb60663138
7492395fef5caac2500eb07ba8dbc30c0fa593fe2db43e89db33dc0d3af70e41
776cb78c04fe199cff6109f991b88ac00aafef52bc7dcc904284e42edbe33ba7
7884ea512c3977a6c9bfa2835b3fd5200d2760b691d0ed3adf02adf271808359
78ec3d4d6ae24303bd49a502f7943acf422da51135c135bf91d54a09a48fd69e
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7a29389c763e1db437d92ff272e72ece49b8155a7b5335a4ad952fb7e16acd54
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7b16892944693b726b546079861ead3df8a626a8af2df606a9cbc919c274bc10
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7e40f94eac35c138f89be96fbeca4ff3ecc934fb91d54e811db744457cce708b
7e7559e0a186df6d87cb491a5deb7a6161347b8f1cf8804ebaaa3191945b01f0
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
85b43b72140bb32ba40727e447915be95dc992134109decb73f73d269703b5ca
86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8756f19020bac3a40d2a403c5f5bcf3ac5034bc0da074d6a383bbe6c32561de5
87dd7c8c26e65d03ebad026973400187c613d1f7d6bdc0e9a2c2e16fdd991b55
8acb5c888f88d9948d9729db88e737b9dd92ae3653dd11557aa286a55eeaeb09
8bc88e26013cef1ce84cb63b1a64df1f4a4b7b60ecec0cdc4030e59b8137c116
8cb021ad9e462e75ef9bf7ad22ee919220c637cc67352cfe020135f475720e5d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8e183be119b6987473a140cfdecd28e76e021f0e2c976a7941de4dcb1a4a46fc
8f1e37c9b51619a5bad9f4961c4397f86fff672f5fd17cc64923cdb59583a7d6
90b2c07260d70267751704c0528f8eb954ffe2a193550ed3495bce0f2828bf95
90dc8ea5f4689b21cfb8a0a192e3e017aa6d81ba6eaa93d00b17db3efcbd4121
9245d86e1586ee1fefb870e532047ee807be7de4b20bde5bacda824a2b44a5cd
93eb2558997c67e86a9031b77b19cf035a5c3c96c00c8e96d76a5c772d73b4eb
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94b22956d8a756614aceb90a4c9cce164ced050e74cdc331270275c9ca2c996c
9752d92c15dc692460f9a7be8f82516efcba0d2af6e303cbffb84a5965701f06
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99547a965f07daf7a5531abff25b655f8ca954dcd1fc1794a87e62b4f59069a7
9ccdbec9e927128d190882fdc2b16952ae59a95bfe6f179416ecd98d4aeef7ea
9cd0cf9358f6d9ef9aecc29466faba4f8f2f5b9a79f03be60e6b220558fd4340
9e3d8282bb6d553cac3fc7585bddb08478e2b9a98e20e4dd2c319e23a884e559
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6abd01f2a5ef3fd5d2bdddda2a92397e790289ea9f374d088ddc8f81d09ee86
a747e4e59e47f9fd2483a07dad6ee91341062e3e8c7fc41852681ad89c3a9087
a85910f42aca3993c62b9458984b86e944a7f2c600c0e3cbce6e06242badbf84
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aef8500012c78812c36aaa40a0aa20a35b5be54afcea9c2156a91036cc2c94e1
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ae202d99bb752cc6451e1d02bac7d3e5a8b4d90542caa34b6535f2dd2efb45
b3f752aaeb6db8ab939049c49ecf68b1cb0730cdeec6dcc0b31e9fbdbf506527
b418de58ffd52a1ae77faad8eb08fc9f1606fae9b323d336d67882136d05a46a
b4753a92f4c696d1a27e1e656ffc3c44d098eb11d7adf94bff62bae3999f1ead
b7cce6664bfdeb40be15d6f177827f9ff6d2eac4747aebf96a7f32cd2bec7b75
b7f07c9706cebd204611cc45f8401c546ee69e1292421463cd5f081a368e43ce
b9e38cc9731430afe84fde118d71237c9a86fce3230e5ac7ae1d7f86c102842a
bc44581cf7fecf1d46dfbd0474fce7d3dbc8315eaf90aab3aa50751e60ce5ffa
bcfaf18be1af962cc457ee0c00465dde9d5db7865a3922022ef23be26c432214
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
be670c3d3cc9021e3e244a863bd36f5c685a09f46cffefdb930b9fefee0fec0e
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6b89f28ff4ba3df1cd623a76e1aa60a2a157357940d5a5faccb1a3a7f81e7d8
c6cdae0503d1325814118b921d15798941694c9436533a1dd4ba366d81183f99
c874f708f5b975cd971bc4b89f3a432a46121a549273f79c0e1363ef54001157
cb6a6c2610683705572669c1a23069293ff365d9afae3034298e64f61b137f5a
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe5353a092600c0a14d95620f3dc6609bef7a0d3ea9a50d6bb4be26ecd33c10
cff83ca0b6983822eb74ed66a82b2d12375bad6fc0c9a13679e412112770cf02
d18f8eec648c72c51e02afa4755f5b7f6bf94ae6a20f4003ffa7e5365e5f25b4
d345d41ea4be8addbc7626f46354ec989c913319f267dc0be150af708e9d0878
d38961bd0b1ca21df559b911d10e02450f663398373f3e6ac76eb31809b5b75e
d3edd1cdf6fcb7273d035f0d6a093cc21e6936edde3a6051068396d9b4d94e9d
d46a641e0bb0cf37d837dd9eb88caf89951ffaedbb13c81c3e0379636a1b8e0d
d57aeaf80265f0b85de1bf9798c3eb60e8b8a71869a16cea4873e21667c9f657
d68c3ead837103c502de483abfdb0167fa83abe2a3ba452df2d5f216289f6c9f
d89283684cb24ba91c98a1770227e73387eac767ceda63637a7264d77bd5f462
d99a7d1e9b3c94f6e6a89d039a4dab2e9a6c6467f5092f79a9ac603026a33db9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df717b10ddeb15f06ae868f361d169961c86c803cfe1e98d5b1cebe3a3a22eae
e16941500a7e562826092aa4e31a907a0c6e9354e4c843391cd3fdec33602bb1
e237cfb5b51efd58bf08a6d1cf3f4e49c2ce2e595ef16c2060aa6cb4d966fb3a
e33e3c96fca28ef2ec5971f9af31e934cdd14e0ef723fb5ffde39b679b174c3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f22abf2010cbb641b4b7d2b235bd0fe1ecae8a0257a9d494ead22f20d36085
e6f66edeac3b3a3f7b2cd9d2c9c0365f42b989cc873dd956522bcc03e1279413
e8154cda85e61a93a4d07d9bc7ae8ff13274434f42af641b2fc3d791057105ad
e8672b51d74f3e9356e66760704282c9e176c4d00eb900c78390e31837ae5fd6
ec0b5b53e3a623e222e8a77be302d528e72de4bf4b79cb1d5f4bf3257db9d2ce
ee855581a36f5e32f1850e5d174d46156e51d3790a84851000c6b8cc0f135408
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b4e02ec77f44276a9c64328a2fbba2a2abbb5f1148e96bee2858dcfb31c933
f249f23739c39a22b4780080912da4976dd8774392c77f0e4e97498f4574b4ef
f39a2c7f7532d8fc427e96438ad41aa48b6b57d81b1fe494e0288845216589b3
f3ae74a74d38e0ced684035df16a49ad9e8ed12fee00d5d07f6ca79e3f970e9f
f3d9ef2604c7f5133d7096b134f0c873884577caf93cf6bc16833050afea301d
f47e1672b0c25ec306398bb54ab09a1901cca0f8a6738afbcec0d895e88f6eb3
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe
f955b0f541d06b588b4449255383d7cebea1781ae2f97139ef979432bb0fea1d
fa525f20d8f9843d2d68fdc3a6f0bbe651802c3546e7bad3b236877d0a61d1d7
fc7b20a846e61d36f3979b45ec6c47d71a8dbe6915179d7c554c17985c2b0002

www.sanook.com Open in urlscan Pro 203.151.128.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

371 Requests

89 %HTTPS

31 %IPv6

91 Domains

141 Subdomains

101 IPs

16 Countries

3823 kBTransfer

12163 kBSize

149 Cookies

26 Outgoing links

Page URL History

Redirected requests

371 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sanook.com Open in urlscan Pro
203.151.128.172 Public Scan

Screenshot
Live screenshot

Full Image

371
Requests

89 %
HTTPS

31 %
IPv6

91
Domains

141
Subdomains

101
IPs

16
Countries

3823 kB
Transfer

12163 kB
Size

149
Cookies

371 HTTP transactions
1 data transactions