urlscan.io logo urlscan.io
SecurityTrails logo

60d5997ba3e55.agencecw.com Open in urlscan Pro
149.28.140.151  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ggermpir.agencecw.com/2406/smwqyelai/3
Effective URL: http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Submission: On June 25 via manual from TH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 12 countries across 81 domains to perform 426 HTTP transactions. The main IP is 149.28.140.151, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is 60d5997ba3e55.agencecw.com.
This is the only time 60d5997ba3e55.agencecw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 149.28.140.151 20473 (AS-CHOOPA)
2 2a00:1450:400... 15169 (GOOGLE)
3 61.91.93.188 7470 (TRUEINTER...)
4 2a00:1450:400... 15169 (GOOGLE)
98 150.109.191.113 132203 (TENCENT-N...)
3 2a02:2638::3 44788 (ASN-CRITE...)
7 150.109.206.145 132203 (TENCENT-N...)
1 101.33.11.110 132203 (TENCENT-N...)
3 61.91.94.132 7470 (TRUEINTER...)
6 2a03:2880:f01... 32934 (FACEBOOK)
5 2.18.233.180 16625 (AKAMAI-AS)
2 142.250.185.226 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 142.250.184.226 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 13.225.87.8 16509 (AMAZON-02)
3 104.111.224.62 16625 (AKAMAI-AS)
3 119.81.192.134 36351 (SOFTLAYER)
3 15 37.252.172.249 29990 (ASN-APPNEX)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 51.89.20.87 16276 (OVH)
2 4 54.194.226.253 16509 (AMAZON-02)
3 12 76.223.111.131 16509 (AMAZON-02)
1 61.91.93.197 7470 (TRUEINTER...)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 61.91.94.198 7470 (TRUEINTER...)
7 185.64.189.112 62713 (AS-PUBMATIC)
8 178.250.0.165 44788 (ASN-CRITE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 184.30.21.51 16625 (AKAMAI-AS)
24 34.98.64.218 15169 (GOOGLE)
4 77.245.57.78 36057 (WEBAIR-IN...)
4 149.129.240.178 45102 (CNNIC-ALI...)
4 2.21.111.28 16625 (AKAMAI-AS)
3 185.64.189.115 62713 (AS-PUBMATIC)
8 9 37.157.4.29 198622 (ADFORM)
2 2 213.155.156.166 1299 (TELIANET ...)
9 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 27 185.64.189.110 62713 (AS-PUBMATIC)
2 4 52.49.183.138 16509 (AMAZON-02)
16 20 142.250.186.162 15169 (GOOGLE)
1 1 162.55.6.211 24940 (HETZNER-AS)
7 7 185.29.135.234 30419 (MEDIAMATH...)
3 185.64.189.114 62713 (AS-PUBMATIC)
2 3 51.210.112.63 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
2 3 159.253.128.188 36351 (SOFTLAYER)
2 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 3.126.56.137 16509 (AMAZON-02)
5 5 2620:116:800d... 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
3 3 52.58.182.33 16509 (AMAZON-02)
2 2 54.194.211.3 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (TURN)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 151.101.13.108 54113 (FASTLY)
5 36 2.18.234.21 16625 (AKAMAI-AS)
4 8 72.21.206.140 16509 (AMAZON-02)
1 1 3.228.62.17 14618 (AMAZON-AES)
2 2 54.174.195.234 14618 (AMAZON-AES)
1 1 154.59.122.79 174 (COGENT-174)
3 3 66.155.71.149 13768 (COGECO-PEER1)
5 5 185.33.220.242 29990 (ASN-APPNEX)
1 1 185.183.112.148 60350 (VP)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
6 6 3.124.143.99 16509 (AMAZON-02)
3 173.231.181.122 29791 (VOXEL-DOT...)
7 185.64.189.226 62713 (AS-PUBMATIC)
6 6 213.19.147.44 26120 (RHYTHMONE)
2 2 87.98.242.60 16276 (OVH)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 198.148.27.140 19189 (PULSEPOINT)
2 169.197.150.7 398989 (DEEPINTENT)
2 2 2a04:4e42:3::300 54113 (FASTLY)
2 199.232.137.44 54113 (FASTLY)
2 4 35.227.248.159 15169 (GOOGLE)
2 2 18.210.5.212 14618 (AMAZON-AES)
2 38.27.122.101 174 (COGENT-174)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.190.87 62713 (AS-PUBMATIC)
2 4 77.243.60.138 42697 (NETIC-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 54.78.254.47 16509 (AMAZON-02)
2 2 34.98.107.212 15169 (GOOGLE)
2 2 52.208.210.171 16509 (AMAZON-02)
2 2 54.226.209.67 14618 (AMAZON-AES)
2 61.91.94.199 7470 (TRUEINTER...)
1 151.101.14.110 54113 (FASTLY)
1 162.247.242.21 23467 (NEWRELIC-...)
1 203.151.133.54 4618 (INET-TH-A...)
426 81
2    149.28.140.151 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.140.151.vultr.com
ggermpir.agencecw.com
60d5997ba3e55.agencecw.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    61.91.93.188 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-188.static.asianet.co.th
www.sanook.com
graph.sanook.com
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
98    150.109.191.113 (Bangkok, Thailand)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
s.isanook.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    150.109.206.145 (Tokyo, Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
p3.isanook.com
p4.isanook.com
1    101.33.11.110 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
lvs2.truehits.in.th
3    61.91.94.132 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-132.static.asianet.co.th
sal.isanook.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
16    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    13.225.87.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-8.fra2.r.cloudfront.net
sb.scorecardresearch.com
3    104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com
avd.innity.net
3    119.81.192.134 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
15    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2a02:26f0:6c00::210:ba51 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.izooto.com
1    51.89.20.87 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p19.id5-sync.com
id5-sync.com
4    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
12    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    61.91.93.197 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-197.static.asianet.co.th
appx.sanook.com
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    61.91.94.198 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-198.static.asianet.co.th
api.u1sf.com
7    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    2606:4700:10::6816:4f7b (United States)

ASN13335 (CLOUDFLARENET, US)
code.th.giraff.io
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.co.uk
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
842e78ff235f0913ed82fbab8c52f818.safeframe.googlesyndication.com
0a4111afefe48e90d65202bb63827d65.safeframe.googlesyndication.com
4    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
24    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
4    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
4    149.129.240.178 (Jakarta, Indonesia)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
as.innity.com
4    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.166 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
27    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    52.49.183.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-183-138.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
20    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    162.55.6.211 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
7    185.29.135.234 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loada.exelator.com
3    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    52.58.182.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-182-33.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.194.211.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.avct.cloud
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
36    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
1    3.228.62.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
2    54.174.195.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
5    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    185.183.112.148 (France)

ASN60350 (VP, FR)
sync.adotmob.com
3    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
6    3.124.143.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
3    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
7    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
6    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    87.98.242.60 (Saarbrücken, Germany)

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu
green.erne.co
4    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    18.210.5.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
2    38.27.122.101 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
2    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
2    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
2    54.226.209.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    61.91.94.199 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
getimage-member.sanook.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
1    203.151.133.54 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
notification.sanook.com
Apex Domain
Subdomains		 Transfer
108 isanook.com
s.isanook.com
p3.isanook.com
sal.isanook.com
p4.isanook.com
2 MB
63 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
t.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
275 KB
38 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
294 KB
32 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
39 KB
24 openx.net
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
6 KB
24 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
86 KB
16 googlesyndication.com
842e78ff235f0913ed82fbab8c52f818.safeframe.googlesyndication.com
0a4111afefe48e90d65202bb63827d65.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
92 KB
14 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
5 KB
12 adsrvr.org
match.adsrvr.org
4 KB
9 adform.net
c1.adform.net
4 KB
8 amazon-adsystem.com
s.amazon-adsystem.com
5 KB
8 indexww.com
js-sec.indexww.com
8 KB
8 google.com
www.google.com
adservice.google.com
2 KB
7 mathtag.com
sync.mathtag.com
4 KB
7 innity.com
avd.innity.com
as.innity.com
8 KB
7 sanook.com
www.sanook.com
appx.sanook.com
graph.sanook.com
getimage-member.sanook.com
notification.sanook.com
43 KB
6 w55c.net
pm.w55c.net
5 KB
6 exelator.com
loada.exelator.com
loadm.exelator.com
9 KB
5 ampproject.org
cdn.ampproject.org
100 KB
5 quantserve.com
pixel.quantserve.com
2 KB
5 googletagservices.com
www.googletagservices.com
153 KB
5 facebook.com
www.facebook.com
graph.facebook.com
14 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 tapad.com
pixel.tapad.com
998 B
4 taboola.com
trc.taboola.com
match.taboola.com
1 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 1rx.io
sync.1rx.io
2 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 andbeyond.media
rtb-eu.andbeyond.media
1 KB
4 teads.tv
a.teads.tv
1 KB
4 crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
2 KB
4 google.de
www.google.de
adservice.google.de
459 B
4 facebook.net
connect.facebook.net
174 KB
4 google-analytics.com
www.google-analytics.com
75 KB
3 adgrx.com
cm.adgrx.com
1 KB
3 ad4m.at
ad4m.at
2 KB
3 sitescout.com
pixel-sync.sitescout.com
973 B
3 bidswitch.net
x.bidswitch.net
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
3 simpli.fi
um.simpli.fi
2 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 innity.net
avd.innity.net
13 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 criteo.net
static.criteo.net
39 KB
2 ipredictive.com
sync.ipredictive.com
1 KB
2 gumgum.com
rtb.gumgum.com
671 B
2 playground.xyz
ads.playground.xyz
726 B
2 zeotap.com
mwzeom.zeotap.com
573 B
2 bnmla.com
match.bnmla.com
228 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 deepintent.com
match.deepintent.com
60 B
2 contextweb.com
bh.contextweb.com
1 KB
2 erne.co
green.erne.co
651 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
758 B
2 gstatic.com
fonts.gstatic.com
31 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
31 KB
2 turn.com
ad.turn.com
943 B
2 avct.cloud
ads.avct.cloud
894 B
2 everesttech.net
sync-tm.everesttech.net
746 B
2 de17a.com
d5p.de17a.com
637 B
2 fbcdn.net
static.xx.fbcdn.net
135 KB
2 giraff.io
code.th.giraff.io
42 KB
2 googleadservices.com
www.googleadservices.com
15 KB
2 googletagmanager.com
www.googletagmanager.com
78 KB
2 agencecw.com
ggermpir.agencecw.com
60d5997ba3e55.agencecw.com
2 KB
1 nr-data.net
bam.nr-data.net
275 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 adotmob.com
sync.adotmob.com
682 B
1 acuityplatform.com
ums.acuityplatform.com
637 B
1 extend.tv
sync.extend.tv
546 B
1 google.co.uk
adservice.google.co.uk
853 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 loopme.me
csync.loopme.me
213 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 u1sf.com
api.u1sf.com
421 B
1 id5-sync.com
id5-sync.com
532 B
1 izooto.com
cdn.izooto.com
1 KB
1 truehits.in.th
lvs2.truehits.in.th
3 KB
426 81
Domain Requested by
98 s.isanook.com www.sanook.com
s.isanook.com
27 simage2.pubmatic.com 2 redirects ads.pubmatic.com
www.sanook.com
20 dsum-sec.casalemedia.com 5 redirects ssum-sec.casalemedia.com
20 cm.g.doubleclick.net 16 redirects eu-u.openx.net
16 securepubads.g.doubleclick.net www.googletagservices.com
www.sanook.com
60d5997ba3e55.agencecw.com
securepubads.g.doubleclick.net
15 ib.adnxs.com 3 redirects www.sanook.com
acdn.adnxs.com
12 eu-u.openx.net ads.pubmatic.com
eu-u.openx.net
12 match.adsrvr.org 3 redirects www.sanook.com
eu-u.openx.net
ssum-sec.casalemedia.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.sanook.com
cdn.ampproject.org
9 image2.pubmatic.com ads.pubmatic.com
www.sanook.com
9 c1.adform.net 8 redirects ads.pubmatic.com
8 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
8 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
8 us-u.openx.net eu-u.openx.net
8 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
8 bidder.criteo.com www.sanook.com
static.criteo.net
7 t.pubmatic.com www.sanook.com
7 sync.mathtag.com 7 redirects
7 hbopenbid.pubmatic.com www.sanook.com
6 pm.w55c.net 6 redirects
6 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
5 secure.adnxs.com 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.sanook.com
60d5997ba3e55.agencecw.com
5 pixel.quantserve.com 5 redirects
5 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
5 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
4 loadm.exelator.com 2 redirects www.sanook.com
4 uipglob.semasio.net 2 redirects www.sanook.com
4 visitor.fiftyt.com 4 redirects
4 pixel.tapad.com 2 redirects ads.pubmatic.com
4 sync.1rx.io 4 redirects
4 acdn.adnxs.com ads.pubmatic.com
4 match.prod.bidr.io 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 htlb.casalemedia.com www.sanook.com
4 as.innity.com www.sanook.com
4 rtb-eu.andbeyond.media www.sanook.com
4 tencentth-d.openx.net www.sanook.com
4 a.teads.tv www.sanook.com
4 adservice.google.com securepubads.g.doubleclick.net
4 www.google.com 1 redirects www.sanook.com
tpc.googlesyndication.com
4 www.facebook.com www.sanook.com
connect.facebook.net
4 connect.facebook.net www.sanook.com
connect.facebook.net
s.isanook.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
3 ad4m.at ssum-sec.casalemedia.com
ads.pubmatic.com
3 pixel-sync.sitescout.com 3 redirects
3 x.bidswitch.net 3 redirects
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 avd.innity.com avd.innity.net
www.sanook.com
3 avd.innity.net p3.isanook.com
avd.innity.net
60d5997ba3e55.agencecw.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 gum.criteo.com 1 redirects static.criteo.net
3 sal.isanook.com www.sanook.com
60d5997ba3e55.agencecw.com
3 static.criteo.net www.sanook.com
2 getimage-member.sanook.com www.sanook.com
2 sync.ipredictive.com 2 redirects
2 rtb.gumgum.com 2 redirects
2 ads.playground.xyz 2 redirects
2 mwzeom.zeotap.com www.sanook.com
ads.pubmatic.com
2 aud.pubmatic.com www.sanook.com
2 match.bnmla.com ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 match.taboola.com ads.pubmatic.com
2 trc.taboola.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
2 bh.contextweb.com 2 redirects
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 green.erne.co 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 graph.sanook.com s.isanook.com
2 beacon.lynx.cognitivlabs.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 ad.turn.com 2 redirects
2 ads.avct.cloud 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 loada.exelator.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 static.xx.fbcdn.net www.facebook.com
2 adservice.google.de securepubads.g.doubleclick.net
2 code.th.giraff.io s.isanook.com
www.sanook.com
2 www.google.de www.sanook.com
2 mug.criteo.com www.sanook.com
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.googletagmanager.com 60d5997ba3e55.agencecw.com
www.sanook.com
1 notification.sanook.com www.sanook.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.sanook.com
1 p4.isanook.com www.sanook.com
1 simage4.pubmatic.com ads.pubmatic.com
1 sync.adotmob.com 1 redirects
1 bcp.crwdcntrl.net ssum-sec.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 sync.extend.tv 1 redirects
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 0a4111afefe48e90d65202bb63827d65.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.co.uk securepubads.g.doubleclick.net
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 842e78ff235f0913ed82fbab8c52f818.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 api.u1sf.com s.isanook.com
1 graph.facebook.com s.isanook.com
1 appx.sanook.com s.isanook.com
1 id.crwdcntrl.net www.sanook.com
1 id5-sync.com www.sanook.com
1 cdn.izooto.com s.isanook.com
1 lvs2.truehits.in.th www.sanook.com
1 www.sanook.com 60d5997ba3e55.agencecw.com
1 60d5997ba3e55.agencecw.com
1 ggermpir.agencecw.com 1 redirects
426 122

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.sanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-27 -
2022-06-27		 a year crt.sh
*.isanook.com
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-10-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2021-02-12 -
2022-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-11 -
2021-12-12		 a year crt.sh
*.izooto.com
DigiCert SHA2 Secure Server CA		 2021-05-05 -
2022-05-10		 a year crt.sh
*.id5-sync.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.u1sf.com
DigiCert SHA2 Secure Server CA		 2020-01-21 -
2022-03-16		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-14 -
2022-04-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2021-02-22 -
2022-03-26		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.google.co.uk
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-24 -
2021-08-16		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-21 -
2022-04-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 66 frames:

Primary Page: http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Frame ID: 5E7459D5C5FE1CD1234F036B08FC30F6
Requests: 4 HTTP requests in this frame

Frame: https://www.sanook.com/news/8357734/
Frame ID: 3D06E215678B63676EBCB461D9D48C43
Requests: 216 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html
Frame ID: AB76356CF555228348E8379E0B7626EB
Requests: 1 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 954AB99BA7266E460C55DFEEF190DBE6
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30b66c076adf58%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff32f5c47315a2a%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Frame ID: 3337BBF5A7E64EF903D7F1504C521711
Requests: 4 HTTP requests in this frame

Frame: https://842e78ff235f0913ed82fbab8c52f818.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 112993151AA11085A5DF8BC8E540974A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2134EB180371F4B52D5B64E04FD423D3
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 39899BA13F297B2872B89436521A8686
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 296FA856CDA676F12AF144C90799CCCA
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8nHTLT-AG_nyYM608MPbjo4cgK-Qez9IqbIiQUi-IHR1sg8p0dtki_pXT2xIA7FQK7xMTRxAGVMDQ0n8r0969QLPgKTiw2LwdR2CJ5ARQG9-sRe9gA5hDaSK67x9tYgPa37j409mPTnDYtItk5m602dZ0BpF8tD5RAJcuT5haRGx-gFU0uIR2f9dmgyV13Sg3xsX5XS9r9AWKWLcVW-8JuwjthaHcjiuht5ZH9tkCfoPcIo384vU49yS4fADYR9i3MDsAos4ToTvLym5H6Wz5vY-lMHafXOGW_Zbdg4-VOc5GKYUytARjDWZW2lLMbsIyhyyWh53_0GYeZBHpgAfYGsC6&sig=Cg0ArKJSzHU75k2IybhuEAE&urlfix=1&adurl=
Frame ID: C68193E64DD64A99C1D3762C1272CC6D
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D
Frame ID: 018A68DB00B9D7C0D9DBCD06B95A3D3D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6957878956210444843
Frame ID: 2EA571FBCA8451792451D868E6B8E298
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A40942FC24492D4F5A2AAA635DD89992
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977651985600608396
Frame ID: 76CD4EA29143CCB16B8E56728E07CEC1
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: FC42C661C0027C22EBB047A106BDA263
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: A51C48831A818570494BDE9C9EAC5DE2
Requests: 1 HTTP requests in this frame

Frame: https://0a4111afefe48e90d65202bb63827d65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 9F16BB0676C79AE13B06BDD371C55DBC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoYKqdqfCz9ckuzG2SODF95WB5pvVojK5ziwThcDTE7C6yEBmuEgPMJBScTqeva8dVQWgdr-ZoZc8uHUmcEfGqKN4WDt1ah_iRullFYn8uuB6DDgKL0jeIy8jaE7M6b131F-c4ze-4BU2zDxK5raPvMSaP3sLnn_Hyy9P-WAfN8crEwC49jcex7izqgSW3lyO-fwVKb-xoyjQS224t3tcOya2vWm0ACHxHw1RitcBDoPiRz-eHkIOLnl9sqSGGDKmvpO5Vi4gBM85APoKcz6gGadv7ohcxaDf1DHDQOu0DphLoDXL3h_LH7xgH&sig=Cg0ArKJSzJ2MPAXvLRUMEAE&urlfix=1&adurl=
Frame ID: 792DCD0E9761DA35CC0B93BF72A98067
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5D6526BB33398370F7C7FD93F0CDC55C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E77C91037527D535255E38EE0683DD6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Frame ID: 68FD6D711D73EA21AFB3FA0F36D38ACF
Requests: 16 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B56482E64B8BEBDE84B66D2FC7AEA1ED
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A68C9C19E2E6F0300959625A79C4E88E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 198C664DD2834D57E1DB91140935DFFB
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: BF7F7765E410F78E933E8D2222C1C902
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 220B948A80C7F507AB113E6520AE69D9
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5856829E355061030E96819DAD19D858
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: CA94F0E73425B2BD26005124FED7635F
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: A7F9A7D29A1A08139A750F20E595E5C7
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 179BCEC235B23705D2C569D8346179FB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FFC2A6061A592272CA22D30DF51C0BB8
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F57C693A18A4C5DF038208D4833DFFDF
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 61EBC5C4396DCF511D6B26AD0C6FC6F3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C983D2B48081103835797F3EC8CE1E2E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B1C945DE0D1B9840D9DC189C575E538F
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 02120436E3367574ECDEADB595C5052D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 77D61F07CDC6A19674DB690A88594E40
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
Frame ID: B0BCD90201D11B20E4828BA5AA283EF6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 4E2497DA99E1916B711C36AFF2F8FFBE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
Frame ID: 0BEDC5CC14AA8FF93CED069BEA3C291E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E23549547E78E7284CA09AB23E56870C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 141FE653FACE1A0546740CCDDB904F31
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jbE1faLP5leE&pid=557219
Frame ID: CF44D02BF66AB4CF270A684D31FB16DC
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: F81B55B8C5E15E7337D64A28249E40E3
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9cf9dc5c-608c-47b9-8634-0cb8c1b64a24-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 56674B3A73140AC01534702D45BF15AC
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 71E789DD66B836F6599185A0ADF9A631
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rgTnlT4o1LWHAz5&gdpr=0&gdpr_consent=
Frame ID: 17927DD6BF3447FF081C4B4572D16083
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-xckd92OTudtJQRyR2RAt9RmJJI
Frame ID: 5817D34B96F1691136FE1FA5E3A106F4
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 396087F7D3DD63678C91D3E738BD9B29
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA63AD1F63554A28B7119A86AEE77099
Frame ID: 30A06E0C4A1B6555850C73F4E744F543
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
Frame ID: 2398B9828B669690906990313693DCA3
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 8EED715FB220E63BCB676E882AA4F201
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
Frame ID: 4625A9C7F383A9A99D57CEB62D86BB20
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 27D4362FFD517653A379E94C87EA875C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 838053B9B99B04F64991128E663E794F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yKqB63QBXvpw&pid=557219
Frame ID: 2261026A0E3051BC935507C4990E3CBF
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: FBD2198CAF0A3F5796B872E34F604DF7
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a0c4ae0d-6c26-478f-8fe9-4a3ae06af66f-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 4D21EA95727758131E4AF78A4B20903A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: C736769D1B86E00E7FDB720D88BEE2E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:S5FemGaf1LWHAz5&gdpr=0&gdpr_consent=
Frame ID: AB10BAACBF9C224A5A4763F9F186D27C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eMEtTZerTBJswn9UxYwQbtRmJJI
Frame ID: 3B542851DE0E4B89070741853CDB7B6C
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 56F50520E91FFB4DD985B25ABA9A70B3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D48298C7C4F54346BE586EA4700650F0
Frame ID: E805F7C009630E129DB4AC4CC90C9B48
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=60d5997ba3e55.agencecw.com
Frame ID: 41426C8FC8C99CDC339FED89A45ECAA8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F41BA4D012030A8A2CCBDE8496DA5AEF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A6E681250A75532747BBD22DE996F1B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ggermpir.agencecw.com/2406/smwqyelai/3 HTTP 302
    http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

426
Requests

99 %
HTTPS

29 %
IPv6

81
Domains

122
Subdomains

81
IPs

12
Countries

3904 kB
Transfer

11946 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ggermpir.agencecw.com/2406/smwqyelai/3 HTTP 302
    http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&domain=www.sanook.com&cw=1&pbt=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ryC24HxhSjhDcFVGNHA0dW1PMzBrYmRpZC82cmlrQ2JsWEg4Sk93allqUThpNFNUQjJQa0pldGVXYU1DbExMUjhrZC8vckloc1MxN2twN2g0b2I2bkxNRW4wUFc3TEhwYUw3eUp0YWlnNG9Md3JIS0Q3WG5UYlZvYmZLbWQ0d2tHOWFuZS9KTURLRE93ZUloTlkwMTVYSTVMYnFTNXBlQytsbDB0QmJQd2FSV2pUUnljajZPbkFpcnJ0dTdaZ1hybUlkRG1ha0Z2cElmSjJoZ3c0SEp4U04zcEhlVU5lcWtKVjkrYS85M0tEbnBFc1NJV2RFSVFQajFkOGdOYzl6d2tMY2hVfA&cppv=2
Request Chain 76
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1128406459&cv=9&fst=1624611200037&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=gJnVYKflCKGS7_UPw8uSqAw&sscte=1&crd=&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpUPq_ewtSiF_4-5U2x7JoGEN4UMXK4JFSc HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1128406459&cv=9&fst=1624611200037&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gJnVYKflCKGS7_UPw8uSqAw&cid=CAQSKQCNIrLM4R2Tkq7gxSmh9mkQ-PGG8a3VjKNPiJMcHO8D-m6PqbyMEMOF&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpX-uX8CgPd_ZhcDUDp_NplVAqsIrnME5Z0&random=4006128589&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1128406459&cv=9&fst=1624611200037&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gJnVYKflCKGS7_UPw8uSqAw&cid=CAQSKQCNIrLM4R2Tkq7gxSmh9mkQ-PGG8a3VjKNPiJMcHO8D-m6PqbyMEMOF&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpX-uX8CgPd_ZhcDUDp_NplVAqsIrnME5Z0&random=4006128589&resp=GooglemKTybQhCsO&ipr=y
Request Chain 81
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1624611200758&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&c9=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1624611200758&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&c9=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F
Request Chain 85
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1624611201603 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1624611201603 HTTP 302
  • https://avd.innity.com/sync/?partner=appnexus&token=1365133449731120450&type=cookie&itmcb=1624611201603
Request Chain 186
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D
Request Chain 187
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6957878956210444843
Request Chain 189
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977651985600608396
Request Chain 190
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFESTJrN0Jxek1BQURYWDhTUDNHQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 191
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iqk4Qp9bRrK0PaNMFOkFXQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 193
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=240f60d5-9983-4500-926e-5213c740597c
Request Chain 194
  • https://pixel.onaudience.com/?partner=214&mapped=8AA93842-9F5B-46B2-B43D-A34C14E9055D HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=381594da0a9b19407621022a245453fb HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c601e152224366bf4b9b6d714f9b2890
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEFBOTM4NDItOUY1Qi00NkIyLUI0M0QtQTM0QzE0RTkwNTVE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJXQ-RaOoA5zUGhkMgIhdlo&google_cver=1
Request Chain 198
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8448165717988194763
Request Chain 199
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:898060d5-9983-4500-9be7-780fed79589f&gdpr=0&gdpr_consent=
Request Chain 200
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b50b0e03-a618-46c2-8179-2f76f1e7dc04
Request Chain 201
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1365133449731120450&gdpr=0&gdpr_consent=
Request Chain 203
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sF.tRX1E2uUNp04pQwg27dp9mOlJ2tg-~A&gdpr=0&gdpr_consent=
Request Chain 204
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H
Request Chain 205
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YNWZgwAB5PXnMQBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNWZgwAB5PXnMQBg&gdpr=0&gdpr_consent=&_test=YNWZgwAB5PXnMQBg
Request Chain 206
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=6e991faf-94c6-4eaa-ab2c-f6e95c51c3b5&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7f05d68-bbd4-4fac-bea0-6336ec866104&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 207
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7834068029299504277&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 208
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5fbe0540-caaa-40be-a04f-e186d27209a3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 272
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a36160d5-9983-4500-be69-7a2346643360
Request Chain 273
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
Request Chain 274
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
Request Chain 278
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54c060d5-9983-4100-b8c6-b51672bf7355
Request Chain 279
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
Request Chain 280
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
Request Chain 284
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ef5260d5-9984-4a00-8d72-1751966c7da4
Request Chain 285
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
Request Chain 286
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
Request Chain 290
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=db2f60d5-9984-4a00-a727-2f1dfbcc9504
Request Chain 291
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
Request Chain 292
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
Request Chain 304
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
Request Chain 307
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWZgjRrR5X6nAg6iqay9gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
Request Chain 308
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3c3f659a-83f5-450f-ab5d-2c15cabac580
Request Chain 309
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=33170d48-556e-4121-bb53-7baf24b74e0f&expiration=1656147205
Request Chain 310
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=588035168856
Request Chain 311
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7834068029299504277
Request Chain 313
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
Request Chain 316
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWZgjRrR5X6nAg6iqay9gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
Request Chain 317
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1627203204
Request Chain 318
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1e8f6c21-df3b-48d1-8371-c938be7a280f&expiration=1656147205
Request Chain 319
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1365133449731120450
Request Chain 320
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=db2f60d5-9984-4a00-a727-2f1dfbcc9504
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
Request Chain 324
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWZgjRrR5X6nAg6iqay9gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
Request Chain 325
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Request Chain 327
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8448165717988194763&expiration=1625820804
Request Chain 331
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Request Chain 332
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWZgjRrR5X6nAg6iqay9gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
Request Chain 335
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0664220405763d2fed18bf55&expiration=[EXPIRATION]
Request Chain 337
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ji6jqEFY1LWHAz5 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ji6jqEFY1LWHAz5&C=1
Request Chain 358
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3078780033 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b50b0e03-a618-46c2-8179-2f76f1e7dc04 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-406f152d-24b3-43e9-b195-bcf5c228df9a-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
Request Chain 360
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
Request Chain 362
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 363
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jbE1faLP5leE&pid=557219
Request Chain 365
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9cf9dc5c-608c-47b9-8634-0cb8c1b64a24-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 366
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 367
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rgTnlT4o1LWHAz5&gdpr=0&gdpr_consent=
Request Chain 368
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-xckd92OTudtJQRyR2RAt9RmJJI
Request Chain 370
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA63AD1F63554A28B7119A86AEE77099
Request Chain 371
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&addseg=11,34,40
Request Chain 372
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 374
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 375
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 376
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8575637080926618165
Request Chain 377
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_baff0a61-ae33-491e-a781-4ae151d2e65a
Request Chain 378
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cfd7314e-d592-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
Request Chain 379
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&addseg=11,34,40
Request Chain 380
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 382
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 383
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 384
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7769377880 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b50b0e03-a618-46c2-8179-2f76f1e7dc04 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-406f152d-24b3-43e9-b195-bcf5c228df9a-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
Request Chain 386
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
Request Chain 388
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3424024376081677699
Request Chain 389
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4935f4b0-f926-4d03-96ef-2a032997491d
Request Chain 390
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 391
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yKqB63QBXvpw&pid=557219
Request Chain 393
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a0c4ae0d-6c26-478f-8fe9-4a3ae06af66f-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 394
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 395
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:S5FemGaf1LWHAz5&gdpr=0&gdpr_consent=
Request Chain 396
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cfd730de-d592-11eb-ab86-a799382bd3d2&gdpr=0&gdpr_consent=
Request Chain 397
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eMEtTZerTBJswn9UxYwQbtRmJJI
Request Chain 399
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D48298C7C4F54346BE586EA4700650F0

426 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 317-smwqyelai.htm
60d5997ba3e55.agencecw.com/ju2406/
Redirect Chain
  • http://ggermpir.agencecw.com/2406/smwqyelai/3
  • http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Protocol
HTTP/1.1
Server
149.28.140.151 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.140.151.vultr.com
Software
nginx /
Resource Hash
d26dc8e0f543117e511d18da787e445453354869441f45adc469d2b010312427

Request headers

Host
60d5997ba3e55.agencecw.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 08:53:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 25 Jun 2021 08:53:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-116306602-2
Requested by
Host: 60d5997ba3e55.agencecw.com
URL: http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
537c97664a51cbfbb940448f6ada0b58840246b4d4f8a16e14f04c869ffc408c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://60d5997ba3e55.agencecw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36368
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 25 Jun 2021 08:53:16 GMT
/
www.sanook.com/news/8357734/ Frame 3D06 		210 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/news/8357734/
Requested by
Host: 60d5997ba3e55.agencecw.com
URL: http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
c4dbc7c38fc0967b356d85f9d27649310a42ef71a56aef86f85a049866df5cac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Host
www.sanook.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://60d5997ba3e55.agencecw.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://60d5997ba3e55.agencecw.com/

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 08:53:18 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
SN-Cache-Status
MISS
X-Ua-Device
desktop
X-Ua-Type
human
X-Ua-Key
cover_display
X-Ua-Exp
notset
X-Ua-isExpReadpage
exp_readpage_desktop_notset
X-Ua-shouldPass
0
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116306602-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://60d5997ba3e55.agencecw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4388
date
Fri, 25 Jun 2021 07:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 25 Jun 2021 09:40:08 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1354876950&t=pageview&_s=1&dl=http%3A%2F%2F60d5997ba3e55.agencecw.com%2Fju2406%2F317-smwqyelai.htm&ul=en-us&de=UTF-8&dt=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1354793493&gjid=2009019119&cid=1565823792.1624611196&tid=UA-116306602-2&_gid=116813172.1624611196&_r=1&gtm=2ou6n0&z=2078126983
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://60d5997ba3e55.agencecw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://60d5997ba3e55.agencecw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.4af493dc.chunk.css
s.isanook.com/sr/0/_next/static/css/ Frame 3D06 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/styles.4af493dc.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
35704
server
Lego Server
age
0
etag
W/"60d3ff34-8b78"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
10926467289668718353
accept-ranges
bytes
content-length
7314
expires
Sat, 24 Jul 2021 04:25:29 GMT
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ Frame 3D06 		890 B
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
90a95aaeeb4c8775d61af89ad2406ae6fac8ecf3ec8869b19444091e0121e7f4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 09:05:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
1087
server
Lego Server
age
158670
etag
W/"PSA-aj-4QLQD9QhaX"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
11455857028698195623
accept-ranges
bytes
content-length
457
expires
Fri, 16 Jul 2021 08:51:08 GMT
publishertag.js
static.criteo.net/js/ld/ Frame 3D06 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:19 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:10:01 GMT
server
nginx
etag
W/"60b79139-1d469"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Jun 2021 08:53:19 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ Frame 3D06 		375 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
etag
"5296e90f-177"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
13558345479273519097
accept-ranges
bytes
content-length
266
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ Frame 3D06 		43 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:20 GMT
x-cache-lookup
Cache Hit
server
Lego Server
etag
"4d5107cb-2b"
content-type
image/gif
x-nws-log-uuid
18403525873682547624
accept-ranges
bytes
content-length
43
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ Frame 3D06 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
9b432db8bfed4434ed2682bd0a4e16e01c8193f670a8de52fc5284f32cd9df90

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 02:06:12 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9818671367747284319
accept-ranges
bytes
content-length
63349
expires
Mon, 19 Jul 2021 02:06:12 GMT
s-regional.png
s.isanook.com/ns/0/uc/1/6213/ Frame 3D06 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/uc/1/6213/s-regional.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ff3cb347449e2b4f63248f760ab9245d33bf3c84fa0492b477a9109736677b66

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:10:00 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 12 Dec 2019 06:44:29 GMT
server
Lego Server
age
0
etag
"5df1e1cd-ccb"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
302025688754012918
accept-ranges
bytes
content-length
3275
expires
Sun, 18 Jul 2021 04:10:00 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3NfXzc0ODc2MTUuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ Frame 3D06 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3NfXzc0ODc2MTUuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ddf9964d79fd304f55f0253cb9c7f2def776ff9fe5c47d91cb9ea1f3c9aeedb5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 16:41:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10907802505787031706
accept-ranges
bytes
content-length
58097
expires
Sun, 18 Jul 2021 16:41:36 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3NfXzc0ODc2MTQuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ Frame 3D06 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3NfXzc0ODc2MTQuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fbdc27db510ab0461c8e635479fbd6408d40104c5ecbac79b3154b4db5596f97

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 16:41:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18099216482297304134
accept-ranges
bytes
content-length
81520
expires
Sun, 18 Jul 2021 16:41:36 GMT
covid19-banner2.png
s.isanook.com/sr/0/images/event-banner/2020/covid19/ Frame 3D06 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/event-banner/2020/covid19/covid19-banner2.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
31384c40690287283e6448a7c83fc24cb1c39917a5a07c6a8c1c211e0f6400b6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:02:48 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 16 Jun 2021 05:00:05 GMT
server
Lego Server
age
0
etag
"60c98555-57eb"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
491309295425036592
accept-ranges
bytes
content-length
22507
expires
Fri, 16 Jul 2021 13:02:48 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAxMjcwL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMTIuanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 3D06 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAxMjcwL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMTIuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
feb5d4ffbb0918d3533b174265720e1a1beeb2c456ecc6c29635540a9b30923b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 06:12:11 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13355194324867255713
accept-ranges
bytes
content-length
16401
expires
Fri, 23 Jul 2021 06:12:11 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwODU0L2xvc3QuanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 3D06 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwODU0L2xvc3QuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
44eb0ac8bcd9b192518b53eaad09c84e4c0f1f674c7c4bfac85db1a546ea3997

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 11:35:21 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8688299174465743776
accept-ranges
bytes
content-length
11313
expires
Thu, 22 Jul 2021 11:35:21 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwOTk4L2dvbGQuanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 3D06 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwOTk4L2dvbGQuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
0801c6f675417d682c3909e0ed2a9bd69f47a4f1c9f1e2eb02719f9a6f4e2d21

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:40:44 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17716656095035579177
accept-ranges
bytes
content-length
12260
expires
Thu, 22 Jul 2021 15:40:44 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAxMDAyL2NtLWxwLWV4cGxvZGVzLmpwZw==.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 3D06 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAxMDAyL2NtLWxwLWV4cGxvZGVzLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
da489dcc3cf9cb444da375b154b709dc4bbc4134719f8c0c496f9a7effd59a4b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:41:13 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7561629729057796440
accept-ranges
bytes
content-length
25511
expires
Thu, 22 Jul 2021 15:41:13 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwMDM0L3NvbGFyLmpwZw==.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 3D06 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwMDM0L3NvbGFyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
11e04bf0bddbdb5544b6d570c7cfb466a8b91931f25032d7fa4ccd3b180d99ea

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 07:36:01 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17366402733073618256
accept-ranges
bytes
content-length
20532
expires
Wed, 21 Jul 2021 07:36:01 GMT
entry.js
s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/common/ Frame 3D06 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/common/entry.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bcd44db972bcd70526a04c7459652d82e65c6aee369ec728143be6053667d57a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-e37e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9022568909827143399
accept-ranges
bytes
content-length
12927
expires
Sat, 24 Jul 2021 05:02:18 GMT
_app.js
s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/ Frame 3D06 		329 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/_app.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e6701152297ff536bf907a6566cace758ec7dc842dad945a8a6b56ae0e7d6a3d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:19 GMT
server
Lego Server
age
0
etag
W/"60d40e57-525c7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11561145286413799435
accept-ranges
bytes
content-length
72524
expires
Sat, 24 Jul 2021 05:02:18 GMT
4781b2a8b3928b072d145d1cf2b976331d469d25.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4781b2a8b3928b072d145d1cf2b976331d469d25.373763efdd431ed68264.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15842287676518439113
accept-ranges
bytes
content-length
8443
expires
Sat, 24 Jul 2021 05:02:18 GMT
4909abdef241a9aae5745838bd7e67d0d2f37d3d.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4909abdef241a9aae5745838bd7e67d0d2f37d3d.99c2898dcbff2a789c9c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
18279933488623976841
accept-ranges
bytes
content-length
5530
expires
Sat, 24 Jul 2021 05:02:18 GMT
c8f7fe3b0e41be846d5687592cf2018ff6e22687.6db4a8ec5e94a78e2b5c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		887 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.6db4a8ec5e94a78e2b5c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bcea6ed2b03d8890a03a4e1bbb57c2237e75af15fff58f56b9ffb5bdfef0ca4e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
908753
server
Lego Server
age
0
etag
W/"60d3ff34-dddd1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
17880013921100653660
accept-ranges
bytes
content-length
230783
expires
Sat, 24 Jul 2021 04:25:29 GMT
cf89254f3b62bfcd72d40b69e1600b42e9852816.8b870b2e2aaff3624f9b.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/cf89254f3b62bfcd72d40b69e1600b42e9852816.8b870b2e2aaff3624f9b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
13b0e40192eec4b88d7eb7f14d3b9579febb47b211bd1a0a336a34b3b6c30383

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-31cd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13643873769822475113
accept-ranges
bytes
content-length
3794
expires
Sat, 24 Jul 2021 05:02:18 GMT
45.2b59ad9dee77e82b3de2.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		288 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/45.2b59ad9dee77e82b3de2.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
785143cb8b94b7496c35f5bb2dd6dc7fd7ead6b1abe88379eaf2d40542cb857a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-47fda"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
7677421273274127077
accept-ranges
bytes
content-length
63179
expires
Sat, 24 Jul 2021 05:02:18 GMT
webpack-d5c9dfd90ff5a41796bb.js
s.isanook.com/sr/0/_next/static/runtime/ Frame 3D06 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f1f031acac4bb260679ca40ced78634aca191a4b7afd0ddaa4a1c108324c3749

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:19 GMT
server
Lego Server
age
0
etag
W/"60d40e57-19f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1651134419953145366
accept-ranges
bytes
content-length
2990
expires
Sat, 24 Jul 2021 05:02:18 GMT
framework.a8c446334694403b7af5.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		136 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework.a8c446334694403b7af5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:50:58 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
139444
server
Lego Server
age
80250
etag
W/"60c9853e-220b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9953843693835837229
accept-ranges
bytes
content-length
44575
expires
Fri, 16 Jul 2021 08:50:58 GMT
3e73cab0a5995742bc81198d6fa3dd73e45fe44f.6ee61761ec68b3509c52.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3e73cab0a5995742bc81198d6fa3dd73e45fe44f.6ee61761ec68b3509c52.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-1995"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8073374875420489468
accept-ranges
bytes
content-length
2469
expires
Sat, 24 Jul 2021 05:02:18 GMT
4f979d79030e16e7d6bf322f16e2f112703e22b9.3b72f283b635eb4eacd3.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4f979d79030e16e7d6bf322f16e2f112703e22b9.3b72f283b635eb4eacd3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-1def"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14004701368723756683
accept-ranges
bytes
content-length
2559
expires
Sat, 24 Jul 2021 05:02:18 GMT
ce01e3e9f624d98567b3e71b67bbded70e4c64bf.f848520e63915f6f252c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ce01e3e9f624d98567b3e71b67bbded70e4c64bf.f848520e63915f6f252c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-320a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11434534227858333482
accept-ranges
bytes
content-length
4839
expires
Sat, 24 Jul 2021 05:02:18 GMT
8750a08f0d4ebb74088edc9e7844f0c072730000.b7595c8340c8fcd5e360.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8750a08f0d4ebb74088edc9e7844f0c072730000.b7595c8340c8fcd5e360.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-bdf4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
16667433145958470110
accept-ranges
bytes
content-length
18431
expires
Sat, 24 Jul 2021 05:02:18 GMT
020cd5d262709bc287d6bc66b74b8155d61ed021.e4725ddb2c84cda01172.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		150 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/020cd5d262709bc287d6bc66b74b8155d61ed021.e4725ddb2c84cda01172.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-2565e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16495086616859061938
accept-ranges
bytes
content-length
47008
expires
Sat, 24 Jul 2021 05:02:18 GMT
ddadccd2333fc79290d41c406d37cb847fa367b0.7a1a2b2083b0c66bf6e7.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ddadccd2333fc79290d41c406d37cb847fa367b0.7a1a2b2083b0c66bf6e7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-9fa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8441114206433419255
accept-ranges
bytes
content-length
14572
expires
Sat, 24 Jul 2021 05:02:18 GMT
47699be2e4d418e3e492b5757642b6c2e49aa1d0.af027d836b2282fda407.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/47699be2e4d418e3e492b5757642b6c2e49aa1d0.af027d836b2282fda407.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-9da8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14504227452877239893
accept-ranges
bytes
content-length
12714
expires
Sat, 24 Jul 2021 05:02:18 GMT
4dbd6cfa95614762cde1d76cbf5153a5138ea291.2ecb9e18e02fabaac6c7.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4dbd6cfa95614762cde1d76cbf5153a5138ea291.2ecb9e18e02fabaac6c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-f905"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17748075257170166094
accept-ranges
bytes
content-length
19637
expires
Sat, 24 Jul 2021 05:02:18 GMT
e0ed27ea0e574000c9c2318a9529e3b9840af08b.382fdcde5dce3d9a8309.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/e0ed27ea0e574000c9c2318a9529e3b9840af08b.382fdcde5dce3d9a8309.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
664186e51f08ee452a19dc92c51b65fe47486c738197bc5f4d6b415e37be0183

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-49e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16837609714034888744
accept-ranges
bytes
content-length
6105
expires
Sat, 24 Jul 2021 05:02:18 GMT
0742e903ef85e35372201cd594e2f86bf0d7241d.31a6257376141e7ef180.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0742e903ef85e35372201cd594e2f86bf0d7241d.31a6257376141e7ef180.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1c540bf66da12459e01db47dfa07ab5426068b2a30a9d02b0ea9b19e8d68e740

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-4cdc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1244124897014146249
accept-ranges
bytes
content-length
6857
expires
Sat, 24 Jul 2021 05:02:18 GMT
0620bbd55e5ab0e73e47a8c1f4769b7a22c8881a.7ece5cd0dfbe31ce1998.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0620bbd55e5ab0e73e47a8c1f4769b7a22c8881a.7ece5cd0dfbe31ce1998.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f01cd6902463d93f2fdecedf90ee4bdbabd4c41603604ee9db65a9087894301b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-2e11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13682404782567374789
accept-ranges
bytes
content-length
3452
expires
Sat, 24 Jul 2021 05:02:18 GMT
3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		284 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
58c9b88f5e2cee331d43bac233cc73741a34044f7907a94f9aa7c2325713ef7d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-46fb5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13443989349598076187
accept-ranges
bytes
content-length
56469
expires
Sat, 24 Jul 2021 05:02:18 GMT
8c841b5e89ba7853a03b841e97a13b9c5fb9326c.db1b049ee320c7a7c3f9.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8c841b5e89ba7853a03b841e97a13b9c5fb9326c.db1b049ee320c7a7c3f9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-776e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14097866967825162962
accept-ranges
bytes
content-length
7416
expires
Sat, 24 Jul 2021 05:02:18 GMT
styles.e56987f829e6da55bdfa.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		107 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/styles.e56987f829e6da55bdfa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 07:31:21 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 22 Jan 2021 03:01:20 GMT
server
Lego Server
age
0
etag
"600a4000-6b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10410923168597335587
accept-ranges
bytes
content-length
107
expires
Sat, 17 Jul 2021 07:31:21 GMT
main-792137066069f4bd9ec1.js
s.isanook.com/sr/0/_next/static/runtime/ Frame 3D06 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cd6038c5672792bce93856c78068a09d1f7162f06ec43c7e0675f91c9a6130df

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
13391
server
Lego Server
age
0
etag
W/"60d3ff34-344f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10629992534453470196
accept-ranges
bytes
content-length
4910
expires
Sat, 24 Jul 2021 04:25:29 GMT
9d437c69cc20c37e37652aec42e1300ea80190be.1d9b70f85cfb1b702a70.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		251 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9d437c69cc20c37e37652aec42e1300ea80190be.1d9b70f85cfb1b702a70.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cd61d37309df288e285bc59d1c9ec3fc4507ff265b33687d6c445cf10c63642a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3ea30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17572572300479557146
accept-ranges
bytes
content-length
26021
expires
Sat, 24 Jul 2021 05:02:18 GMT
4dc270ed147e56e8fbb687252342c66dcf3c4331.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4dc270ed147e56e8fbb687252342c66dcf3c4331.02e73207f7dab7fbde40.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5838323543162950481
accept-ranges
bytes
content-length
5447
expires
Sat, 24 Jul 2021 05:02:18 GMT
0c9b7899ce57ea28ea43c3b3c3f219012b490045.70fd9ee40d6fa0cf0e38.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0c9b7899ce57ea28ea43c3b3c3f219012b490045.70fd9ee40d6fa0cf0e38.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a4f13295a972f241e42e7c7d4c287c890a03b15d6d5e502dbc37496f165adaeb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:19 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9936385878477136252
accept-ranges
bytes
content-length
4708
expires
Sat, 24 Jul 2021 05:02:19 GMT
2eaa13c4dc5b4d6bdb99ea87ad4a8cd0eb4e8607.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2eaa13c4dc5b4d6bdb99ea87ad4a8cd0eb4e8607.8c7201dca81875cd9bba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2904450133156904375
accept-ranges
bytes
content-length
3936
expires
Sat, 24 Jul 2021 05:02:18 GMT
dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		212 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e1dedc7a0bc38ce43c6c4eb58a9df2423ca7d1559987723c9bf3d552dfcda8f3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3519a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6787832235672793379
accept-ranges
bytes
content-length
48376
expires
Sat, 24 Jul 2021 05:02:18 GMT
05cac3a6926197d22062b4c7446ac14202f6c842.6fe0d2db4ad1278b3e1b.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/05cac3a6926197d22062b4c7446ac14202f6c842.6fe0d2db4ad1278b3e1b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3c2a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14455263683784376957
accept-ranges
bytes
content-length
3643
expires
Sat, 24 Jul 2021 05:02:18 GMT
8b8a847e507f4ab3d008b81197223fdebbfda0db.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8b8a847e507f4ab3d008b81197223fdebbfda0db.1c26ec41cba2d9195163.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:44:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
12576794375198901663
accept-ranges
bytes
content-length
2659
expires
Sat, 24 Jul 2021 05:44:15 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/ Frame 3D06 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a72de38880d82bc98ab7aecee4d7398a16b468b92f50e946a33c897a5e39b0c4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-1980"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5502903859058493907
accept-ranges
bytes
content-length
1855
expires
Sat, 24 Jul 2021 05:02:18 GMT
oppa.js
p3.isanook.com/sh/0/js/ Frame 3D06 		537 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
etag
W/"591c0bd4-219"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
11449741234655838465
accept-ranges
bytes
content-length
363
db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
s.isanook.com/sr/0/js/izooto/ Frame 3D06 		120 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d31f3d46db0cb1cbe85a8028e04fb2e689280f80410523589f193555e3e65552

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:31:56 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
age
3673
ntcoent-length
122756
content-length
38834
last-modified
Fri, 18 Jun 2021 02:22:02 GMT
server
Lego Server
etag
"60cc034a-1df84"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11675932058365573485
accept-ranges
bytes
expires
Thu, 22 Jul 2021 09:31:56 GMT
gtm.js
www.googletagmanager.com/ Frame 3D06 		134 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df6f6e86d22f45d198ecf2035b48db1518882150d31f078b781f7cd19f3a1707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43191
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 25 Jun 2021 08:53:19 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ Frame 3D06 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.110 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 08:53:19 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Disktank3 Gz
Last-Modified
Thu, 17 Jun 2021 07:02:00 GMT
Server
NWS_Oversea_AP
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
max-age=604800
X-NWS-LOG-UUID
583a09e2-4637-4128-b701-1c3c8ccf1f90
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
2946
Expires
Fri, 02 Jul 2021 08:53:19 GMT
a102.js
sal.isanook.com/js/ Frame 3D06 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-132.static.asianet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
24035
date
Fri, 25 Jun 2021 08:53:20 GMT
content-encoding
gzip
last-modified
Mon, 10 Aug 2020 09:23:14 GMT
server
nginx
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10300
expires
Sun, 25 Jul 2021 08:53:20 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 3D06 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79fcef7a0549ef72c11fc65e27b2e6bb1194eab7d9717980091bc577cfb9b73f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24631
x-xss-protection
0
pragma
public
x-fb-debug
/XmZQFgQNiqWpz+ImN264f42nri6DbFeCBmkduKF0NjK2tFpX66457DML5cVKiEu799+lQBAXX5PeD826ds8xg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 25 Jun 2021 08:53:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo-sanook.svg
s.isanook.com/sr/0/images/ Frame 3D06 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:52:31 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:12 GMT
server
Lego Server
age
25652
etag
W/"60c9855c-1633"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
13972236157902865591
accept-ranges
bytes
content-length
5683
expires
Fri, 16 Jul 2021 08:52:31 GMT
wetv-g.svg
s.isanook.com/sr/0/images/homewetv/ Frame 3D06 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/homewetv/wetv-g.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 07:19:51 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 14:46:49 GMT
server
Lego Server
age
0
etag
W/"60d49ad9-113a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6373727061479496773
accept-ranges
bytes
content-length
4410
expires
Sun, 25 Jul 2021 07:19:51 GMT
base-icon-v1.0.33.woff2
s.isanook.com/sr/0/fonts/icon/ Frame 3D06 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.33.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:52:28 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 04:59:49 GMT
server
Lego Server
age
186930
etag
"60c98545-886c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
9441732175814589046
accept-ranges
bytes
content-length
34924
expires
Fri, 16 Jul 2021 08:52:28 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ Frame 3D06 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 05:29:13 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Jun 2021 02:21:50 GMT
server
Lego Server
age
172369
etag
"60cc033e-7a90"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
10985935393957651538
accept-ranges
bytes
content-length
31376
expires
Tue, 20 Jul 2021 05:29:13 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ Frame 3D06 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 18:58:37 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Jun 2021 02:21:50 GMT
server
Lego Server
age
142952
etag
"60cc033e-7df4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
16325565563517265030
accept-ranges
bytes
content-length
32244
expires
Thu, 22 Jul 2021 18:58:37 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ Frame 3D06 		2 MB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:19 GMT
content-encoding
gzip
last-modified
Wed, 09 Jun 2021 02:13:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a0a4a-1896b8-5c44bd063c1a9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=167633
accept-ranges
bytes
content-type
text/javascript
content-length
198970
expires
Sun, 27 Jun 2021 07:27:12 GMT
analytics.js
www.google-analytics.com/ Frame 3D06 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4391
date
Fri, 25 Jun 2021 07:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 25 Jun 2021 09:40:08 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 3D06 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14011
x-xss-protection
0
server
cafe
etag
1690124483490796579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 08:53:19 GMT
1489944661112333
connect.facebook.net/signals/config/ Frame 3D06 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84e997d846f0b228470dd7db80106fee6ccb015c7d915d16cac9deb5cf5f15d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75660
x-xss-protection
0
pragma
public
x-fb-debug
8aunVoNA8W2ENVMB+nIOS6y+qj4JVcsQlNkL8Eb2Comz3eQPCI4a8jpDBkycZWAscqSsdovrH3MhSFDafYuh1g==
x-frame-options
DENY
date
Fri, 25 Jun 2021 08:53:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.google-analytics.com/gtm/ Frame 3D06 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NBRLWV4&t=gtm4&cid=1908966533.1624611200
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e32dc815b113b4d99c0e1fc93c8ab31b3ad2af90d84a255eb6ce01333bacdac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37012
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:19 GMT
/
www.facebook.com/tr/ Frame 3D06 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&rl=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&if=true&ts=1624611199877&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&it=1624611199840&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 25 Jun 2021 08:53:19 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ Frame 3D06 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1624611200037&cv=9&fst=1624611200037&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a8868c27fa14b037ce768c9458d714d87a5f641e0ec01b6f1c2784ff72e58361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ Frame 3D06 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1624611200043&cv=9&fst=1624611200043&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2e6255eb271b2bf928a1e042dce115c78cbd55a8c9c546c8ea1812f2177bb92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&domain=www.sanook.com&cw=1&pbt=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.sanook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1564
date
Fri, 25 Jun 2021 08:53:19 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 3D06
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&domain=www.sanook.com&cw=1&pbt=1
  • https://mug.criteo.com/sid?cpp=ryC24HxhSjhDcFVGNHA0dW1PMzBrYmRpZC82cmlrQ2JsWEg4Sk93allqUThpNFNUQjJQa0pldGVXYU1DbExMUjhrZC8vckloc1MxN2twN2g0b2I2bkxNRW4wUFc3TEhwYUw3eUp0YWlnNG9Md3JIS0Q3WG5UYlZvYmZLbW...
344 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ryC24HxhSjhDcFVGNHA0dW1PMzBrYmRpZC82cmlrQ2JsWEg4Sk93allqUThpNFNUQjJQa0pldGVXYU1DbExMUjhrZC8vckloc1MxN2twN2g0b2I2bkxNRW4wUFc3TEhwYUw3eUp0YWlnNG9Md3JIS0Q3WG5UYlZvYmZLbWQ0d2tHOWFuZS9KTURLRE93ZUloTlkwMTVYSTVMYnFTNXBlQytsbDB0QmJQd2FSV2pUUnljajZPbkFpcnJ0dTdaZ1hybUlkRG1ha0Z2cElmSjJoZ3c0SEp4U04zcEhlVU5lcWtKVjkrYS85M0tEbnBFc1NJV2RFSVFQajFkOGdOYzl6d2tMY2hVfA&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3413546cd73157275f8157c72a5e215f214db5b1246275e31ee23b01bddd5d9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 25 Jun 2021 08:53:19 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1708
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 25 Jun 2021 08:53:19 GMT
location
https://mug.criteo.com/sid?cpp=ryC24HxhSjhDcFVGNHA0dW1PMzBrYmRpZC82cmlrQ2JsWEg4Sk93allqUThpNFNUQjJQa0pldGVXYU1DbExMUjhrZC8vckloc1MxN2twN2g0b2I2bkxNRW4wUFc3TEhwYUw3eUp0YWlnNG9Md3JIS0Q3WG5UYlZvYmZLbWQ0d2tHOWFuZS9KTURLRE93ZUloTlkwMTVYSTVMYnFTNXBlQytsbDB0QmJQd2FSV2pUUnljajZPbkFpcnJ0dTdaZ1hybUlkRG1ha0Z2cElmSjJoZ3c0SEp4U04zcEhlVU5lcWtKVjkrYS85M0tEbnBFc1NJV2RFSVFQajFkOGdOYzl6d2tMY2hVfA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1843
content-length
509
expires
0
gpt.js
www.googletagservices.com/tag/js/ Frame 3D06 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d00eb57cae504dd662f2c938bb454085ab0a357b4fbd032ca54a6e9579825df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"912 / 806 of 1000 / last-modified: 1624572544"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23739
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:20 GMT
/
www.google.com/pagead/1p-user-list/408516141/ Frame 3D06 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1624611200043&cv=9&fst=1624608000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&async=1&fmt=3&is_vtc=1&random=2775149167&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/ Frame 3D06 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1624611200043&cv=9&fst=1624608000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&async=1&fmt=3&is_vtc=1&random=2775149167&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021062205.js
securepubads.g.doubleclick.net/gpt/ Frame 3D06 		326 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Jun 2021 16:13:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116215
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:20 GMT
/
www.google.de/pagead/1p-conversion/1007499765/ Frame 3D06
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1128406459&cv=9&fst=1624611200037&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1128406459&cv=9&fst=1624611200037&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1128406459&cv=9&fst=1624611200037&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=16...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=1128406459&cv=9&fst=1624611200037&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gJnVYKflCKGS7_UPw8uSqAw&cid=CAQSKQCNIrLM4R2Tkq7gxSmh9mkQ-PGG8a3VjKNPiJMcHO8D-m6PqbyMEMOF&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpX-uX8CgPd_ZhcDUDp_NplVAqsIrnME5Z0&random=4006128589&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=1128406459&cv=9&fst=1624611200037&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=gJnVYKflCKGS7_UPw8uSqAw&cid=CAQSKQCNIrLM4R2Tkq7gxSmh9mkQ-PGG8a3VjKNPiJMcHO8D-m6PqbyMEMOF&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpX-uX8CgPd_ZhcDUDp_NplVAqsIrnME5Z0&random=4006128589&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ryC24HxhSjhDcFVGNHA0dW1PMzBrYmRpZC82cmlrQ2JsWEg4Sk93allqUThpNFNUQjJQa0pldGVXYU1DbExMUjhrZC8vckloc1MxN2twN2g0b2I2bkxNRW4wUFc3TEhwYUw3eUp0YWlnNG9Md3JIS0Q3WG5UYlZvYmZLbWQ0d2tHOWFuZS9KTURLRE93ZUloTlkwMTVYSTVMYnFTNXBlQytsbDB0QmJQd2FSV2pUUnljajZPbkFpcnJ0dTdaZ1hybUlkRG1ha0Z2cElmSjJoZ3c0SEp4U04zcEhlVU5lcWtKVjkrYS85M0tEbnBFc1NJV2RFSVFQajFkOGdOYzl6d2tMY2hVfA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
997
date
Fri, 25 Jun 2021 08:53:19 GMT
content-encoding
gzip
vary
Accept-Encoding
/
www.facebook.com/tr/ Frame 3D06 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryBPEhO8z92TSfid5Q

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 25 Jun 2021 08:53:20 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
beacon.js
sb.scorecardresearch.com/ Frame 3D06 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-8.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:44:56 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
505
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1469
x-amz-cf-id
iVSGxmYbOisJZu8GiBSqFcR8ZeVYKYuDanjQNtCLjkWTpEzHDXBg5g==
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ Frame 3D06 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 08:53:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.18.0
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1840150
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Fri, 16 Jul 2021 16:02:30 GMT
b2
sb.scorecardresearch.com/ Frame 3D06
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1624611200758&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1624611200758&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1624611200758&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&c9=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-8.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:20 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
tYaizAtIfOojZso3KsMTqNj9qy9dVknjG-m3EGEAz0A3ubBG6GAg9A==

Redirect headers

date
Fri, 25 Jun 2021 08:53:20 GMT
via
1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1624611200758&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&c9=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F
content-length
978
x-amz-cf-id
WwFTFNhuo-ORgFqU-pDfRRtA9-i5wwqrphBj7wZC_YLJbcsfuGD-pg==
dc.js
avd.innity.net/lib/ Frame 3D06 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 08:53:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 01:29:24 GMT
Server
nginx/1.18.0
ETag
"5fa203f4-51a4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1830031
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6437
Expires
Fri, 16 Jul 2021 13:13:51 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ Frame 3D06 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: 60d5997ba3e55.agencecw.com
URL: http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 08:53:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1771845
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Thu, 15 Jul 2021 21:04:05 GMT
/
avd.innity.com/dc/cb/ Frame 3D06 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
2f82babb182ca4232866bdf3a78abf7552bff9406e77460e119225662691b615

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 08:53:21 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
application/javascript
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/ Frame 3D06
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1624611201603
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1624611201603
  • https://avd.innity.com/sync/?partner=appnexus&token=1365133449731120450&type=cookie&itmcb=1624611201603
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=appnexus&token=1365133449731120450&type=cookie&itmcb=1624611201603
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:21 GMT
Last-Modified
Fri, 25 Jun 2021 08:53:21 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:21 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f6081963-0280-4e9b-8f3f-c5f208ceb3f1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://avd.innity.com/sync/?partner=appnexus&token=1365133449731120450&type=cookie&itmcb=1624611201603
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
avd.innity.com/sync/ Frame 3D06 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=1920e0a87539ae60e68f1636161de69d&type=cookie&itmcb=1624611201603
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:21 GMT
Last-Modified
Fri, 25 Jun 2021 08:53:21 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
c8f7fe3b0e41be846d5687592cf2018ff6e22687.b1d1731c.chunk.css
s.isanook.com/sr/0/_next/static/css/ Frame 3D06 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/c8f7fe3b0e41be846d5687592cf2018ff6e22687.b1d1731c.chunk.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 03:23:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
7115
server
Lego Server
age
25900
etag
W/"60d31b7a-1bcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
1751563063952317565
accept-ranges
bytes
content-length
1665
expires
Sat, 24 Jul 2021 03:23:28 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame AB76 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
db3d7a459ef00d57d831d6413327f4dcf6e4d5e236b536c820b6e28c515d653a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Host
cdn.izooto.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
nginx
Content-Type
text/html
Last-Modified
Tue, 11 Feb 2020 13:01:43 GMT
ETag
"5e42a5b7-7b8"
X-XSS-Protection
1; mode=block
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=2592000
Expires
Sun, 25 Jul 2021 08:53:21 GMT
Date
Fri, 25 Jun 2021 08:53:21 GMT
Content-Length
813
Connection
keep-alive
Akamai-Cache-Status
Hit from child
d65816b2.94c409eda074d64b8cba.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/d65816b2.94c409eda074d64b8cba.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
14f06f756f4875d5b442a5d0420ffbea7e6fdad87b02304d460fb9b82f87adac

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 01:04:03 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 04 Jun 2021 06:09:33 GMT
server
Lego Server
age
0
etag
W/"60b9c39d-109b1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
5753079568548137699
accept-ranges
bytes
content-length
22708
expires
Sat, 17 Jul 2021 01:04:03 GMT
617.json
id5-sync.com/g/v2/ Frame 3D06 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.87 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p19.id5-sync.com
Software
/
Resource Hash
9decef39ccc841e8b992f0140cb2f298d87f9ccf35a58f809b4c3eadbb0791f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Fri, 25 Jun 2021 08:53:21 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 3D06 		77 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4758901020246457149c6ef9bae2075bf8df960885cd0e20757dcdcccf7726b5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.10.23
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame 3D06 		109 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
fae676bfac0f06f3d0c8ff2bc5d6c6828bcfcec7de3921afbd469f2d4db89e07

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 25 Jul 2021 08:53:22 GMT
123e19f2.8e7e22347c3c27645b2d.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		376 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/123e19f2.8e7e22347c3c27645b2d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 06:56:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Jun 2021 02:21:46 GMT
server
Lego Server
age
1
etag
W/"60cc033a-5e0f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
12578957051575711811
accept-ranges
bytes
content-length
108222
expires
Thu, 22 Jul 2021 06:56:47 GMT
a7e7d9dd.55546d0227557c116e7d.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		276 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/a7e7d9dd.55546d0227557c116e7d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 05:27:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 04 Jun 2021 04:56:31 GMT
server
Lego Server
age
0
etag
W/"60b9b27f-451df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15222034369884119384
accept-ranges
bytes
content-length
68517
expires
Sun, 18 Jul 2021 05:27:01 GMT
JooxPlayer.3ca5368302a2b09a4445.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		259 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/JooxPlayer.3ca5368302a2b09a4445.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
34249dfa77ab32bd7186413cca8cd9ab6f8a4380a70ca430239a5e8621a27953

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 03:42:44 GMT
server
Lego Server
age
16
etag
W/"60d3ff34-40bc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1576731358251286179
accept-ranges
bytes
content-length
90369
expires
Sat, 24 Jul 2021 04:25:30 GMT
30cd56ec8b4292fd1d19f6bfd4b67b1689d06305.bd6fdb00664cc180299c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		411 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/30cd56ec8b4292fd1d19f6bfd4b67b1689d06305.bd6fdb00664cc180299c.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4675e01e3e468eea89ea62ddb668821c8fc9848d0abe5d2078ddb95ab45d638c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
420519
server
Lego Server
age
0
etag
W/"60d3ff34-66aa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15504222031734296783
accept-ranges
bytes
content-length
110828
expires
Sat, 24 Jul 2021 04:25:30 GMT
50.9605fcfae5d1a697ac9f.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		1 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/50.9605fcfae5d1a697ac9f.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
526d1b11c53bff7776c18ae3e260c072c0ad424084a337290914af5ac0facc1f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
1446
server
Lego Server
age
0
etag
W/"60d3ff34-5a6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
865757333520186985
accept-ranges
bytes
content-length
662
expires
Sat, 24 Jul 2021 04:25:30 GMT
128.f858d814d24f4f8c70c2.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/128.f858d814d24f4f8c70c2.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f6fd0df45e5f312d62a1a3577dc328cfd9b9965789e5696be957de878af76b3e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:43:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
12694
server
Lego Server
age
51970
etag
"60d40e56-3196"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
11564340691131823712
accept-ranges
bytes
content-length
2532
expires
Sat, 24 Jul 2021 05:43:14 GMT
set
appx.sanook.com/counter/ Frame 3D06 		44 B
114 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appx.sanook.com/counter/set?site_name=news&entry_id=8357734&t=1624611202943&callback=jsonp_1624611202337_94299
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/8c841b5e89ba7853a03b841e97a13b9c5fb9326c.db1b049ee320c7a7c3f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.93.197 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-197.static.asianet.co.th
Software
nginx /
Resource Hash
ea2c39081b8ee3bcfb96a359e5098a8a87e8c5e372c0e0be56d0bbb8b77a2089

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
server
nginx
content-type
application/javascript
responsive-voice-1.0.3.min.js
s.isanook.com/sr/0/js/voice/ Frame 3D06 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 22:10:06 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:13 GMT
server
Lego Server
age
0
etag
W/"60c9855d-16928"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4750085188180575327
accept-ranges
bytes
content-length
23390
expires
Fri, 16 Jul 2021 22:10:06 GMT
/
graph.facebook.com/ Frame 3D06 		202 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/cf89254f3b62bfcd72d40b69e1600b42e9852816.8b870b2e2aaff3624f9b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004037114
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
147
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
NryHwOHmNPPT8MfurlSy39KphK7aEHLIcRAYmcVc4IojdRYikL1XlrxElmE0eukwkt+tg6dK8PyxCCopTRx/+w==
x-fb-trace-id
HMS1p4aUnDj
date
Fri, 25 Jun 2021 08:53:22 GMT
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Aa6PhYBsoeDqsl9vBjm9uXK
cache-control
no-store
facebook-api-version
v3.3
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame 3D06 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.6db4a8ec5e94a78e2b5c.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9997bd928ce8f9daff4c395014eb0b69511237ae1534f2030ef4c03bb63ad082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3T3Rl4KxkElVBE/Pkphxtg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
8QRKE6Hi0A4ccdqT85EUhCH2is2lNP56GXttZnRkCo9mi9m6qVpUQx3dofldg1j2K8h62LnePWVjEzVnWUh3jg==
x-fb-content-md5
fba9d15ed3d7bff45299960d2897aeb4
x-frame-options
DENY
date
Fri, 25 Jun 2021 08:53:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d38fc1976784d566f67c8f6372e2a810"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 25 Jun 2021 08:55:16 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 954A 		236 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.6db4a8ec5e94a78e2b5c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

:method
GET
:authority
p3.isanook.com
:scheme
https
:path
/jo/0/mu/evt/_cross_storage/ex/hub.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

content-type
text/html
vary
Accept-Encoding
date
Fri, 25 Jun 2021 08:52:06 GMT
x-page-speed
1.13.35.2-0
cache-control
no-cache, max-age=0
age
75
accept-ranges
bytes
server
Lego Server
x-cache-lookup
Cache Miss Hit From Inner Cluster
content-encoding
gzip
content-length
192
x-nws-log-uuid
4077732500468810683
/
api.u1sf.com/geoip2/code/ Frame 3D06 		154 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.u1sf.com/geoip2/code/?callback=jsonp_1624611202355_28170
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/8c841b5e89ba7853a03b841e97a13b9c5fb9326c.db1b049ee320c7a7c3f9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.94.198 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-198.static.asianet.co.th
Software
/
Resource Hash
3024b701829b174c63206b6573a240f977f723b82d83f91e40ecdd7c031ebf67

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Fri, 25 Jun 2021 08:53:23 GMT
Age
0
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=900, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
138.209602ae3c302346a3ce.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/138.209602ae3c302346a3ce.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ffa970c77ba7493f0566a17443539f56200a2bd93781acf82ec0b77cb106e19e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 03:42:44 GMT
server
Lego Server
age
30
etag
W/"60d3ff34-12a0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9068032057300842461
accept-ranges
bytes
content-length
1773
expires
Sat, 24 Jul 2021 04:25:30 GMT
48.8c3e0aeee3641a466352.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/48.8c3e0aeee3641a466352.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
9f022d21dbd014c80281cb2ad63c5d9590299cdec9e178955cdda4a91bf7adb2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
11176
server
Lego Server
age
0
etag
W/"60d3ff34-2ba8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12740128789025128383
accept-ranges
bytes
content-length
1753
expires
Sat, 24 Jul 2021 04:25:31 GMT
translator
hbopenbid.pubmatic.com/ Frame 3D06 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads.json
s.isanook.com/sh/0/ad/ Frame 3D06 		142 B
351 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/ads.json?v=13538426
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 06:51:31 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 02 Nov 2020 03:55:07 GMT
server
Lego Server
age
0
etag
"5f9f831b-8e"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
10678147901643987004
accept-ranges
bytes
content-length
142
expires
Sat, 24 Jul 2021 06:51:31 GMT
cdb
bidder.criteo.com/ Frame 3D06 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=84814382057
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ Frame 3D06 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=93754368873
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:21 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ Frame 3D06 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=45703013502
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 3D06 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 3D06 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=20411609869
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
abbreviationv2.min.json
s.isanook.com/sr/0/textToSpeech/ Frame 3D06 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/textToSpeech/abbreviationv2.min.json?t=25062021
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:29:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 14:46:56 GMT
server
Lego Server
age
0
etag
"60d49ae0-38e8"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2728985027027705860
accept-ranges
bytes
content-length
2550
expires
Sat, 24 Jul 2021 23:29:02 GMT
widget-sanookcom-news.js
code.th.giraff.io/data/ Frame 3D06 		203 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.th.giraff.io/data/widget-sanookcom-news.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/020cd5d262709bc287d6bc66b74b8155d61ed021.e4725ddb2c84cda01172.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3f7e7a2f6a5550346242522fc341b2baa4d93b28a8b7d3b435df2b760e11fa

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Jun 2021 12:15:14 GMT
server
cloudflare
age
31
etag
W/"60cb3cd2-32c63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
664cf70f5c70c29f-FRA
cf-request-id
0ae3f8bd930000c29f4825e000000001
expires
Fri, 25 Jun 2021 08:53:51 GMT
c
sal.isanook.com/sa/ Frame 3D06 		35 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=853165030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&dr=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&dp=%2Fnews%2F8357734%2F&ul=en-us&de=UTF-8&dt=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SAAAAAABC~&cid=undefined&tid=SA-8147095-6&cd4=0&cd8=b&z=1649893591
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-132.static.asianet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
server
nginx
content-type
image/gif
cache-control
no-cache, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
35
expires
Thu, 01 Jan 1970 00:00:01 GMT
category.js
s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/common/ Frame 3D06 		0
153 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/common/category.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-a6859"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8296805559945922586
accept-ranges
bytes
content-length
156095
expires
Sat, 24 Jul 2021 05:02:22 GMT
9d437c69cc20c37e37652aec42e1300ea80190be.1d9b70f85cfb1b702a70.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9d437c69cc20c37e37652aec42e1300ea80190be.1d9b70f85cfb1b702a70.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3ea30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8625207563858773066
accept-ranges
bytes
content-length
26021
expires
Sat, 24 Jul 2021 05:02:18 GMT
4dc270ed147e56e8fbb687252342c66dcf3c4331.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4dc270ed147e56e8fbb687252342c66dcf3c4331.02e73207f7dab7fbde40.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16276724291601719902
accept-ranges
bytes
content-length
5447
expires
Sat, 24 Jul 2021 05:02:18 GMT
0c9b7899ce57ea28ea43c3b3c3f219012b490045.70fd9ee40d6fa0cf0e38.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0c9b7899ce57ea28ea43c3b3c3f219012b490045.70fd9ee40d6fa0cf0e38.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:19 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
502210983899038913
accept-ranges
bytes
content-length
4708
expires
Sat, 24 Jul 2021 05:02:19 GMT
2eaa13c4dc5b4d6bdb99ea87ad4a8cd0eb4e8607.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2eaa13c4dc5b4d6bdb99ea87ad4a8cd0eb4e8607.8c7201dca81875cd9bba.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8513444229575840589
accept-ranges
bytes
content-length
3936
expires
Sat, 24 Jul 2021 05:02:18 GMT
dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3519a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16671310754286424968
accept-ranges
bytes
content-length
48376
expires
Sat, 24 Jul 2021 05:02:18 GMT
05cac3a6926197d22062b4c7446ac14202f6c842.6fe0d2db4ad1278b3e1b.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/05cac3a6926197d22062b4c7446ac14202f6c842.6fe0d2db4ad1278b3e1b.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3c2a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16143022455061941911
accept-ranges
bytes
content-length
3643
expires
Sat, 24 Jul 2021 05:02:18 GMT
4781b2a8b3928b072d145d1cf2b976331d469d25.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4781b2a8b3928b072d145d1cf2b976331d469d25.373763efdd431ed68264.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8750933575741966909
accept-ranges
bytes
content-length
8443
expires
Sat, 24 Jul 2021 05:02:18 GMT
8b8a847e507f4ab3d008b81197223fdebbfda0db.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8b8a847e507f4ab3d008b81197223fdebbfda0db.1c26ec41cba2d9195163.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:44:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
8683777553299222046
accept-ranges
bytes
content-length
2659
expires
Sat, 24 Jul 2021 05:44:15 GMT
4909abdef241a9aae5745838bd7e67d0d2f37d3d.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4909abdef241a9aae5745838bd7e67d0d2f37d3d.99c2898dcbff2a789c9c.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2453484144823504522
accept-ranges
bytes
content-length
5530
expires
Sat, 24 Jul 2021 05:02:18 GMT
21f9507b8238fefee9dcfcab7523ee34f0f5da20.4529e8cca0c5a421c4f0.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 3D06 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/21f9507b8238fefee9dcfcab7523ee34f0f5da20.4529e8cca0c5a421c4f0.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3540"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10876071415351630969
accept-ranges
bytes
content-length
3450
expires
Sat, 24 Jul 2021 05:02:22 GMT
category.js.b1d1731c.chunk.css
s.isanook.com/sr/0/_next/static/css/static/qOvL723Ats_7yRx7dAtrd/pages/common/ Frame 3D06 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/static/qOvL723Ats_7yRx7dAtrd/pages/common/category.js.b1d1731c.chunk.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-1bcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8598125732043392856
accept-ranges
bytes
content-length
1707
expires
Sat, 24 Jul 2021 05:02:22 GMT
translator
hbopenbid.pubmatic.com/ Frame 3D06 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
sdk.js
connect.facebook.net/en_US/ Frame 3D06 		251 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e69a3bfa41382501c8f8c7f38ce4861d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3785a4240ab5f25b058e4f35b0e8cf9734533ef8a13652bd2e86158f89a9c9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Al7gHjkwY3DJ0mTKL8MWxg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75745
x-fb-rlafr
0
x-fb-debug
EPc0P0bTr4pwe+eTpIITPuHP8B9QFgMeANbSvsekNcwPIp/7IdwHKov+GzvaJqvZbgPrJ3bFbKoxoTzNNyjo+g==
x-fb-content-md5
74ae5da97005197131f1fec6374121d6
x-frame-options
DENY
date
Fri, 25 Jun 2021 08:53:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"96c35b7e258fde60ede43d8f8d57e8ec"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 25 Jun 2022 08:31:34 GMT
advert.gif
code.th.giraff.io/data/ Frame 3D06 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/advert.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
cf-cache-status
HIT
age
49
content-length
43
cf-request-id
0ae3f8bdb90000c29f74a61000000001
last-modified
Wed, 19 May 2021 11:32:00 GMT
server
cloudflare
etag
"60a4f730-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
cf-ray
664cf70f8ce9c29f-FRA
expires
Fri, 25 Jun 2021 08:53:33 GMT
like.php
www.facebook.com/v2.9/plugins/ Frame 3337 		36 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30b66c076adf58%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff32f5c47315a2a%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e69a3bfa41382501c8f8c7f38ce4861d
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e534f1f3ddd829a2d516e363e2c5e067ecbdf2c51c7d5ff539c732e7f17fd04
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30b66c076adf58%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff32f5c47315a2a%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coep_report"
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v3.3
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
mFuwocGZ24Wuz+Oeq7pr6occrz7PDZGVi40rD09Up8kN2AB2L5Oue6SOeUVxF4EtCnU7J7RIhni1pBI44BH0jw==
date
Fri, 25 Jun 2021 08:53:22 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
integrator.js
adservice.google.de/adsid/ Frame 3D06 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3D06 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3D06 		52 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1525235224083617&correlator=1883516380353685&output=ldjh&impl=fif&eid=31060979%2C31061662&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cinviewarticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C300x250%7C640x360%7C336x280%7C320x480&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611202&dt=1624611202562&dlt=1624611198944&idt=1496&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=299&adys=2171&adks=3907713653&ucis=74a4elj33q5l&ifi=1&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&top=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=728x0&msz=728x0&ga_vid=1908966533.1624611200&ga_sid=1624611203&ga_hid=772203542&ga_fc=false&fws=256&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a733195e748a38d2a22d4f029bb94fa50f7db45c002086a4dd94d1826f6c52d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12080
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
842e78ff235f0913ed82fbab8c52f818.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1129 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://842e78ff235f0913ed82fbab8c52f818.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
842e78ff235f0913ed82fbab8c52f818.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 25 Jun 2021 08:53:22 GMT
expires
Sat, 25 Jun 2022 08:53:22 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ Frame 3D06 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1525235224083617&correlator=3048920058714747&output=ldjh&impl=fif&eid=31060979%2C31061662&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611202&dt=1624611202574&dlt=1624611198944&idt=1496&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2513669353&ucis=hidgtyb1jeug&ifi=2&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&top=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1908966533.1624611200&ga_sid=1624611203&ga_hid=772203542&ga_fc=false&fws=384&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
08674e3ab08fb18e1ecd514aa288e4d1b8eb5be5a5b730f80a4416e10a39c435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4098
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138336206208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 3D06 		138 B
973 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
646577f93fe7d6aff532a3f65d5faaa06cbf7f09db9e0a2cfc42810192c8aaa5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:22 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f3228ead-885e-45fd-b008-339d95034df3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ Frame 3D06 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 25 Jun 2021 08:53:22 GMT
arj
tencentth-d.openx.net/w/1.0/ Frame 3D06 		171 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=f9d8ead1-a5ff-4007-b405-fcd479cf460d&nocache=1624611202586&id5id=0&ttduuid=b50b0e03-a618-46c2-8179-2f76f1e7dc04&aus=300x250%2C320x50%2C257x240%2C300x125&divIds=rgpt-reca-4&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
e3be9c6cac1579965c220c3f3f1f61af46d3a82f21b4b8ac2f4177d9521349ec

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
rtb-eu.andbeyond.media/ Frame 3D06 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:22 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
as.innity.com/synd/ Frame 3D06 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1624611202589&ver=2&hb=1&output=js&pub=413&zone=64696&url=http%253A%252F%252F60d5997ba3e55.agencecw.com%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=19b56d13004f3bc&auction=1b9472b5-d5b5-490a-af05-0df90982bc52
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
68a9a41cbc2a7d7d4402729f27ef4a82c377970ffe655ec6d5988212f0dc08b1

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 08:53:24 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
843
Expires
Sat, 03 Sep 1983 02:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 3D06 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 3D06 		25 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222260584aea11d4b%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2F60d5997ba3e55.agencecw.com%2F%22%2C%22page%22%3A%22http%3A%2F%2F60d5997ba3e55.agencecw.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223e01214017467c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2224a8183850a44d4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%222588c28581911bf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22257x240%22%7D%2C%22banner%22%3A%7B%22w%22%3A257%2C%22h%22%3A240%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2226d149b1e32638f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0768282e8e3d05d741cd2c30884aaab1d7adbdb75dc1ac497e39c0f47b9cf91e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[212.102.36.146], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Fri, 25 Jun 2021 08:53:22 GMT
events
bidder.criteo.com/csm/ Frame 3D06 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:21 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 3D06 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 20 Jun 2022 08:53:22 GMT
pixel.gif
static.criteo.net/images/ Frame 3D06 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 20 Jun 2022 08:53:22 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 3D06 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8819ffbe1cf584b175df08977884d43fb260513cc4b9d715e5274648303966c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:22 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
78ff6ed2-ab49-4998-98cc-087101b65d44
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 3D06 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ Frame 3D06 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 25 Jun 2021 08:53:22 GMT
hb
rtb-eu.andbeyond.media/ Frame 3D06 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:22 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
cygnus
htlb.casalemedia.com/ Frame 3D06 		25 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2235d7b23325ebc0c%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2F60d5997ba3e55.agencecw.com%2F%22%2C%22page%22%3A%22http%3A%2F%2F60d5997ba3e55.agencecw.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236d492194c1f648%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2237fafa89f3b5447%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2238fddd2ba76b582%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%223958fef4bfb2aa8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22406fa34d9501801%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22240x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A400%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdab02d314f91a4c6d536bad740de38135ade87116942b22600c8ddaa0b8a4e5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[212.102.36.146], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Fri, 25 Jun 2021 08:53:22 GMT
/
as.innity.com/synd/ Frame 3D06 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1624611202607&ver=2&hb=1&output=js&pub=413&zone=64717&url=http%253A%252F%252F60d5997ba3e55.agencecw.com%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=42303b7753e69f3&auction=2a20e083-43b9-49db-898e-f2f37a487593
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
258f14852296bcb0d2a756302b8825f5edd0734c20f297c2acfa6cd2739fcbc7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 08:53:23 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
844
Expires
Sat, 03 Sep 1983 02:00:00 GMT
arj
tencentth-d.openx.net/w/1.0/ Frame 3D06 		172 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=27c32b27-8970-46d8-81ae-b8a55a2b07e6&nocache=1624611202608&id5id=0&ttduuid=b50b0e03-a618-46c2-8179-2f76f1e7dc04&aus=300x250%2C300x600%2C160x600%2C120x600%2C240x400&divIds=rgpt-tower-5&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
013e77207d2571e6b069d9a03161bb56fca5020005c79550b18bf2a774b0e3ac

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
events
bidder.criteo.com/csm/ Frame 3D06 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
hb
rtb-eu.andbeyond.media/ Frame 3D06 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136924&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:22 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
as.innity.com/synd/ Frame 3D06 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1624611202614&ver=2&hb=1&output=js&pub=413&zone=64738&url=http%253A%252F%252F60d5997ba3e55.agencecw.com%252F&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=489c99e317a006&auction=57910df6-7777-4f1e-bf2e-568174c1004e
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
b5f59198c0abcdb520acd946c16d9d9b30e4377aca3ee8f0221c9bc6a24acda2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 08:53:23 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
844
Expires
Sat, 03 Sep 1983 02:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 3D06 		25 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575408&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2249db1902997bdd4%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2F60d5997ba3e55.agencecw.com%2F%22%2C%22page%22%3A%22http%3A%2F%2F60d5997ba3e55.agencecw.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22508f13919126a7d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575408%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2251a6807de515899%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575408%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac63f14fa9230ad1d01c6c091dc8eeb2a24aa9b9ee072309852bfe3a6b6e3cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[212.102.36.146], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Fri, 25 Jun 2021 08:53:22 GMT
arj
tencentth-d.openx.net/w/1.0/ Frame 3D06 		172 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=c8cd4af2-52ff-4b6e-8c21-13a6cdcab8cf&nocache=1624611202615&id5id=0&ttduuid=b50b0e03-a618-46c2-8179-2f76f1e7dc04&aus=728x90%2C468x60&divIds=rgpt-leaderboard-3&auid=542511416
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
3c8c7fe30a9b9b5288a2a709cde16beab2d8605e02bec09f7485522ad1750dbe

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 3D06 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 3D06 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
37053151da3dfc04429ee24ab26a202d842a15abb2d7dd77794bd06056cadd47
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:22 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
25e36555-6311-476b-9845-8e1ccf0d3c6f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ Frame 3D06 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 25 Jun 2021 08:53:22 GMT
events
bidder.criteo.com/csm/ Frame 3D06 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 3D06 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
tencentth-d.openx.net/w/1.0/ Frame 3D06 		172 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=a9f547ed-5f2b-4f9d-8b36-ffac90701fec&nocache=1624611202624&id5id=0&ttduuid=b50b0e03-a618-46c2-8179-2f76f1e7dc04&aus=1130x250%2C1090x250%2C970x250&divIds=rgpt-billboard-7&auid=542511408
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
804ae012952ae47354f04919ff16ce5306964a7bddef9ec34fe104bf463a45bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 3D06 		25 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575405&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22642c91b195fbfe8%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2F60d5997ba3e55.agencecw.com%2F%22%2C%22page%22%3A%22http%3A%2F%2F60d5997ba3e55.agencecw.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226582b6e7dc8f498%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221130x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1130%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2266e5c31897c833d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221090x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1090%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%226707ec60c133581%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
53363ace03e05a4adfa183a1ee96c972a73111a8e699cd68f65a112d4b75a67f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[212.102.36.146], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Fri, 25 Jun 2021 08:53:22 GMT
hb
rtb-eu.andbeyond.media/ Frame 3D06 		32 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136923&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:22 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
32
prebid
ib.adnxs.com/ut/v3/ Frame 3D06 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
fc61ab236001bf8b92cf09896b05d7c438076184f15f3706e2ddebecf946850d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:22 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
81aeb109-4039-422c-aab6-53dac0171d56
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
as.innity.com/synd/ Frame 3D06 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1624611202628&ver=2&hb=1&output=js&pub=413&zone=68097&url=http%253A%252F%252F60d5997ba3e55.agencecw.com%252F&width=1130&height=250&vpw=1600&vph=1200&callback=json&callback_uid=73358565aa36193&auction=f86df4f6-221f-48b4-9a5c-dca8ca5c09d9
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
83ba35f34af6de73ab628c44df7738555bda8b6913f392619851052b8432bcd3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 08:53:23 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
810
Expires
Sat, 03 Sep 1983 02:00:00 GMT
bid-request
a.teads.tv/hb/ Frame 3D06 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 25 Jun 2021 08:53:22 GMT
events
bidder.criteo.com/csm/ Frame 3D06 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 08:53:21 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ Frame 3D06 		378 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1525235224083617&correlator=1438811108898425&output=ldjh&impl=fif&eid=31060979%2C31061662&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cinviewadrequest&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C640x360&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611202&dt=1624611202633&dlt=1624611198944&idt=1496&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=1200&adys=1400&adks=1367402687&ucis=tnxk6unfjwa8&ifi=3&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&top=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=400x-1&msz=400x-1&ga_vid=1908966533.1624611200&ga_sid=1624611203&ga_hid=772203542&ga_fc=false&fws=768&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
22a9f0f6e04b188b31067032d3737c479fe59165d3ec692aaef364a040d910d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
160
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2134 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76598
expires
Sat, 26 Jun 2021 06:10:00 GMT
date
Fri, 25 Jun 2021 08:53:22 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3989 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76598
expires
Sat, 26 Jun 2021 06:10:00 GMT
date
Fri, 25 Jun 2021 08:53:22 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 296F 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76598
expires
Sat, 26 Jun 2021 06:10:00 GMT
date
Fri, 25 Jun 2021 08:53:22 GMT
vary
Accept-Encoding
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 3337 		400 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30b66c076adf58%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff32f5c47315a2a%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
400
x-fb-rlafr
0
x-fb-debug
eA1V1rkaGyOaHvtHwObCBxVeQE5AKr6FK3EecdVrnaveHii+qpnjGb2OKSIZ+1jaHdmFg56ROnvYfnraycu1Jw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Jun 2022 06:48:15 GMT
fg6D1xdVKKo.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/ Frame 3337 		510 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/fg6D1xdVKKo.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30b66c076adf58%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff32f5c47315a2a%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c91f2120eec92dac8f5b68e488ce4ba750c005018966b6e21b347bcdb9a9757
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PlBorUMz+uUCFz+Lh+QB2Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
136837
x-fb-rlafr
0
x-fb-debug
Cra9a1subFhPpR6ayRfdjJk1mWqJpW+HC1tPiNsAWyuCg9VCUk2zJrcflDHCPT+hjsYN2ay6zSNtSduO5GiYHg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 24 Jun 2022 23:20:55 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2134 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83415843&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
082dba94d91d1d56ee0b33a679a2085c36a3445f10286c22e0c82cccf4a7639b

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cavalry_endpoint.php
www.facebook.com/common/ Frame 3337 		67 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1624611202654&t_start=1624611202654&t_domcontent=1624611202661&t_layout=1624611202721&t_onload=1624611202721&t_paint=1624611202721&t_creport=1624611202721&t_tti=1624611202661&lid=6977651982688239310-0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df30b66c076adf58%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff32f5c47315a2a%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
gYBsXr77aCJzloql50zhKvivxR7pC2tBi3A+TVh+Zk0HQfX6Mb9czMN6ESP2xAdGwR6Y5sE2kaslBqKZR1v81w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 25 Jun 2021 08:53:22 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8nHTLT-AG_nyYM608MPbjo4cgK-Qez9IqbIiQUi-IHR1sg8p0dtki_pXT2xIA7FQK7xMTRxAGVMDQ0n8r0969QLPgKTiw2LwdR2CJ5ARQG9-sRe9gA5hDaSK67x9tYgPa37j409mPTnDYtItk5m602dZ0BpF8tD5RAJcuT5haRGx-gFU0uIR2f9dmgyV13Sg3xsX5XS9r9AWKWLcVW-8JuwjthaHcjiuht5ZH9tkCfoPcIo384vU49yS4fADYR9i3MDsAos4ToTvLym5H6Wz5vY-lMHafXOGW_Zbdg4-VOc5GKYUytARjDWZW2lLMbsIyhyyWh53_0GYeZBHpgAfYGsC6&sig=Cg0ArKJSzHU75k2IybhuEAE&urlfix=1&adurl=
Requested by
Host: 60d5997ba3e55.agencecw.com
URL: http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C681 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
45cbafae8ba3e0b10ba3e687de358b9aeae48fc5370d2c3918b875bc7e0a737f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"912 / 672 of 1000 / last-modified: 1624572544"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23741
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C681 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:22 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 3D06 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469958711216"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:22 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 954A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6797045229695336287
accept-ranges
bytes
content-length
2483
pubads_impl_2021062205.js
securepubads.g.doubleclick.net/gpt/ Frame C681 		326 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Jun 2021 16:13:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116215
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:22 GMT
match
c1.adform.net/serving/cookie/ Frame 018A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:23 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=3183969820326808279; expires=Tue, 24 Aug 2021 08:53:23 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 25 Jun 2021 08:53:23 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sun, 25 Jul 2021 08:53:23 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2EA5
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6957878956210444843
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6957878956210444843
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6957878956210444843
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8AA93842-9F5B-46B2-B43D-A34C14E9055D; chkChromeAb67Sec=1; DPSync3=1625788800%3A201_197_219%7C1624665600%3A174; SyncRTB3=1625875200%3A35%7C1627171200%3A203%7C1625184000%3A2_223_15%7C1625443200%3A63%7C1625788800%3A56_3_21_13_22_166_81_234_161_7_71_220_54_8; KRTBCOOKIE_377=6810-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&22918-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&23031-b50b0e03-a618-46c2-8179-2f76f1e7dc04; PugT=1624611201; PUBMDCID=3; KRTBCOOKIE_1101=23040-6977651985600608396
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:23 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-6957878956210444843; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:23 GMT; path=/ PugT=1624611203; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:23 GMT; path=/
x-lat
lhrpug011:0:576
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6957878956210444843
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame A409 		43 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 25 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
893
x-powered-by
ASP.NET
date
Fri, 25 Jun 2021 08:53:22 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 76CD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977651985600608396
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977651985600608396
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977651985600608396
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8AA93842-9F5B-46B2-B43D-A34C14E9055D; chkChromeAb67Sec=1; DPSync3=1625788800%3A201_197_219%7C1624665600%3A174; SyncRTB3=1625875200%3A35%7C1627171200%3A203%7C1625184000%3A2_223_15%7C1625443200%3A63%7C1625788800%3A56_3_21_13_22_166_81_234_161_7_71_220_54_8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:21 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6977651985600608396; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:21 GMT; path=/ PugT=1624611201; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:21 GMT; path=/
x-lat
amspug006:0:610
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 25 Jun 2021 08:53:23 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6977651985600608396; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977651985600608396
adx
match.prod.bidr.io/cookie-sync/ Frame FC42
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFESTJrN0Jxek1BQURYWDhTUDNHQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.183.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-183-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AADI2k7BqzMAADXX8SP3GA; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Fri, 25 Jun 2021 08:53:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Fri, 25 Jun 2021 08:53:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame A51C
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8AA93842-9F5B-46B2-B43D-A34C14E9055D; chkChromeAb67Sec=1; DPSync3=1625788800%3A201_197_219%7C1624665600%3A174; SyncRTB3=1625875200%3A35%7C1627171200%3A203%7C1625184000%3A2_223_15%7C1625443200%3A63%7C1625788800%3A56_3_21_13_22_166_81_234_161_7_71_220_54_8; KRTBCOOKIE_377=6810-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&22918-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&23031-b50b0e03-a618-46c2-8179-2f76f1e7dc04; PUBMDCID=3; KRTBCOOKIE_1101=23040-6977651985600608396; KRTBCOOKIE_391=22924-8448165717988194763&KRTB&23263-8448165717988194763; KRTBCOOKIE_153=19420-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H&KRTB&22979-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H; KRTBCOOKIE_336=5844-6957878956210444843; KRTBCOOKIE_57=22776-1365133449731120450; KRTBCOOKIE_218=22978-YNWZgwAB5PXnMQBg&KRTB&23194-YNWZgwAB5PXnMQBg&KRTB&23209-YNWZgwAB5PXnMQBg&KRTB&23244-YNWZgwAB5PXnMQBg; PugT=1624611202; KRTBCOOKIE_466=16530-c7f05d68-bbd4-4fac-bea0-6336ec866104; KRTBCOOKIE_22=14911-7834068029299504277; KRTBCOOKIE_27=16735-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&16736-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23019-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23114-uid:898060d5-9983-4500-9be7-780fed79589f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:22 GMT
content-type
text/html; charset=utf-8
x-lat
amspug019:2:242
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=627691ba-d727-4486-bf48-6dc65e53254f; path=/; domain=csync.loopme.me; Expires=Sun, 25-Jul-2021 08:53:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Fri, 25 Jun 2021 08:53:24 GMT
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2134
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iqk4Qp9bRrK0PaNMFOkFXQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:26 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=71792
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 26 Jun 2021 04:49:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=240f60d5-9983-4500-926e-5213c740597c
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=240f60d5-9983-4500-926e-5213c740597c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 25 Jun 2021 08:52:48 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=240f60d5-9983-4500-926e-5213c740597c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 08:52:47 GMT
/
pixel.onaudience.com/ Frame 2134
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=8AA93842-9F5B-46B2-B43D-A34C14E9055D
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=381594da0a9b19407621022a245453fb
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c601e152224366bf4b9b6d714f9b2890
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c601e152224366bf4b9b6d714f9b2890
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3174889.ip-51-210-112.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Fri, 25 Jun 2021 08:53:30 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c601e152224366bf4b9b6d714f9b2890
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEFBOTM4NDItOUY1Qi00NkIyLUI0M0QtQTM0QzE0RTkwNTVE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:398
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJXQ-RaOoA5zUGhkMgIhdlo&google_cver=1
42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJXQ-RaOoA5zUGhkMgIhdlo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:501
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJXQ-RaOoA5zUGhkMgIhdlo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2134 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 24 Jun 2021 08:53:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8448165717988194763
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8448165717988194763
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:383
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8448165717988194763
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:898060d5-9983-4500-9be7-780fed79589f&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:898060d5-9983-4500-9be7-780fed79589f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:444
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 25 Jun 2021 08:52:48 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:898060d5-9983-4500-9be7-780fed79589f&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 08:52:47 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b50b0e03-a618-46c2-8179-2f76f1e7dc04
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b50b0e03-a618-46c2-8179-2f76f1e7dc04
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:21 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:412
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b50b0e03-a618-46c2-8179-2f76f1e7dc04
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1365133449731120450&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1365133449731120450&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:432
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:22 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8453fcb8-d044-4842-b909-93d102fc763e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1365133449731120450&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
8AA93842-9F5B-46B2-B43D-A34C14E9055D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2134 		43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8AA93842-9F5B-46B2-B43D-A34C14E9055D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sF.tRX1E2uUNp04pQwg27dp9mOlJ2tg-~A&gdpr=0&gdpr_consent=
0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sF.tRX1E2uUNp04pQwg27dp9mOlJ2tg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Fri, 25 Jun 2021 08:53:22 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 25 Jun 2021 08:53:23 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sF.tRX1E2uUNp04pQwg27dp9mOlJ2tg-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H
42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:721
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNWZgwAB5PXnMQBg&gdpr=0&gdpr_consent=&_test=YNWZgwAB5PXnMQBg
1 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNWZgwAB5PXnMQBg&gdpr=0&gdpr_consent=&_test=YNWZgwAB5PXnMQBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:413
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1624611204.635925,VS0,VE0
x-served-by
cache-hhn4030-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNWZgwAB5PXnMQBg&gdpr=0&gdpr_consent=&_test=YNWZgwAB5PXnMQBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=6e991faf-94c6-4eaa-ab2c-f6e95c51c3b5&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7f05d68-bbd4-4fac-bea0-6336ec866104&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7f05d68-bbd4-4fac-bea0-6336ec866104&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:390
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c7f05d68-bbd4-4fac-bea0-6336ec866104&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7834068029299504277&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7834068029299504277&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:22 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:446
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7834068029299504277&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 2134
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5fbe0540-caaa-40be-a04f-e186d27209a3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5fbe0540-caaa-40be-a04f-e186d27209a3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:390
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5fbe0540-caaa-40be-a04f-e186d27209a3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 25 Jun 2021 08:53:24 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 2134 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
integrator.js
adservice.google.co.uk/adsid/ Frame C681 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C681 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C681 		418 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1201166739004975&correlator=4230325886531328&output=ldjh&impl=fif&eid=44742767%2C31061661&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=21863666334%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611203&dt=1624611203031&dlt=1624611202737&idt=285&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=1033481451&ucis=bogoac1vunjx&ifi=1&ifk=24158578&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&top=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1248489682.1624611203&ga_sid=1624611203&ga_hid=1626824153&ga_fc=false&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
36f01fb32ce23161680e1cf2b284e41ba149de9d9374ca5b9e6a4c1e962dce53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22640
x-xss-protection
0
google-lineitem-id
5546075965
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138331849821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0a4111afefe48e90d65202bb63827d65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F16 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0a4111afefe48e90d65202bb63827d65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
0a4111afefe48e90d65202bb63827d65.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 25 Jun 2021 08:53:23 GMT
expires
Sat, 25 Jun 2022 08:53:23 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame C681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWK8KxqLPSK5h603AXi2ucmKE9FCgbCmwNdfWI1cIAXBF6eyikmGlhwV6e9qQCfuhZ1MDHjdtOSLcCRymj5xBqdDmNcNlh9Dbh5LxkhJRoQBawEZf9Tb5XoxUy2uWmu5-vYQGnnkj4ou_Gs-zfKVRE0Kxv65CkqWWxjApIyYIjpWQbEDQkNd_0KF5jElRdaqMX2kG6m9rKw1wV87Ag1CiHUwt1cfkMCUtK1vMAL_WD4MSOm2oAV_5gH1pQdLrL4HwwCEi23pOye4ddTNozI2ULpcchwHO2H_fRo-tZ4UhfVvx-LEKUivEL_J7M3i_1Ql-UqYifSrHOWXhmGuA9vbvREVsXgdk&sig=Cg0ArKJSzMIiwiX8ZtAeEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 25 Jun 2021 08:53:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 792D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoYKqdqfCz9ckuzG2SODF95WB5pvVojK5ziwThcDTE7C6yEBmuEgPMJBScTqeva8dVQWgdr-ZoZc8uHUmcEfGqKN4WDt1ah_iRullFYn8uuB6DDgKL0jeIy8jaE7M6b131F-c4ze-4BU2zDxK5raPvMSaP3sLnn_Hyy9P-WAfN8crEwC49jcex7izqgSW3lyO-fwVKb-xoyjQS224t3tcOya2vWm0ACHxHw1RitcBDoPiRz-eHkIOLnl9sqSGGDKmvpO5Vi4gBM85APoKcz6gGadv7ohcxaDf1DHDQOu0DphLoDXL3h_LH7xgH&sig=Cg0ArKJSzJ2MPAXvLRUMEAE&urlfix=1&adurl=
Requested by
Host: 60d5997ba3e55.agencecw.com
URL: http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 792D 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 08:21:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 792D 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:23 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame C681 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469958711216"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C681 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062205&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a69e55ed1d1b61a39dc9d50bd012fcee5a769d67e9fd9839cff10f5a6b21322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8509
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 792D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOvpXdixdnbXBIwEpqcOhh03xaxdtkzFIgR_NY01u4iDADTOSDxYskJquq243WYdQsbEnN1zbfkOAjV3Ezvf52lzekZgksbwDwUCasWDHH0W3y0HTLUe71ZeAf0mGp4PISx60-PSbrHT1HeowpPZQVTVw2AV2cMfpkcGlZdnLemcr9RL4mrpYJdJKFagIydn11wQ_fLYXkxACEo5McZkUTsFCGSMm04Xtrw1iVlqCrCPtYnYedQ9eLBJSm-5toO6SPhLwCqfP3TY4xaVe_60sA6F-WZuO7SK-XLIJJMaCNx3Zg6AX-l8hL2xuZZFg&sig=Cg0ArKJSzDcSdKe8yn4VEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 25 Jun 2021 08:53:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C681 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:23 GMT
eed2d549-0466-4683-88d2-4e7caea86457
https://www.sanook.com/ Frame 3D06 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sanook.com/eed2d549-0466-4683-88d2-4e7caea86457
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5D65 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 25 Jun 2021 08:27:10 GMT
expires
Sat, 25 Jun 2022 08:27:10 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1E77 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29923abfacb3e1e34a0a7c29d4b26f120709aeb6aa0fb4a4f099f16dc5bdd8aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-geuPe+tKjQRLjHHdQgWRmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Fri, 25 Jun 2021 08:53:23 GMT
date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-geuPe+tKjQRLjHHdQgWRmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
XJNuD862gf4f0nvPPAbjPwJNpey2j9-BZmGDGqAPjUA.js
pagead2.googlesyndication.com/bg/ Frame 5D65 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/XJNuD862gf4f0nvPPAbjPwJNpey2j9-BZmGDGqAPjUA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c936e0fceb681fe1fd27bcf3c06e33f024da5ecb68fdf816661831aa00f8d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 06:16:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
9432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5736
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jun 2022 06:16:11 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012106141722000/ Frame 68FD 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b50d801b8502706ea91f90c83eb08253f16eb27bc83c6f4047af3655eed6ff
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
113504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55217
x-xss-protection
0
server
sffe
date
Thu, 24 Jun 2021 01:21:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6e85c2cf35b93d5b"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 01:21:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame 68FD 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
172216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4808
x-xss-protection
0
server
sffe
date
Wed, 23 Jun 2021 09:03:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"20d5993134a00e72"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 09:03:07 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame 68FD 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
172216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27288
x-xss-protection
0
server
sffe
date
Wed, 23 Jun 2021 09:03:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0e18b5d4ac760a2b"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 09:03:07 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame 68FD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
172216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1299
x-xss-protection
0
server
sffe
date
Wed, 23 Jun 2021 09:03:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"da415af7878c9ead"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 09:03:07 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012106141722000/v0/ Frame 68FD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012106141722000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
169939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12849
x-xss-protection
0
server
sffe
date
Wed, 23 Jun 2021 09:41:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b6ce0de783bcb6f"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 09:41:04 GMT
css
fonts.googleapis.com/ Frame 68FD 		6 KB
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 07:42:54 GMT
server
ESF
date
Fri, 25 Jun 2021 08:53:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Jun 2021 08:53:23 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/13857716592298440393/ Frame 68FD 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13857716592298440393/2076313506083323656
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed45ebbc8da67e9d806ac2cf5e4dbf7eb1d2f262d564a04c8ed6469990a460c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 08:22:32 GMT
x-content-type-options
nosniff
age
174651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28295
x-xss-protection
0
last-modified
Fri, 18 Jun 2021 06:23:00 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 08:22:32 GMT
truncated
/ Frame 68FD 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 68FD 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63e8047c63028068730c27ccc69363828daeba37ef2852ed7d62aae258cd24b4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 68FD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 17:22:16 GMT
x-content-type-options
nosniff
server
cafe
age
55867
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Fri, 25 Jun 2021 17:22:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 68FD 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 07:19:06 GMT
x-content-type-options
nosniff
server
cafe
age
5657
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 26 Jun 2021 07:19:06 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 68FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQhy2gpnVYKzNKoGcrAT6lLPAB56K4rdjnLDwzpAOv-EeEAEgr9HbH2C7BqABh4O_9wPIAQngAgCoAwHIAwqqBIMCT9CtxDk79xx2eUqSi-Ws7aRNij0LMTKQSnlVYDKA_7N3CS0ua4pFA637n3uqBJ2C3I39HJN1ppnKa8W0ZfgdBUMkPyIKvdVVYX3mKLYm0aZDs1oDULiVTvZIiPXTfKYlJjkoOZwnwzHOsYNlTzf2my7ZKk0P3KpSrmDst2Z7v1gokRzpAhmYDNzYv4p2z3xl-0LcttMFDbRhe9aSp47Gw6ZOpFm_LMvmVd40OgSA4yURzlLWrGZX7v0sBpuGv9V8SKAgO1ja13cIkIQ7QQqTE9ngLDDwQoLiwxFhl-YBOZrK1tZ9H4j5J8jyjt7-QwO7ItPWBBvDifG9k2CgHeDEdLV_zMAEzKOe9s8D4AQBkgUECAQYAZIFBAgFGASgBi6AB-T0l4kBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELneDNIICQiA4YBwEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi02MTY3MjM4NzEyNzI5MDMy&sigh=bJMA8mrLeHE&template_id=484
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 68FD 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sanook.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 02:11:10 GMT
x-content-type-options
nosniff
age
110533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 02:11:10 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 68FD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sanook.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 16:47:53 GMT
x-content-type-options
nosniff
age
230730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 16:47:53 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 68FD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 17:22:16 GMT
x-content-type-options
nosniff
server
cafe
age
55867
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Fri, 25 Jun 2021 17:22:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 68FD 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 07:19:06 GMT
x-content-type-options
nosniff
server
cafe
age
5657
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 26 Jun 2021 07:19:06 GMT
integrator.js
adservice.google.de/adsid/ Frame 3D06 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3D06 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3D06 		367 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1525235224083617&correlator=21214390536424&output=ldjh&impl=fif&eid=31060979%2C31061662&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C320x50%7C257x240%7C300x125&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611203&dt=1624611203566&dlt=1624611198944&idt=1496&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=1045&adys=815&adks=3064416212&ucis=2ttcsp5b51oy&ifi=4&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&top=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&psts=AGkb-H-7yT5hWNihwlswu2d0hOE5t1EKwWaOLZY-wMkqVEUFN8tYdDPLJppY0HNlzLf48ehiM5bBwx8NR2NdmfwPL2ULxmitg68kil5mS1JBkk_z2Kmlqz-wtPk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1908966533.1624611200&ga_sid=1624611203&ga_hid=772203542&ga_fc=false&fws=256&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
21343604052d4a69c3888921f27a8c03d75bfb7f88482f0723b95402186840c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B564 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=1365133449731120450; icu=ChgIvrdKEAoYASABKAEwgrPWhgY4AUABSAEQgrPWhgYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 23 Jun 2021 04:33:19 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 25 Jun 2021 08:53:23 GMT
Age
15600
X-Served-By
cache-lga21982-LGA, cache-fra19138-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 143793
X-Timer
S1624611204.759843,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A68C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 25 Jun 2021 08:53:23 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 198C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=1365133449731120450; icu=ChgIvrdKEAoYASABKAEwgrPWhgY4AUABSAEQgrPWhgYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 23 Jun 2021 04:33:19 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 25 Jun 2021 08:53:24 GMT
Age
15600
X-Served-By
cache-lga21982-LGA, cache-fra19156-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 146902
X-Timer
S1624611204.461411,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame BF7F 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
15a72a9e58687b6f90025061346ea23e50c3e7e5ba99e82119e5eb0ce81c5911

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0e23b166-3a80-0887-249c-063e86a7735e|1624611202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0e23b166-3a80-0887-249c-063e86a7735e|1624611202; Version=1; Expires=Sat, 25-Jun-2022 08:53:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624611203|gekin0vNiygu; Version=1; Expires=Sat, 10-Jul-2021 08:53:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Jun 2021 08:53:23 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 220B 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
15a72a9e58687b6f90025061346ea23e50c3e7e5ba99e82119e5eb0ce81c5911

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0e23b166-3a80-0887-249c-063e86a7735e|1624611202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0e23b166-3a80-0887-249c-063e86a7735e|1624611202; Version=1; Expires=Sat, 25-Jun-2022 08:53:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624611203|gekin0vNiygu; Version=1; Expires=Sat, 10-Jul-2021 08:53:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Jun 2021 08:53:23 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 5856 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 25 Jun 2021 08:53:24 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame CA94 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
15a72a9e58687b6f90025061346ea23e50c3e7e5ba99e82119e5eb0ce81c5911

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0e23b166-3a80-0887-249c-063e86a7735e|1624611202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0e23b166-3a80-0887-249c-063e86a7735e|1624611202; Version=1; Expires=Sat, 25-Jun-2022 08:53:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624611203|gekin0vNiygu; Version=1; Expires=Sat, 10-Jul-2021 08:53:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Jun 2021 08:53:23 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame A7F9 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
15a72a9e58687b6f90025061346ea23e50c3e7e5ba99e82119e5eb0ce81c5911

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=0e23b166-3a80-0887-249c-063e86a7735e|1624611202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=0e23b166-3a80-0887-249c-063e86a7735e|1624611202; Version=1; Expires=Sat, 25-Jun-2022 08:53:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624611203|gekin0vNiygu; Version=1; Expires=Sat, 10-Jul-2021 08:53:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Jun 2021 08:53:23 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 179B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 25 Jun 2021 08:53:24 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame FFC2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=1365133449731120450; icu=ChgIvrdKEAoYASABKAEwgrPWhgY4AUABSAEQgrPWhgYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 23 Jun 2021 04:33:19 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 25 Jun 2021 08:53:23 GMT
Age
15600
X-Served-By
cache-lga21982-LGA, cache-fra19137-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 144379
X-Timer
S1624611204.741611,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F57C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=1365133449731120450; icu=ChgIvrdKEAoYASABKAEwgrPWhgY4AUABSAEQgrPWhgYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Wed, 23 Jun 2021 04:33:19 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 25 Jun 2021 08:53:24 GMT
Age
15600
X-Served-By
cache-lga21982-LGA, cache-fra19156-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 146904
X-Timer
S1624611205.542832,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 61EB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 25 Jun 2021 08:53:24 GMT
Connection
keep-alive
integrator.js
adservice.google.com/adsid/ Frame 3D06 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3D06 		373 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1525235224083617&correlator=1939832988497078&output=ldjh&impl=fif&eid=31060979%2C31061662&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611203&dt=1624611203607&dlt=1624611198944&idt=1496&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=255&adys=1300&adks=3181699296&ucis=wwq8e2sid6dl&ifi=5&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&top=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=728x0&msz=728x0&psts=AGkb-H-7yT5hWNihwlswu2d0hOE5t1EKwWaOLZY-wMkqVEUFN8tYdDPLJppY0HNlzLf48ehiM5bBwx8NR2NdmfwPL2ULxmitg68kil5mS1JBkk_z2Kmlqz-wtPk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1908966533.1624611200&ga_sid=1624611203&ga_hid=772203542&ga_fc=false&fws=256&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
177322a3ab92d483a5d87d30a5ab810840d59f2933c22a4f47e381f00c93238a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3D06 		368 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1525235224083617&correlator=3306829222476955&output=ldjh&impl=fif&eid=31060979%2C31061662&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Ctower&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600%7C240x400&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611203&dt=1624611203615&dlt=1624611198944&idt=1496&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=1045&adys=2270&adks=3943158814&ucis=sj67a04wymhl&ifi=6&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&top=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&psts=AGkb-H-7yT5hWNihwlswu2d0hOE5t1EKwWaOLZY-wMkqVEUFN8tYdDPLJppY0HNlzLf48ehiM5bBwx8NR2NdmfwPL2ULxmitg68kil5mS1JBkk_z2Kmlqz-wtPk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1908966533.1624611200&ga_sid=1624611203&ga_hid=772203542&ga_fc=false&fws=256&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f63aa297624d8ddcea074ab9ebb96a9e0157cec10aad7c8c89efd9fb37430f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
155
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3D06 		372 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1525235224083617&correlator=3870973325683613&output=ldjh&impl=fif&eid=31060979%2C31061662&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1130x250%7C1090x250%7C970x250&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611203&dt=1624611203627&dlt=1624611198944&idt=1496&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=255&adys=75&adks=4183536285&ucis=4aggahfcij3c&ifi=7&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&top=http%3A%2F%2F60d5997ba3e55.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=1090x-1&msz=1090x-1&psts=AGkb-H-7yT5hWNihwlswu2d0hOE5t1EKwWaOLZY-wMkqVEUFN8tYdDPLJppY0HNlzLf48ehiM5bBwx8NR2NdmfwPL2ULxmitg68kil5mS1JBkk_z2Kmlqz-wtPk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1908966533.1624611200&ga_sid=1624611203&ga_hid=772203542&ga_fc=false&fws=260&ohw=1090
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8f0317607736874c20fe0a105a9dfd25e53409997eab28b3db331f87001392cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY1NC84MjczNTM0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoNDguanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/ Frame 3D06 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY1NC84MjczNTM0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoNDguanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ac1716468e92e7f66d6720acf96132e7ff1f1d5d45517a1ff4527e96ee3186bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 23:06:59 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1422830494246075104
accept-ranges
bytes
content-length
18845
expires
Tue, 20 Jul 2021 23:06:59 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY1Ni84MjgyNjAyL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/ Frame 3D06 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY1Ni84MjgyNjAyL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
653a4e12d09d03b72922721183af52159f5942cdafdcfb10998a9b155943a203

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 23:06:59 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10989149811990347779
accept-ranges
bytes
content-length
19736
expires
Tue, 20 Jul 2021 23:06:59 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY2OC84MzQ0MDQyL21vbTguanBn.jpg
s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/ Frame 3D06 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY2OC84MzQ0MDQyL21vbTguanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a4148beda0bd8d0202f20db810aa194a5a8b49bdc430a217d3d14ebcbdea2be0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 06:18:42 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6704876904996619216
accept-ranges
bytes
content-length
12979
expires
Sun, 18 Jul 2021 06:18:42 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTU5MS83OTU4ODE4L3Nhbm9va190aHVtYm5haWxfNzI4eDQzNyg0OSkuanBn.jpg
s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/ Frame 3D06 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTU5MS83OTU4ODE4L3Nhbm9va190aHVtYm5haWxfNzI4eDQzNyg0OSkuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2036793458cbb7533a464ef19f0232632cac7eaaadb37523c8f181d6b15d100b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 17:37:25 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10932055227724446801
accept-ranges
bytes
content-length
12075
expires
Tue, 20 Jul 2021 17:37:25 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTU5Ni83OTgyODEwL2FjY2lkZW50LmpwZw==.jpg
s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/ Frame 3D06 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTU5Ni83OTgyODEwL2FjY2lkZW50LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
0701539536ae365a201af6f56d9395dedb157854942c831daaab161c0373aabe

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 10:05:23 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10867172710981802462
accept-ranges
bytes
content-length
11994
expires
Fri, 23 Jul 2021 10:05:23 GMT
logo-sanook-app02.svg
s.isanook.com/sr/0/images/icon/ Frame 3D06 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/logo-sanook-app02.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 14:18:51 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 13:11:33 GMT
server
Lego Server
age
0
etag
W/"60d48485-183b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14443532971646416295
accept-ranges
bytes
content-length
6203
expires
Sat, 24 Jul 2021 14:18:51 GMT
ico-ios.svg
s.isanook.com/sr/0/images/icon/ Frame 3D06 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-ios.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:36:33 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 10:11:18 GMT
server
Lego Server
age
0
etag
W/"60d45a46-b27"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6848020675204256431
accept-ranges
bytes
content-length
2855
expires
Sat, 24 Jul 2021 10:36:33 GMT
ico-android.svg
s.isanook.com/sr/0/images/icon/ Frame 3D06 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-android.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 09:05:34 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 04:59:58 GMT
server
Lego Server
age
20170
etag
W/"60c9854e-12a2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
1373420522689366479
accept-ranges
bytes
content-length
4770
expires
Fri, 16 Jul 2021 09:05:34 GMT
speech.gif
s.isanook.com/sr/0/images/icon/ Frame 3D06 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/speech.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 15:33:22 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"60c9854e-60d"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
12620627958321392148
accept-ranges
bytes
content-length
1549
expires
Fri, 16 Jul 2021 15:33:22 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C681 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 792D 		0
0
sd
eu-u.openx.net/w/1.0/ Frame BF7F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a36160d5-9983-4500-be69-7a2346643360
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a36160d5-9983-4500-be69-7a2346643360
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 25 Jun 2021 08:52:48 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a36160d5-9983-4500-be69-7a2346643360
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 08:52:47 GMT
sd
us-u.openx.net/w/1.0/ Frame BF7F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BF7F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame BF7F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=dd8f8e3f-9307-3770-7e4a-ced6e28040a3&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BF7F 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjFlMDVkZjUtNWE3MC02OWQ0LTZiYWEtOTQ2ZjI4NjI4ZWMz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BF7F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 220B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54c060d5-9983-4100-b8c6-b51672bf7355
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54c060d5-9983-4100-b8c6-b51672bf7355
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 25 Jun 2021 08:52:48 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54c060d5-9983-4100-b8c6-b51672bf7355
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 08:52:47 GMT
sd
us-u.openx.net/w/1.0/ Frame 220B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 220B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 220B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=dd8f8e3f-9307-3770-7e4a-ced6e28040a3&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 220B 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjFlMDVkZjUtNWE3MC02OWQ0LTZiYWEtOTQ2ZjI4NjI4ZWMz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 220B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame CA94
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ef5260d5-9984-4a00-8d72-1751966c7da4
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ef5260d5-9984-4a00-8d72-1751966c7da4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 25 Jun 2021 08:52:48 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ef5260d5-9984-4a00-8d72-1751966c7da4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 08:52:47 GMT
sd
us-u.openx.net/w/1.0/ Frame CA94
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame CA94
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame CA94 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=dd8f8e3f-9307-3770-7e4a-ced6e28040a3&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame CA94 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjFlMDVkZjUtNWE3MC02OWQ0LTZiYWEtOTQ2ZjI4NjI4ZWMz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CA94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame A7F9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=db2f60d5-9984-4a00-a727-2f1dfbcc9504
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=db2f60d5-9984-4a00-a727-2f1dfbcc9504
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 25 Jun 2021 08:52:48 GMT
Server
MT3 3759 5f8f15b master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=db2f60d5-9984-4a00-a727-2f1dfbcc9504
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 08:52:47 GMT
sd
us-u.openx.net/w/1.0/ Frame A7F9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=a996vWTWJrtw3SnsO40zvD_cfOtw3ymxPN-dK4zm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame A7F9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8448165717988194763
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame A7F9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=dd8f8e3f-9307-3770-7e4a-ced6e28040a3&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A7F9 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjFlMDVkZjUtNWE3MC02OWQ0LTZiYWEtOTQ2ZjI4NjI4ZWMz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A7F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcsAfT0h1C_or8HZEN2Ydg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 198C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:23 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6655a26c-b119-44d1-b38b-8702abb94d08
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B564 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:23 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
23753475-bdea-47c6-8247-184dfe579071
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FFC2 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:23 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
402b3fbf-bd8d-4ee2-bd73-023a56d48c48
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F57C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:23 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d0a655a3-9f31-4432-9720-d22e9c103956
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C983 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f2e189a61f0132519a26f1862d947dabe40e809e8e925c3813226fa0fde8c48f

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMST=YNWZgmDVmYIB; CMDD=AAjC5AE*; CMID=YNWZgjRrR5X6nAg6iqay9gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|152|8|10|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1557
Expires
Fri, 25 Jun 2021 08:53:24 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWZgjRrR5X6nAg6iqay9gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 08:53:24 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 08:53:24 GMT CMPRO=1127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 08:53:24 GMT CMRUM3=9860d5998405a00&f160d5998405a0&0860d5998405a00&0a60d5998427600&0460d5998405a0&2760d599840b40&e660d599842760&2d60d5998405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 08:53:24 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 08:53:24 GMT CMST=YNWZgmDVmYQB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 08:53:24 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B1C9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d0f258800227dc65271e0af571cf31f56fe775f26c9aadc0713e3aafc8acb822

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMST=YNWZgmDVmYIB; CMDD=AAjC5AE*; CMID=YNWZgjRrR5X6nAg6iqay9gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|64|8|46|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1746
Expires
Fri, 25 Jun 2021 08:53:24 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWZgjRrR5X6nAg6iqay9gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 08:53:24 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 08:53:24 GMT CMPRO=1127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 08:53:24 GMT CMRUM3=0360d5998405a0&2e60d5998405a0&4060d5998405a0&2d60d5998405a0&2760d599840b40&e660d599842760&f160d5998405a0&0860d5998405a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 08:53:24 GMT CMST=YNWZgmDVmYQB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 08:53:24 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 08:53:24 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 0212 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
07d6b660e6ed760205990b476160f1fa1bc18ad4b569368640809c3b067f843d

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMST=YNWZgmDVmYIB; CMDD=AAjC5AE*; CMID=YNWZgjRrR5X6nAg6iqay9gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|221|111|73|130
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1708
Expires
Fri, 25 Jun 2021 08:53:24 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWZgjRrR5X6nAg6iqay9gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 08:53:24 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 08:53:24 GMT CMPRO=1127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 08:53:24 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 08:53:24 GMT CMST=YNWZgmDVmYQB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 08:53:24 GMT CMRUM3=f160d5998405a0&dd60d599842760&2760d599840b40&e660d599842760&2d60d5998405a0&4960d5998405a0&6f60d5998405a0&8260d59984a8c0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 08:53:24 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 77D6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
608b41bc7f69d5c35fb97eb4e0b0d7e6957abd4a042077b6595fc564c5b5da0a

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMST=YNWZgmDVmYIB; CMDD=AAjC5AE*; CMID=YNWZgjRrR5X6nAg6iqay9gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|39|230|13|5|47|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1790
Expires
Fri, 25 Jun 2021 08:53:24 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWZgjRrR5X6nAg6iqay9gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 08:53:24 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 08:53:24 GMT CMPRO=1127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 08:53:24 GMT CMRUM3=2960d5998405a0&0560d5998405a0&2f60d5998405a0&e660d599842760&2760d599840b40&2d60d5998405a0&0d60d5998405a0&f160d5998405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 08:53:24 GMT CMST=YNWZgmDVmYQB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 08:53:24 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 08:53:24 GMT
dcm
s.amazon-adsystem.com/ Frame C983
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C983
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C983 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YNWZgjRrR5X6nAg6iqay9gAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame C983
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWZgjRrR5X6nAg6iqay9gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C983
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3c3f659a-83f5-450f-ab5d-2c15cabac580
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3c3f659a-83f5-450f-ab5d-2c15cabac580
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:25 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=3c3f659a-83f5-450f-ab5d-2c15cabac580
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C983
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=33170d48-556e-4121-bb53-7baf24b74e0f&expiration=1656147205
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=33170d48-556e-4121-bb53-7baf24b74e0f&expiration=1656147205
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=33170d48-556e-4121-bb53-7baf24b74e0f&expiration=1656147205
date
Fri, 25 Jun 2021 08:53:25 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame C983
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=588035168856
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=588035168856
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:29 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=588035168856
rum
dsum-sec.casalemedia.com/ Frame C983
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7834068029299504277
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7834068029299504277
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7834068029299504277
pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C983 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YNWZgjRrR5X6nAg6iqay9gAA%261127
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 08:53:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1921
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:25:25 GMT
dcm
s.amazon-adsystem.com/ Frame B1C9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B1C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B1C9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YNWZgjRrR5X6nAg6iqay9gAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B1C9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWZgjRrR5X6nAg6iqay9gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B1C9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1627203204
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1627203204
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:25 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1627203204
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame B1C9
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1e8f6c21-df3b-48d1-8371-c938be7a280f&expiration=1656147205
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1e8f6c21-df3b-48d1-8371-c938be7a280f&expiration=1656147205
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1e8f6c21-df3b-48d1-8371-c938be7a280f&expiration=1656147205
date
Fri, 25 Jun 2021 08:53:25 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame B1C9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1365133449731120450
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1365133449731120450
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:25 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d1e043ff-39d8-489d-85dd-63a73f14fe7c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1365133449731120450
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B1C9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=db2f60d5-9984-4a00-a727-2f1dfbcc9504
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=db2f60d5-9984-4a00-a727-2f1dfbcc9504
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:25 GMT

Redirect headers

Date
Fri, 25 Jun 2021 08:52:48 GMT
Server
MT3 3799 851f7e8 master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=db2f60d5-9984-4a00-a727-2f1dfbcc9504
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 08:52:47 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B1C9 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YNWZgjRrR5X6nAg6iqay9gAA%261127
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 08:53:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1921
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:25:25 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0212 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YNWZgjRrR5X6nAg6iqay9gAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 0212
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0212
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWZgjRrR5X6nAg6iqay9gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0212
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tpid=YNWZgjRrR5X6nAg6iqay9gAA%261127
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 0212 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YNWZgjRrR5X6nAg6iqay9gAA%261127?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.151
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame 0212
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8448165717988194763&expiration=1625820804
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8448165717988194763&expiration=1625820804
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:25 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8448165717988194763&expiration=1625820804
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0212 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 0212 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.183.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-183-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0212 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YNWZgjRrR5X6nAg6iqay9gAA%261127
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 08:53:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1921
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:25:25 GMT
dcm
s.amazon-adsystem.com/ Frame 77D6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 77D6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWZgjRrR5X6nAg6iqay9gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG_k-Hu_nlUf2c6OcU7a-tA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 77D6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YNWZgjRrR5X6nAg6iqay9gAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 77D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWZgjRrR5X6nAg6iqay9gAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:26 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEErleG0-uksrm1JlDzMag54&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 77D6
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0664220405763d2fed18bf55&expiration=[EXPIRATION]
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0664220405763d2fed18bf55&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:25 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0664220405763d2fed18bf55&expiration=[EXPIRATION]
Date
Fri, 25 Jun 2021 08:53:24 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
ix
ad4m.at/ad/sim/ Frame 77D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 77D6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ji6jqEFY1LWHAz5
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ji6jqEFY1LWHAz5&C=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ji6jqEFY1LWHAz5&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 08:53:28 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ji6jqEFY1LWHAz5&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Fri, 25 Jun 2021 08:53:27 GMT
bridge
cm.adgrx.com/ Frame 77D6 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:26 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-3
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 77D6 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YNWZgjRrR5X6nAg6iqay9gAA%261127
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 08:53:24 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1921
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:25:25 GMT
dc-script-v2.min.js
sal.isanook.com/dc/ Frame 3D06 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: 60d5997ba3e55.agencecw.com
URL: http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-132.static.asianet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
25278
date
Fri, 25 Jun 2021 08:53:24 GMT
content-encoding
gzip
last-modified
Mon, 16 Nov 2020 11:46:30 GMT
server
nginx
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10744
expires
Sun, 25 Jul 2021 08:53:24 GMT
wl
t.pubmatic.com/ Frame 3D06 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 3D06 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 3D06 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 3D06 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 3D06 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 3D06 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 3D06 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 2134 		0
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Fri, 25 Jun 2021 08:53:23 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8
async_usersync
ib.adnxs.com/ Frame 198C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a0e73661-0680-4639-8d7b-faa5bf1f64c6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B564 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
411dcca8-f83e-4b1a-afb5-051a503db1ec
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FFC2 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dd8d2673-a35f-42e3-b806-79805f673732
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F57C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:24 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e436ecdc-cabf-4256-808d-ccfe0c4f919c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
graph.sanook.com/ Frame 3D06 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22news%22%2C%22entryId%22%3A%228357734%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a59061cdbb7378531ac02ef6b766b1fa659bd748%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
0c83223465e0ea00d4676d4ef4d6790a988fb858b6306d8d143bc24565e0e2f0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
XPURGE
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 25 Jun 2021 08:53:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
BYPASS
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22news%22%2C%22entryId%22%3A%228357734%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a59061cdbb7378531ac02ef6b766b1fa659bd748%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,xpurge
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 08:53:27 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
jquery-1.8.3.min.js
s.isanook.com/sh/0/js/ Frame 3D06 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:51:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
93636
server
Lego Server
age
24581
etag
W/"PSA-aj-0IhQ85x_cu"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
633348308462321408
accept-ranges
bytes
content-length
33384
expires
Fri, 16 Jul 2021 08:51:13 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3989 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73880682&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d1e7e3564fa14f4f2b60b7500f69ed42e3a74875dadc6ce9eebc210117599af3

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:25 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 296F 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42096110&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d1e7e3564fa14f4f2b60b7500f69ed42e3a74875dadc6ce9eebc210117599af3

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:23 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame B0BC
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3078780033
  • https://sync.1rx.io/usersync/tradedesk/b50b0e03-a618-46c2-8179-2f76f1e7dc04
  • https://sync.targeting.unrulymedia.com/csync/RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
42 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8AA93842-9F5B-46B2-B43D-A34C14E9055D; KRTBCOOKIE_377=6810-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&22918-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&23031-b50b0e03-a618-46c2-8179-2f76f1e7dc04; PUBMDCID=3; KRTBCOOKIE_1101=23040-6977651985600608396; KRTBCOOKIE_391=22924-8448165717988194763&KRTB&23263-8448165717988194763; KRTBCOOKIE_153=19420-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H&KRTB&22979-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H; KRTBCOOKIE_336=5844-6957878956210444843; KRTBCOOKIE_57=22776-1365133449731120450; KRTBCOOKIE_218=22978-YNWZgwAB5PXnMQBg&KRTB&23194-YNWZgwAB5PXnMQBg&KRTB&23209-YNWZgwAB5PXnMQBg&KRTB&23244-YNWZgwAB5PXnMQBg; KRTBCOOKIE_466=16530-c7f05d68-bbd4-4fac-bea0-6336ec866104; KRTBCOOKIE_22=14911-7834068029299504277; KRTBCOOKIE_27=16735-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&16736-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23019-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23114-uid:898060d5-9983-4500-9be7-780fed79589f; SPugT=1624611203; chkChromeAb67Sec=2; DPSync3=1625788800%3A221_226_227_201_197_219%7C1627171200%3A232%7C1624665600%3A174; SyncRTB3=1625788800%3A104_54_165_189_231_222_22_166_234_7_88_13_99_233_21_220_8_204_5_56_81_161_55_71_176_78_57_3_230%7C1625184000%3A2_15_67_223%7C1625443200%3A63%7C1625875200%3A35%7C1627171200%3A203%7C1629763200%3A69; KRTBCOOKIE_188=3189-no-consent; PugT=1624611205; KRTBCOOKIE_409=22966-NmcksfifkFx7LEDqqz92XCO1; KRTBCOOKIE_1074=22956-e_baff0a61-ae33-491e-a781-4ae151d2e65a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003&KRTB&17107-RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:26 GMT; path=/ PugT=1624611206; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:26 GMT; path=/
x-lat
amspug002:0:409
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 25 Jun 2021 08:53:26 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003%22%7D; path=/; expires=Sat, 25 Jun 2022 08:53:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
etag
RX406f152d24b343e9b195bcf5c228df9a003
dpe
ad4m.at/ad/ Frame 4E24 		42 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 08:53:25 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae3f8caa100000605d19fe000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664cf7243a3e0605-FRA
Pug
image2.pubmatic.com/AdServer/ Frame 0BED
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8AA93842-9F5B-46B2-B43D-A34C14E9055D; KRTBCOOKIE_377=6810-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&22918-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&23031-b50b0e03-a618-46c2-8179-2f76f1e7dc04; PUBMDCID=3; KRTBCOOKIE_1101=23040-6977651985600608396; KRTBCOOKIE_391=22924-8448165717988194763&KRTB&23263-8448165717988194763; KRTBCOOKIE_153=19420-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H&KRTB&22979-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H; KRTBCOOKIE_336=5844-6957878956210444843; KRTBCOOKIE_57=22776-1365133449731120450; KRTBCOOKIE_218=22978-YNWZgwAB5PXnMQBg&KRTB&23194-YNWZgwAB5PXnMQBg&KRTB&23209-YNWZgwAB5PXnMQBg&KRTB&23244-YNWZgwAB5PXnMQBg; KRTBCOOKIE_466=16530-c7f05d68-bbd4-4fac-bea0-6336ec866104; KRTBCOOKIE_22=14911-7834068029299504277; KRTBCOOKIE_27=16735-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&16736-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23019-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23114-uid:898060d5-9983-4500-9be7-780fed79589f; SPugT=1624611203; chkChromeAb67Sec=2; DPSync3=1625788800%3A221_226_227_201_197_219%7C1627171200%3A232%7C1624665600%3A174; SyncRTB3=1625788800%3A104_54_165_189_231_222_22_166_234_7_88_13_99_233_21_220_8_204_5_56_81_161_55_71_176_78_57_3_230%7C1625184000%3A2_15_67_223%7C1625443200%3A63%7C1625875200%3A35%7C1627171200%3A203%7C1629763200%3A69; KRTBCOOKIE_188=3189-no-consent; PugT=1624611205
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:25 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-NmcksfifkFx7LEDqqz92XCO1; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:25 GMT; path=/ PugT=1624611205; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:25 GMT; path=/
x-lat
lhrpug014:0:473
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 25 Jun 2021 08:53:25 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=NmcksfifkFx7LEDqqz92XCO1; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame E235 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 25 Jun 2021 08:53:25 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 141F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a6noeUMZaACmpqGpU8IhwZak3bIkYG6sZaGJfYN2r6L
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 08:53:26 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=amntmIy4ZawEBA9MAJP7fLKYCvRfvN6aRGrMcFgQc6b3LMZbtFuM8WrDqSsqviyvZbNCIYHak3VMr1Mid4RjgFEhgXN; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 08:53:26 GMT; SameSite=None; Secure; ANON_ID_old=amntmIy4ZawEBA9MAJP7fLKYCvRfvN6aRGrMcFgQc6b3LMZbtFuM8WrDqSsqviyvZbNCIYHak3VMr1Mid4RjgFEhgXN; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 08:53:26 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0ae3f8cb6a00002c42e90b4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664cf7257bc22c42-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Fri, 25 Jun 2021 08:53:25 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
456
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a6noeUMZaACmpqGpU8IhwZak3bIkYG6sZaGJfYN2r6L; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 08:53:25 GMT; SameSite=None; Secure; ANON_ID_old=a6noeUMZaACmpqGpU8IhwZak3bIkYG6sZaGJfYN2r6L; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 08:53:25 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0ae3f8cabd00002c42e4360000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664cf72458c72c42-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame CF44
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jbE1faLP5leE&pid=557219
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jbE1faLP5leE&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jbE1faLP5leE&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PugT=1624611207; PUBMDCID=3; KRTBCOOKIE_107=1471-uid:S5FemGaf1LWHAz5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/
x-lat
amspug019:0:313
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-stage-0
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=jbE1faLP5leE;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Mon, 20-Jun-2022 08:53:29 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=6733b70f9d4b4584; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=jbE1faLP5leE&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
141
match.deepintent.com/usersync/ Frame F81B 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 25 Jun 2021 08:53:26 GMT
server
b
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 5667
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9cf9dc5c-608c-47b9-8634-0cb8c1b64a24-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9cf9dc5c-608c-47b9-8634-0cb8c1b64a24-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9cf9dc5c-608c-47b9-8634-0cb8c1b64a24-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=9cf9dc5c-608c-47b9-8634-0cb8c1b64a24-tuct7cf1f05
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 25 Jun 2021 08:53:26 GMT
via
1.1 varnish
x-served-by
cache-hhn11568-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1624611206.188849,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=9cf9dc5c-608c-47b9-8634-0cb8c1b64a24-tuct7cf1f05;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 25-Jun-2022 08:53:25 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9cf9dc5c-608c-47b9-8634-0cb8c1b64a24-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 25 Jun 2021 08:53:25 GMT
via
1.1 varnish
x-served-by
cache-fra19181-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1624611206.807721,VS0,VE9
x-vcl-time-ms
9
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 71E7
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
154 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1624611207027; TapAd_DID=9485694f-4e28-4dc5-bb06-bb62098e62d4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 08:53:27 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Fri, 25 Jun 2021 08:53:27 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1624611207027;Expires=Tue, 24 Aug 2021 08:53:27 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=0d68d42b-1d95-42e7-a90b-f675673c694a;Expires=Tue, 24 Aug 2021 08:53:27 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame 1792
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rgTnlT4o1LWHAz5&gdpr=0&gdpr_consent=
42 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rgTnlT4o1LWHAz5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rgTnlT4o1LWHAz5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:rgTnlT4o1LWHAz5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/ PugT=1624611207; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/
x-lat
amspug013:0:354
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 25 Jun 2021 08:53:27 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:rgTnlT4o1LWHAz5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-09aa64c92a07a6de3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=rgTnlT4o1LWHAz5; Domain=.w55c.net; Expires=Mon, 25-Jul-2022 08:53:27 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 25-Jul-2021 08:53:27 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 5817
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-xckd92OTudtJQRyR2RAt9RmJJI
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-xckd92OTudtJQRyR2RAt9RmJJI
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-xckd92OTudtJQRyR2RAt9RmJJI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PugT=1624611207; PUBMDCID=3; KRTBCOOKIE_107=1471-uid:S5FemGaf1LWHAz5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335--xckd92OTudtJQRyR2RAt9RmJJI; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/ PugT=1624611207; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/
x-lat
amspug017:0:405
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 25 Jun 2021 08:53:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-xckd92OTudtJQRyR2RAt9RmJJI
Set-Cookie
sa-user-id=s%3A0-fb172477-dd8e-4ee7-6d25-0472476440b7.9i5TuMgZCauA%2BLx41%2FbehZKB9WADbO2EQpn05i5DpZ0; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-fb172477-dd8e-4ee7-6d25-0472476440b7%24ip%24212.102.36.146.q803MOX4WEu43TE51jwwbc0AIkrOKbvuFFkf%2F71Og4s; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
usersync
match.bnmla.com/ Frame 3960 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 08:53:29 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 30A0
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA63AD1F63554A28B7119A86AEE77099
1 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA63AD1F63554A28B7119A86AEE77099
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA63AD1F63554A28B7119A86AEE77099
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:29 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:29 GMT; path=/
x-lat
amspug009:0:418
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 25 Jun 2021 08:53:30 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AA63AD1F63554A28B7119A86AEE77099
set-cookie
suid=AA63AD1F63554A28B7119A86AEE77099; Path=/; domain=simpli.fi; Expires=Sun, 26-Jun-22 08:53:30 GMT; SameSite=none; Secure; suid_legacy=AA63AD1F63554A28B7119A86AEE77099; Path=/; domain=simpli.fi; Expires=Sun, 26-Jun-22 08:53:30 GMT; Secure;
expires
Thu, 24 Jun 2021 08:53:30 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Artemis
aud.pubmatic.com/AdServer/ Frame 3989
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&addseg=11,34,40
7 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&addseg=11,34,40
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:29 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 25 Jun 2021 08:53:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&addseg=11,34,40
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 3989
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:25 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:25 GMT
frontend-id
3
location
/pubmatic/1/info2?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3989 		95 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
664cf7243bd04ec2-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0ae3f8caa100004ec27bb4b000000001
/
loadm.exelator.com/load/ Frame 3989
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 25 Jun 2021 08:53:26 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3989
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:25 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:1019
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:25 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3989
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8575637080926618165
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8575637080926618165
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:28 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:209
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:29 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2be6e78c-6d5f-4c52-8444-40fff2bd0480
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8575637080926618165
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3989
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_baff0a61-ae33-491e-a781-4ae151d2e65a
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_baff0a61-ae33-491e-a781-4ae151d2e65a
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:25 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:2846
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_baff0a61-ae33-491e-a781-4ae151d2e65a
date
Fri, 25 Jun 2021 08:53:25 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 3989
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cfd7314e-d592-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
1 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cfd7314e-d592-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:28 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:364
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cfd7314e-d592-11eb-9754-ed51a704cc59&gdpr=0&gdpr_consent=
Date
Fri, 25 Jun 2021 08:53:29 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
cfd7314f-d592-11eb-9754-ed51a704cc59
Artemis
aud.pubmatic.com/AdServer/ Frame 296F
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&addseg=11,34,40
7 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&addseg=11,34,40
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:29 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 25 Jun 2021 08:53:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&addseg=11,34,40
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 296F
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:25 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:25 GMT
frontend-id
7
location
/pubmatic/1/info2?sType=sync&sExtCookieId=8AA93842-9F5B-46B2-B43D-A34C14E9055D&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 296F 		95 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8AA93842-9F5B-46B2-B43D-A34C14E9055D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
664cf7243beb4ec2-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0ae3f8caa500004ec2e492a000000001
/
loadm.exelator.com/load/ Frame 296F
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 25 Jun 2021 08:53:26 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=8AA93842-9F5B-46B2-B43D-A34C14E9055D&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 296F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:25 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:609
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2398
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7769377880
  • https://sync.1rx.io/usersync/tradedesk/b50b0e03-a618-46c2-8179-2f76f1e7dc04
  • https://sync.targeting.unrulymedia.com/csync/RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8AA93842-9F5B-46B2-B43D-A34C14E9055D; KRTBCOOKIE_377=6810-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&22918-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&23031-b50b0e03-a618-46c2-8179-2f76f1e7dc04; PUBMDCID=3; KRTBCOOKIE_1101=23040-6977651985600608396; KRTBCOOKIE_391=22924-8448165717988194763&KRTB&23263-8448165717988194763; KRTBCOOKIE_153=19420-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H&KRTB&22979-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H; KRTBCOOKIE_336=5844-6957878956210444843; KRTBCOOKIE_57=22776-1365133449731120450; KRTBCOOKIE_218=22978-YNWZgwAB5PXnMQBg&KRTB&23194-YNWZgwAB5PXnMQBg&KRTB&23209-YNWZgwAB5PXnMQBg&KRTB&23244-YNWZgwAB5PXnMQBg; KRTBCOOKIE_466=16530-c7f05d68-bbd4-4fac-bea0-6336ec866104; KRTBCOOKIE_22=14911-7834068029299504277; KRTBCOOKIE_27=16735-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&16736-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23019-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23114-uid:898060d5-9983-4500-9be7-780fed79589f; SPugT=1624611203; chkChromeAb67Sec=2; DPSync3=1625788800%3A221_226_227_201_197_219%7C1627171200%3A232%7C1624665600%3A174; SyncRTB3=1625788800%3A104_54_165_189_231_222_22_166_234_7_88_13_99_233_21_220_8_204_5_56_81_161_55_71_176_78_57_3_230%7C1625184000%3A2_15_67_223%7C1625443200%3A63%7C1625875200%3A35%7C1627171200%3A203%7C1629763200%3A69; KRTBCOOKIE_188=3189-no-consent; PugT=1624611205; KRTBCOOKIE_409=22966-NmcksfifkFx7LEDqqz92XCO1; KRTBCOOKIE_1074=22956-e_baff0a61-ae33-491e-a781-4ae151d2e65a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:24 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003&KRTB&17107-RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:24 GMT; path=/ PugT=1624611204; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:24 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:24 GMT; path=/
x-lat
amspug003:0:421
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 25 Jun 2021 08:53:26 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003%22%7D; path=/; expires=Sat, 25 Jun 2022 08:53:26 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-406f152d-24b3-43e9-b195-bcf5c228df9a-003
etag
RX406f152d24b343e9b195bcf5c228df9a003
dpe
ad4m.at/ad/ Frame 8EED 		42 B
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 08:53:25 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae3f8caa800000605f785e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664cf7243a700605-FRA
Pug
image2.pubmatic.com/AdServer/ Frame 4625
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
42 B
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8AA93842-9F5B-46B2-B43D-A34C14E9055D; KRTBCOOKIE_377=6810-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&22918-b50b0e03-a618-46c2-8179-2f76f1e7dc04&KRTB&23031-b50b0e03-a618-46c2-8179-2f76f1e7dc04; PUBMDCID=3; KRTBCOOKIE_1101=23040-6977651985600608396; KRTBCOOKIE_391=22924-8448165717988194763&KRTB&23263-8448165717988194763; KRTBCOOKIE_153=19420-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H&KRTB&22979-4zUfl-w8Q5H4N0zGs2dWlrc2GcH4NUybtDUNLJ5H; KRTBCOOKIE_336=5844-6957878956210444843; KRTBCOOKIE_57=22776-1365133449731120450; KRTBCOOKIE_218=22978-YNWZgwAB5PXnMQBg&KRTB&23194-YNWZgwAB5PXnMQBg&KRTB&23209-YNWZgwAB5PXnMQBg&KRTB&23244-YNWZgwAB5PXnMQBg; KRTBCOOKIE_466=16530-c7f05d68-bbd4-4fac-bea0-6336ec866104; KRTBCOOKIE_22=14911-7834068029299504277; KRTBCOOKIE_27=16735-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&16736-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23019-uid:898060d5-9983-4500-9be7-780fed79589f&KRTB&23114-uid:898060d5-9983-4500-9be7-780fed79589f; SPugT=1624611203; chkChromeAb67Sec=2; DPSync3=1625788800%3A221_226_227_201_197_219%7C1627171200%3A232%7C1624665600%3A174; SyncRTB3=1625788800%3A104_54_165_189_231_222_22_166_234_7_88_13_99_233_21_220_8_204_5_56_81_161_55_71_176_78_57_3_230%7C1625184000%3A2_15_67_223%7C1625443200%3A63%7C1625875200%3A35%7C1627171200%3A203%7C1629763200%3A69; KRTBCOOKIE_188=3189-no-consent; PugT=1624611205
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:25 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-NmcksfifkFx7LEDqqz92XCO1; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:25 GMT; path=/ PugT=1624611205; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:25 GMT; path=/
x-lat
lhrpug016:0:857
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 25 Jun 2021 08:53:25 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=NmcksfifkFx7LEDqqz92XCO1; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NmcksfifkFx7LEDqqz92XCO1
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 27D4 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 25 Jun 2021 08:53:25 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 296F
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3424024376081677699
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3424024376081677699
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:27 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:260
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 08:53:29 GMT
X-Proxy-Origin
212.102.36.146; 212.102.36.146; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6d2756c0-bd28-4289-85b7-1514c09b15f3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3424024376081677699
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 296F
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4935f4b0-f926-4d03-96ef-2a032997491d
42 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4935f4b0-f926-4d03-96ef-2a032997491d
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:25 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:625
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_4935f4b0-f926-4d03-96ef-2a032997491d
date
Fri, 25 Jun 2021 08:53:25 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
i.match
s.tribalfusion.com/z/ Frame 8380
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a2noeUP3rTmCiAyVsE6OPORcvZc4VThEsTCYN2ikr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 08:53:26 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aTntmINj6WkCyhURALhZctLsqMvZaYWSbMw4ooZbvYsUGWNv11UBBjbn6x7wZboNEZblygTTdYLYTjW1g5iP4eAwhGbAG; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 08:53:26 GMT; SameSite=None; Secure; ANON_ID_old=aTntmINj6WkCyhURALhZctLsqMvZaYWSbMw4ooZbvYsUGWNv11UBBjbn6x7wZboNEZblygTTdYLYTjW1g5iP4eAwhGbAG; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 08:53:26 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0ae3f8cb6b00002c420b383000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664cf7257bcb2c42-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Fri, 25 Jun 2021 08:53:25 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
422
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a2noeUP3rTmCiAyVsE6OPORcvZc4VThEsTCYN2ikr; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 08:53:25 GMT; SameSite=None; Secure; ANON_ID_old=a2noeUP3rTmCiAyVsE6OPORcvZc4VThEsTCYN2ikr; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 08:53:25 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0ae3f8caba00002c4237b55000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664cf72458d52c42-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 2261
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yKqB63QBXvpw&pid=557219
1 B
87 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yKqB63QBXvpw&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yKqB63QBXvpw&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PugT=1624611207; PUBMDCID=3; KRTBCOOKIE_107=1471-uid:S5FemGaf1LWHAz5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/
x-lat
amspug020:0:209
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-tdq42
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=yKqB63QBXvpw;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Mon, 20-Jun-2022 08:53:29 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=d68a5be1b65392ba; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=yKqB63QBXvpw&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
141
match.deepintent.com/usersync/ Frame FBD2 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 25 Jun 2021 08:53:26 GMT
server
b
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 4D21
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a0c4ae0d-6c26-478f-8fe9-4a3ae06af66f-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a0c4ae0d-6c26-478f-8fe9-4a3ae06af66f-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a0c4ae0d-6c26-478f-8fe9-4a3ae06af66f-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=9cf9dc5c-608c-47b9-8634-0cb8c1b64a24-tuct7cf1f05
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 25 Jun 2021 08:53:26 GMT
via
1.1 varnish
x-served-by
cache-hhn11568-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1624611206.188867,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=a0c4ae0d-6c26-478f-8fe9-4a3ae06af66f-tuct7cf1f05;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 25-Jun-2022 08:53:25 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a0c4ae0d-6c26-478f-8fe9-4a3ae06af66f-tuct7cf1f05&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 25 Jun 2021 08:53:25 GMT
via
1.1 varnish
x-served-by
cache-fra19181-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1624611206.808339,VS0,VE9
x-vcl-time-ms
9
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame C736
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1624611207027; TapAd_DID=9485694f-4e28-4dc5-bb06-bb62098e62d4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 08:53:27 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Fri, 25 Jun 2021 08:53:27 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1624611207027;Expires=Tue, 24 Aug 2021 08:53:27 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=9485694f-4e28-4dc5-bb06-bb62098e62d4;Expires=Tue, 24 Aug 2021 08:53:27 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame AB10
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:S5FemGaf1LWHAz5&gdpr=0&gdpr_consent=
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:S5FemGaf1LWHAz5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:S5FemGaf1LWHAz5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:S5FemGaf1LWHAz5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/ PugT=1624611207; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/
x-lat
amspug016:0:309
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 25 Jun 2021 08:53:27 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:S5FemGaf1LWHAz5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-066a1c0b271e68364@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=S5FemGaf1LWHAz5; Domain=.w55c.net; Expires=Mon, 25-Jul-2022 08:53:27 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 25-Jul-2021 08:53:27 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 296F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cfd730de-d592-11eb-ab86-a799382bd3d2&gdpr=0&gdpr_consent=
1 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cfd730de-d592-11eb-ab86-a799382bd3d2&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:28 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:376
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cfd730de-d592-11eb-ab86-a799382bd3d2&gdpr=0&gdpr_consent=
Date
Fri, 25 Jun 2021 08:53:28 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
cfd730df-d592-11eb-ab86-a799382bd3d2
Pug
simage2.pubmatic.com/AdServer/ Frame 3B54
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eMEtTZerTBJswn9UxYwQbtRmJJI
42 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eMEtTZerTBJswn9UxYwQbtRmJJI
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eMEtTZerTBJswn9UxYwQbtRmJJI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PUBMDCID=3; KRTBCOOKIE_107=1471-uid:S5FemGaf1LWHAz5; KRTBCOOKIE_279=22890-cfd730de-d592-11eb-ab86-a799382bd3d2&KRTB&23011-cfd730de-d592-11eb-ab86-a799382bd3d2; KRTBCOOKIE_860=16335--xckd92OTudtJQRyR2RAt9RmJJI; PugT=1624611207
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-eMEtTZerTBJswn9UxYwQbtRmJJI; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/ PugT=1624611207; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 08:53:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:27 GMT; path=/
x-lat
amspug003:0:476
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 25 Jun 2021 08:53:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=eMEtTZerTBJswn9UxYwQbtRmJJI
Set-Cookie
sa-user-id=s%3A0-78c12d4d-97ab-4c12-6cc2-7f54c58c106e.SZDgWppTDvpIqnsKGfbCSjSo%2BBzpUqoP5TkhI7xflgE; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-78c12d4d-97ab-4c12-6cc2-7f54c58c106e%24ip%24212.102.36.146.H%2FHA0dQylKEZBntBUPxaqm8vNa1lR%2FWVPJOApDamB1o; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
usersync
match.bnmla.com/ Frame 56F5 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 08:53:29 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame E805
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D48298C7C4F54346BE586EA4700650F0
1 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D48298C7C4F54346BE586EA4700650F0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D48298C7C4F54346BE586EA4700650F0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 08:53:28 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 08:53:28 GMT; path=/
x-lat
amspug010:0:2642
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 25 Jun 2021 08:53:30 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:D48298C7C4F54346BE586EA4700650F0
set-cookie
suid=D48298C7C4F54346BE586EA4700650F0; Path=/; domain=simpli.fi; Expires=Sun, 26-Jun-22 08:53:30 GMT; SameSite=none; Secure; suid_legacy=D48298C7C4F54346BE586EA4700650F0; Path=/; domain=simpli.fi; Expires=Sun, 26-Jun-22 08:53:30 GMT; Secure;
expires
Thu, 24 Jun 2021 08:53:30 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
50x50-02.png
p3.isanook.com/sh/0/di/ Frame 3D06 		356 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/50x50-02.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b85a4c4ba3263d5ac11d8648a9f29dd5b1f68baf31c57a23a0918d7b6f23aa3b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:27 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
etag
W/"PSA-aj-cHt0Yl7Qmt"
content-type
image/png
x-nws-log-uuid
1978790541951204298
accept-ranges
bytes
content-length
356
1.gif
s.isanook.com/sr/0/images/emoji/ Frame 3D06 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/1.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
35c9c1ae4c3df9a7f113edf895afee54e4908a1995c5254d4858c8bc470db8d0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:05:52 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:28 GMT
server
Lego Server
age
0
etag
"60d40e60-62e"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7841570980531594296
accept-ranges
bytes
content-length
1582
expires
Sat, 24 Jul 2021 10:05:52 GMT
2.gif
s.isanook.com/sr/0/images/emoji/ Frame 3D06 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/2.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
97a99e100778059aca0bd2216cef21af553a0f7cb0191143e027267c03a0e16e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 08:14:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"60d40e60-70c"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
4489117351553543209
accept-ranges
bytes
content-length
1804
expires
Sat, 24 Jul 2021 08:14:36 GMT
3.gif
s.isanook.com/sr/0/images/emoji/ Frame 3D06 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/3.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1d19fca94525bced7ad4e7a82e7ed60df670cb0043062c36cc75251e9e27a8a2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 16:30:54 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:04 GMT
server
Lego Server
age
0
etag
"60c98554-be5"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000
x-nws-log-uuid
11939185938384304531
accept-ranges
bytes
content-length
3045
expires
Fri, 16 Jul 2021 16:30:54 GMT
4.gif
s.isanook.com/sr/0/images/emoji/ Frame 3D06 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/4.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
6c813ea0c5e40673c9a5040635e44230d2a688474bc36855e426081667a5bbf7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:08:49 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 14:46:51 GMT
server
Lego Server
age
0
etag
"60d49adb-1381"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4021706881128834528
accept-ranges
bytes
content-length
4993
expires
Sun, 25 Jul 2021 08:08:49 GMT
5.gif
s.isanook.com/sr/0/images/emoji/ Frame 3D06 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/5.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
29c0ef5ab2d6df4bbce3486256be8a0fc89966908b00f3aaf53f83b8d16d5424

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 14:12:33 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 16 Jun 2021 05:00:04 GMT
server
Lego Server
age
0
etag
"60c98554-d50"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17862815835442750237
accept-ranges
bytes
content-length
3408
expires
Fri, 16 Jul 2021 14:12:33 GMT
6.gif
s.isanook.com/sr/0/images/emoji/ Frame 3D06 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/6.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
3d83e9c94493629c76a9e919230e2e4dd47c97256050d34c7cce1d2a4f684a98

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 16:30:56 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:04 GMT
server
Lego Server
age
0
etag
"60c98554-efa"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13526399627283197477
accept-ranges
bytes
content-length
3834
expires
Fri, 16 Jul 2021 16:30:56 GMT
7.gif
s.isanook.com/sr/0/images/emoji/ Frame 3D06 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/7.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4c2cf1b884f877847a5a361cbe7a799a6727193c518eac90db1d0c14af9807aa

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:30:52 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 16 Jun 2021 05:00:04 GMT
server
Lego Server
age
0
etag
"60c98554-1f61"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16987086423127924454
accept-ranges
bytes
content-length
8033
expires
Fri, 16 Jul 2021 13:30:52 GMT
8.gif
s.isanook.com/sr/0/images/emoji/ Frame 3D06 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/8.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2ae88801801cbaf45f70192763e8c1f46ef2ef468396347614de2c822b574b4c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:09:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:28 GMT
server
Lego Server
age
0
etag
"60d40e60-748"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
643750065938457538
accept-ranges
bytes
content-length
1864
expires
Sat, 24 Jul 2021 10:09:53 GMT
9.gif
s.isanook.com/sr/0/images/emoji/ Frame 3D06 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/9.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bc95034afe6f2d45474187a2f3dc75afa93299f0e1571ec75eac14ecb562d818

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 12:48:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 10:11:22 GMT
server
Lego Server
age
0
etag
"60d45a4a-6c8"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8044946234609326077
accept-ranges
bytes
content-length
1736
expires
Sat, 24 Jul 2021 12:48:17 GMT
truncated
/ Frame 3D06 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
076140e72d9bc811dc3fea615bfd16196a02e255a9326ae57c7f5c3ef00a1810

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
getimage.php
getimage-member.sanook.com/ Frame 3D06 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getimage-member.sanook.com/getimage.php?avatartype=2&gender=1&imgurl=http://member.sanook.com/sanookmemberimage/null.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.94.199 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software
/
Resource Hash
ebad9fa972a9c72ab9a910ba5dd5db724461f9cb04704cacc708c6b0028c45c2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 08:53:29 GMT
Connection
keep-alive
Age
0
Accept-Ranges
bytes
Content-Length
1482
Vary
Accept-Encoding
Content-Type
image/jpeg
discussion2013.png
p4.isanook.com/sh/0/di/discussion/ Frame 3D06 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4.isanook.com/sh/0/di/discussion/discussion2013.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b2f8560f1744785ef906efc90546c7e6cb1feea237191c8a537301ba37ae6fdf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:27 GMT
x-cache-lookup
Cache Hit
server
Lego Server
etag
W/"PSA-aj-hTdBBbAZpp"
content-type
image/png
x-nws-log-uuid
12525125062932022123
accept-ranges
bytes
content-length
15424
discussion2013.png
s.isanook.com/sr/0/images/discussion/ Frame 3D06 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/discussion/discussion2013.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b2f8560f1744785ef906efc90546c7e6cb1feea237191c8a537301ba37ae6fdf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:27:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"60cc0342-3c40"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
6386547211538614363
accept-ranges
bytes
content-length
15424
expires
Thu, 22 Jul 2021 07:27:17 GMT
getimage.php
getimage-member.sanook.com/ Frame 3D06 		741 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getimage-member.sanook.com/getimage.php?avatartype=2&gender=1&imgurl=http://member.sanook.com/sanookmemberimage/4796e71e-9c85-4290-bcbd-62683e5a70b6.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.94.199 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
Software
/
Resource Hash
57f91dc95daf178989dba01cfa17160e9fb86302e83925f7b02edf2c99369675

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 04:50:43 GMT
Connection
keep-alive
Age
446565
Accept-Ranges
bytes
Content-Length
741
Vary
Accept-Encoding
Content-Type
image/jpeg
nr-1071.min.js
js-agent.newrelic.com/ Frame 3D06 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"a1a545c95f313a230157b47dca555c25"
x-amz-request-id
DM30SWKKVC6S9RTW
x-cache
HIT
content-length
9086
x-amz-id-2
PB2dZdkBAg3MOl6rQOIJs4rDAwkQxHHgoudypaqkid0YQ+oThDmxYru0sr4ENZXjvzCv3wU/M1w=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1624611211.231578,VS0,VE0
date
Fri, 25 Jun 2021 08:53:31 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
64
syncframe
gum.criteo.com/ Frame 4142 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=60d5997ba3e55.agencecw.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=60d5997ba3e55.agencecw.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1928
set-cookie
uid=7e73d942-f248-44d6-86a5-9b17ecc2a120; expires=Sat, 25 Jun 2022 08:53:30 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Fri, 25 Jun 2021 08:53:30 GMT
content-length
1129
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3D06 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062205&st=env
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f19ec78e495da89c420a43139383a78d4586ae1cc74ef94d369b5e7e24047653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 08:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3D06 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:53:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 25 Jun 2021 08:53:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F41B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 25 Jun 2021 08:27:10 GMT
expires
Sat, 25 Jun 2022 08:27:10 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A6E6 		783 B
779 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d0a3b804b4461077459409d9160518d0cec0e771740a40792ae5da6301471028
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aLcMLrgvHmw0xVXjbOk82A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Fri, 25 Jun 2021 08:53:30 GMT
date
Fri, 25 Jun 2021 08:53:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-aLcMLrgvHmw0xVXjbOk82A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
XJNuD862gf4f0nvPPAbjPwJNpey2j9-BZmGDGqAPjUA.js
pagead2.googlesyndication.com/bg/ Frame F41B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/XJNuD862gf4f0nvPPAbjPwJNpey2j9-BZmGDGqAPjUA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c936e0fceb681fe1fd27bcf3c06e33f024da5ecb68fdf816661831aa00f8d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 06:16:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
9439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5736
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jun 2022 06:16:11 GMT
8f062114d3
bam.nr-data.net/1/ Frame 3D06 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=14704&ref=https://www.sanook.com/news/8357734/&be=3516&fe=14551&dc=3637&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1624611196160,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:409,%22c%22:409,%22s%22:444,%22ce%22:1104,%22rq%22:1104,%22rp%22:2782,%22rpe%22:2991,%22dl%22:2784,%22di%22:3637,%22ds%22:3637,%22de%22:3637,%22dc%22:14551,%22l%22:14551,%22le%22:14564%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D06 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021062205&jk=1525235224083617&bg=!BgWlBUHNAAYo4NJEKOA7ACkAdvg8WgVnB7aCGQQrSkSaoH_W-AT0KdnkaEcE3Ym7T_KLHC8rs5f1vAIAAAB3UgAAAAxoAQcKANCq82dJJVPwd8-tff686tazvRgUmY7Ibziy1dAP7XJ0e28G_NXmjv57xTzZBUPXZebYoknmCncJF9oz2rwLI_vBaT8o3wliHXnT5qec2OgGEk1vkYW-xIzf6P4zNY4H5spbOVV7GSHhAOcsZ7rjSUufQYcbZnuWANLdlzGP3mUDe8aWGIRiqMEYT0nLzGOT65vFvO9suKEQtekPY2VLIptPFW62wuA6hFQynpEfTByU7Ia5q8gGTiESEF-Dh-Ybe6A8BMRaVZIbdp4LPCoV6EgMmQKIMXHVxQ84Synz2mfluqf3EiuLeU9XM4En5sMFxAVaPqK5YMRZoGC8OJ0A5_ZTd-55EKI7itgy7Yy_opv3U2bo6lqJOXbkPXLlQdP_OSSPf0FCKDhnIqBTQApUt_m7rYK2c-4stDkx66R7xO54l2htUWmtay2ryzYbkbsJ4G7k-4wgQNrkN-JsacH_Ef_NLwWdMv8YMIPZXuQ7gmjfah-VSoYKZTRh9uMuqz9gXNapblyrpzsKQY0znzeX9jZ1Zx6F-HhmTBS6tKovb2Y0IoU81vIujN7mfw6ffYC7gw-H0Z494x2k1p2TnQI9O0TsxFu6PsMYRXZk-ROJYkEVnqONSy7hbFV9twbfPEtJoenpOaJIT7Llg_v8mWf4tYDWg5DHZcFMTlh7EhhfMXOon6iAD2wIaYVt1kjZ7Qlrxd3AX4BOSloLB50B1OnJ_Y6HyeyBZKJkekJ8hN1aYAi42LTvLmIcglGs5LZKEEd3APKLpuQ_slGeWpSl41fyLwVcP1V0C9oRrGnKdxLdQzglJGA4pBMx2rMJi3EPUTEXw6ZDeb9b4vsg2mNmzj_foODAeVmd_q0PNXwKvB2R7a-LO5XWiw9pBDW7r9GzhVLEVkOZyJlqKEf3FXo_ilgz9HNKBc7okkdbH3GpZBje_gE1dvM5153oZurGea-A3WLoUB41Y7mxFcI6nnvPSS6fTiBZhZ0COE7zkuslg6XhM0WbrShY1vLRqsoTPV1VS3VZ9NXwQ9eptjg1TafWdT6aM05fcUbVQ_7HBYMFEfTyLml-4FpsfDQm8uxTKGt65Hvz4aQOTI614drR7dwHzksxrlx8D_hDRWBRgrmoUzWx8ir-qBlIE3zmupLAqhTO
Requested by
Host: 60d5997ba3e55.agencecw.com
URL: http://60d5997ba3e55.agencecw.com/ju2406/317-smwqyelai.htm
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 08:53:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sanook-notification.1.0.3.min.js
s.isanook.com/no/1/js/ Frame 3D06 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 03:31:24 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
2114
server
Lego Server
age
19180
etag
W/"5d9c5150-842"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
229873786031815894
accept-ranges
bytes
content-length
1054
expires
Fri, 16 Jul 2021 03:31:24 GMT
sanook-notification-v1.017b.css
s.isanook.com/sh/0/cs/ Frame 3D06 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/cs/sanook-notification-v1.017b.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 13:28:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
3433
server
Lego Server
age
0
etag
W/"5d9c5105-d69"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2780077967717523353
accept-ranges
bytes
content-length
831
expires
Thu, 08 Jul 2021 13:28:59 GMT
socket.io.min.1.0.js
s.isanook.com/no/1/js/ Frame 3D06 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/socket.io.min.1.0.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.113 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 09:03:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 18 Sep 2013 05:33:33 GMT
server
Lego Server
age
25400
etag
W/"52393b2d-a942"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5428875538305920600
accept-ranges
bytes
content-length
14046
expires
Fri, 16 Jul 2021 09:03:22 GMT
/
notification.sanook.com/socket.io/1/ Frame 3D06 		71 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.sanook.com:8406/socket.io/1/?t=1624611219147
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
203.151.133.54 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
Software
/
Resource Hash
1c5796d23b3c4b5125e3bcbce113dbb7079e6584fde7ef55baa3d7986276472b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Fri, 25 Jun 2021 08:53:40 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8MLa0BPoD5rnXKOW-YEfCS4JPJLFPht4BwQCzY9upn3VSM6KTXy9xaj1Oco8vKi1Lg7fgLxyr0h5lqXX7W_u4Z7_iQQJQUsemLHGddY18kddsR9mJ&sig=Cg0ArKJSzDi_elxK1ZtcEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210623&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=19&adk=2513669353&rs=4&met=ce&la=0&cr=0&osd=1&vs=3&eosm=0&rst=1624611202742&rpt=183&isd=0&r=u
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvM9u-U7d0L3M0FnNPz_6ZhLlQkmkosC4wQ9QBUR-HbINGGq2iwg8LHcXE6oCNIzSsPJuo_WQNO9_SMbStppyKpi4Ha0C6T6t5RRzW8NG9ZMQKT6u0S&sig=Cg0ArKJSzEhqdbz5B0fcEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210623&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=19&adk=1033481451&rs=4&met=ce&la=0&cr=0&osd=1&vs=3&eosm=0&rst=1624611203174&rpt=44&isd=0&r=u

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

2 Cookies

Domain/Path Name / Value
.criteo.com/ Name: uid
Value: 7e73d942-f248-44d6-86a5-9b17ecc2a120
.pubmatic.com/ Name: PUBMDCID
Value: 3

81 Console Messages

Source Level URL
Text
console-api warning URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://s.isanook.com/sr/0/_next/static/chunks/cf89254f3b62bfcd72d40b69e1600b42e9852816.8b870b2e2aaff3624f9b.js(Line 1)
Message:
Error: Bad response from server
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api info URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2106141722000 https://www.sanook.com/news/8357734/
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
ResponsiveVoice r1.6.1
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
isHidden: false
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Prerender: false
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: speechSynthesis present but no system voices found
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: Enabling fallback mode
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: speechSynthesis present but no system voices found
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: Enabling fallback mode
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Configuring

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a4111afefe48e90d65202bb63827d65.safeframe.googlesyndication.com
60d5997ba3e55.agencecw.com
842e78ff235f0913ed82fbab8c52f818.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.u1sf.com
appx.sanook.com
as.innity.com
aud.pubmatic.com
avd.innity.com
avd.innity.net
bam.nr-data.net
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cdn.izooto.com
cm.adgrx.com
cm.g.doubleclick.net
code.th.giraff.io
connect.facebook.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
getimage-member.sanook.com
ggermpir.agencecw.com
googleads.g.doubleclick.net
graph.facebook.com
graph.sanook.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-agent.newrelic.com
js-sec.indexww.com
loada.exelator.com
loadm.exelator.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
notification.sanook.com
p3.isanook.com
p4.isanook.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb-eu.andbeyond.media
rtb.gumgum.com
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
static.xx.fbcdn.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.pubmatic.com
tencentth-d.openx.net
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
pagead2.googlesyndication.com
101.33.11.110
104.111.224.62
119.81.192.134
13.225.87.8
142.250.184.226
142.250.185.226
142.250.186.162
149.129.240.178
149.28.140.151
150.109.191.113
150.109.206.145
151.101.13.108
151.101.14.110
151.101.194.49
154.59.122.79
159.253.128.188
162.247.242.21
162.55.6.211
169.197.150.7
173.231.181.122
178.250.0.165
178.250.2.146
178.250.2.151
178.62.202.251
18.198.69.109
18.210.5.212
184.30.21.51
185.183.112.148
185.29.135.234
185.33.220.242
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.226
185.64.190.80
185.64.190.87
198.148.27.140
199.232.137.44
2.18.233.180
2.18.234.21
2.21.111.28
2001:678:cb4:bbbb::11
203.151.133.54
213.155.156.166
213.19.147.44
2606:4700:10::6816:1857
2606:4700:10::6816:4f7b
2606:4700:20::681a:ad1
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00::210:ba51
2a02:fa8:8806:16::1370
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::300
3.124.143.99
3.126.56.137
3.228.62.17
34.98.107.212
34.98.64.218
35.201.96.126
35.227.248.159
37.157.4.29
37.252.172.249
38.27.122.101
51.210.112.63
51.89.20.87
52.208.210.171
52.49.183.138
52.58.182.33
54.174.195.234
54.194.211.3
54.194.226.253
54.226.209.67
54.78.254.47
61.91.93.188
61.91.93.197
61.91.94.132
61.91.94.198
61.91.94.199
66.155.71.149
72.21.206.140
76.223.111.131
77.243.60.138
77.245.57.78
85.114.159.93
87.98.242.60
013e77207d2571e6b069d9a03161bb56fca5020005c79550b18bf2a774b0e3ac
06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34
0701539536ae365a201af6f56d9395dedb157854942c831daaab161c0373aabe
076140e72d9bc811dc3fea615bfd16196a02e255a9326ae57c7f5c3ef00a1810
0768282e8e3d05d741cd2c30884aaab1d7adbdb75dc1ac497e39c0f47b9cf91e
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
07d6b660e6ed760205990b476160f1fa1bc18ad4b569368640809c3b067f843d
0801c6f675417d682c3909e0ed2a9bd69f47a4f1c9f1e2eb02719f9a6f4e2d21
082dba94d91d1d56ee0b33a679a2085c36a3445f10286c22e0c82cccf4a7639b
08674e3ab08fb18e1ecd514aa288e4d1b8eb5be5a5b730f80a4416e10a39c435
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c83223465e0ea00d4676d4ef4d6790a988fb858b6306d8d143bc24565e0e2f0
0d00eb57cae504dd662f2c938bb454085ab0a357b4fbd032ca54a6e9579825df
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e04bf0bddbdb5544b6d570c7cfb466a8b91931f25032d7fa4ccd3b180d99ea
13b0e40192eec4b88d7eb7f14d3b9579febb47b211bd1a0a336a34b3b6c30383
13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b
14f06f756f4875d5b442a5d0420ffbea7e6fdad87b02304d460fb9b82f87adac
15a72a9e58687b6f90025061346ea23e50c3e7e5ba99e82119e5eb0ce81c5911
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
177322a3ab92d483a5d87d30a5ab810840d59f2933c22a4f47e381f00c93238a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377
1c540bf66da12459e01db47dfa07ab5426068b2a30a9d02b0ea9b19e8d68e740
1c5796d23b3c4b5125e3bcbce113dbb7079e6584fde7ef55baa3d7986276472b
1d19fca94525bced7ad4e7a82e7ed60df670cb0043062c36cc75251e9e27a8a2
1e32dc815b113b4d99c0e1fc93c8ab31b3ad2af90d84a255eb6ce01333bacdac
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78
2036793458cbb7533a464ef19f0232632cac7eaaadb37523c8f181d6b15d100b
21343604052d4a69c3888921f27a8c03d75bfb7f88482f0723b95402186840c3
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23
22a9f0f6e04b188b31067032d3737c479fe59165d3ec692aaef364a040d910d4
258f14852296bcb0d2a756302b8825f5edd0734c20f297c2acfa6cd2739fcbc7
29923abfacb3e1e34a0a7c29d4b26f120709aeb6aa0fb4a4f099f16dc5bdd8aa
29c0ef5ab2d6df4bbce3486256be8a0fc89966908b00f3aaf53f83b8d16d5424
2ae88801801cbaf45f70192763e8c1f46ef2ef468396347614de2c822b574b4c
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f82babb182ca4232866bdf3a78abf7552bff9406e77460e119225662691b615
3024b701829b174c63206b6573a240f977f723b82d83f91e40ecdd7c031ebf67
31384c40690287283e6448a7c83fc24cb1c39917a5a07c6a8c1c211e0f6400b6
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3413546cd73157275f8157c72a5e215f214db5b1246275e31ee23b01bddd5d9a
34249dfa77ab32bd7186413cca8cd9ab6f8a4380a70ca430239a5e8621a27953
35c9c1ae4c3df9a7f113edf895afee54e4908a1995c5254d4858c8bc470db8d0
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36f01fb32ce23161680e1cf2b284e41ba149de9d9374ca5b9e6a4c1e962dce53
37053151da3dfc04429ee24ab26a202d842a15abb2d7dd77794bd06056cadd47
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
3c8c7fe30a9b9b5288a2a709cde16beab2d8605e02bec09f7485522ad1750dbe
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d83e9c94493629c76a9e919230e2e4dd47c97256050d34c7cce1d2a4f684a98
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44eb0ac8bcd9b192518b53eaad09c84e4c0f1f674c7c4bfac85db1a546ea3997
458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b
45cbafae8ba3e0b10ba3e687de358b9aeae48fc5370d2c3918b875bc7e0a737f
4675e01e3e468eea89ea62ddb668821c8fc9848d0abe5d2078ddb95ab45d638c
4758901020246457149c6ef9bae2075bf8df960885cd0e20757dcdcccf7726b5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b3f7e7a2f6a5550346242522fc341b2baa4d93b28a8b7d3b435df2b760e11fa
4c2cf1b884f877847a5a361cbe7a799a6727193c518eac90db1d0c14af9807aa
4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
526d1b11c53bff7776c18ae3e260c072c0ad424084a337290914af5ac0facc1f
53363ace03e05a4adfa183a1ee96c972a73111a8e699cd68f65a112d4b75a67f
537c97664a51cbfbb940448f6ada0b58840246b4d4f8a16e14f04c869ffc408c
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02
55b50d801b8502706ea91f90c83eb08253f16eb27bc83c6f4047af3655eed6ff
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a
57f91dc95daf178989dba01cfa17160e9fb86302e83925f7b02edf2c99369675
58c9b88f5e2cee331d43bac233cc73741a34044f7907a94f9aa7c2325713ef7d
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5c936e0fceb681fe1fd27bcf3c06e33f024da5ecb68fdf816661831aa00f8d40
608b41bc7f69d5c35fb97eb4e0b0d7e6957abd4a042077b6595fc564c5b5da0a
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
63e8047c63028068730c27ccc69363828daeba37ef2852ed7d62aae258cd24b4
646577f93fe7d6aff532a3f65d5faaa06cbf7f09db9e0a2cfc42810192c8aaa5
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52
653a4e12d09d03b72922721183af52159f5942cdafdcfb10998a9b155943a203
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
664186e51f08ee452a19dc92c51b65fe47486c738197bc5f4d6b415e37be0183
68a9a41cbc2a7d7d4402729f27ef4a82c377970ffe655ec6d5988212f0dc08b1
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d
69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c813ea0c5e40673c9a5040635e44230d2a688474bc36855e426081667a5bbf7
6c91f2120eec92dac8f5b68e488ce4ba750c005018966b6e21b347bcdb9a9757
734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43
73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
785143cb8b94b7496c35f5bb2dd6dc7fd7ead6b1abe88379eaf2d40542cb857a
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
79fcef7a0549ef72c11fc65e27b2e6bb1194eab7d9717980091bc577cfb9b73f
7a69e55ed1d1b61a39dc9d50bd012fcee5a769d67e9fd9839cff10f5a6b21322
7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c
7e534f1f3ddd829a2d516e363e2c5e067ecbdf2c51c7d5ff539c732e7f17fd04
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
804ae012952ae47354f04919ff16ce5306964a7bddef9ec34fe104bf463a45bd
8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ba35f34af6de73ab628c44df7738555bda8b6913f392619851052b8432bcd3
84e997d846f0b228470dd7db80106fee6ccb015c7d915d16cac9deb5cf5f15d5
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
8819ffbe1cf584b175df08977884d43fb260513cc4b9d715e5274648303966c0
8ac63f14fa9230ad1d01c6c091dc8eeb2a24aa9b9ee072309852bfe3a6b6e3cd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8f0317607736874c20fe0a105a9dfd25e53409997eab28b3db331f87001392cd
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90a95aaeeb4c8775d61af89ad2406ae6fac8ecf3ec8869b19444091e0121e7f4
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a
97a99e100778059aca0bd2216cef21af553a0f7cb0191143e027267c03a0e16e
9997bd928ce8f9daff4c395014eb0b69511237ae1534f2030ef4c03bb63ad082
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b432db8bfed4434ed2682bd0a4e16e01c8193f670a8de52fc5284f32cd9df90
9decef39ccc841e8b992f0140cb2f298d87f9ccf35a58f809b4c3eadbb0791f0
9f022d21dbd014c80281cb2ad63c5d9590299cdec9e178955cdda4a91bf7adb2
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4148beda0bd8d0202f20db810aa194a5a8b49bdc430a217d3d14ebcbdea2be0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f13295a972f241e42e7c7d4c287c890a03b15d6d5e502dbc37496f165adaeb
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6f63aa297624d8ddcea074ab9ebb96a9e0157cec10aad7c8c89efd9fb37430f
a72de38880d82bc98ab7aecee4d7398a16b468b92f50e946a33c897a5e39b0c4
a733195e748a38d2a22d4f029bb94fa50f7db45c002086a4dd94d1826f6c52d0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8868c27fa14b037ce768c9458d714d87a5f641e0ec01b6f1c2784ff72e58361
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac1716468e92e7f66d6720acf96132e7ff1f1d5d45517a1ff4527e96ee3186bd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f8560f1744785ef906efc90546c7e6cb1feea237191c8a537301ba37ae6fdf
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221
b5f59198c0abcdb520acd946c16d9d9b30e4377aca3ee8f0221c9bc6a24acda2
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b
b85a4c4ba3263d5ac11d8648a9f29dd5b1f68baf31c57a23a0918d7b6f23aa3b
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30
bc95034afe6f2d45474187a2f3dc75afa93299f0e1571ec75eac14ecb562d818
bcd44db972bcd70526a04c7459652d82e65c6aee369ec728143be6053667d57a
bcea6ed2b03d8890a03a4e1bbb57c2237e75af15fff58f56b9ffb5bdfef0ca4e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3785a4240ab5f25b058e4f35b0e8cf9734533ef8a13652bd2e86158f89a9c9e
c4dbc7c38fc0967b356d85f9d27649310a42ef71a56aef86f85a049866df5cac
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cd6038c5672792bce93856c78068a09d1f7162f06ec43c7e0675f91c9a6130df
cd61d37309df288e285bc59d1c9ec3fc4507ff265b33687d6c445cf10c63642a
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0a3b804b4461077459409d9160518d0cec0e771740a40792ae5da6301471028
d0f258800227dc65271e0af571cf31f56fe775f26c9aadc0713e3aafc8acb822
d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21
d1e7e3564fa14f4f2b60b7500f69ed42e3a74875dadc6ce9eebc210117599af3
d26dc8e0f543117e511d18da787e445453354869441f45adc469d2b010312427
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd
d2e6255eb271b2bf928a1e042dce115c78cbd55a8c9c546c8ea1812f2177bb92
d31f3d46db0cb1cbe85a8028e04fb2e689280f80410523589f193555e3e65552
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a
da489dcc3cf9cb444da375b154b709dc4bbc4134719f8c0c496f9a7effd59a4b
db3d7a459ef00d57d831d6413327f4dcf6e4d5e236b536c820b6e28c515d653a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddf9964d79fd304f55f0253cb9c7f2def776ff9fe5c47d91cb9ea1f3c9aeedb5
df6f6e86d22f45d198ecf2035b48db1518882150d31f078b781f7cd19f3a1707
e1dedc7a0bc38ce43c6c4eb58a9df2423ca7d1559987723c9bf3d552dfcda8f3
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3be9c6cac1579965c220c3f3f1f61af46d3a82f21b4b8ac2f4177d9521349ec
e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492
e6701152297ff536bf907a6566cace758ec7dc842dad945a8a6b56ae0e7d6a3d
e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f
ea2c39081b8ee3bcfb96a359e5098a8a87e8c5e372c0e0be56d0bbb8b77a2089
ebad9fa972a9c72ab9a910ba5dd5db724461f9cb04704cacc708c6b0028c45c2
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69
ed45ebbc8da67e9d806ac2cf5e4dbf7eb1d2f262d564a04c8ed6469990a460c9
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01cd6902463d93f2fdecedf90ee4bdbabd4c41603604ee9db65a9087894301b
f19ec78e495da89c420a43139383a78d4586ae1cc74ef94d369b5e7e24047653
f1f031acac4bb260679ca40ced78634aca191a4b7afd0ddaa4a1c108324c3749
f2e189a61f0132519a26f1862d947dabe40e809e8e925c3813226fa0fde8c48f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f6fd0df45e5f312d62a1a3577dc328cfd9b9965789e5696be957de878af76b3e
fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47
fae676bfac0f06f3d0c8ff2bc5d6c6828bcfcec7de3921afbd469f2d4db89e07
fbdc27db510ab0461c8e635479fbd6408d40104c5ecbac79b3154b4db5596f97
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e
fc61ab236001bf8b92cf09896b05d7c438076184f15f3706e2ddebecf946850d
fdab02d314f91a4c6d536bad740de38135ade87116942b22600c8ddaa0b8a4e5
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e
fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b
feb5d4ffbb0918d3533b174265720e1a1beeb2c456ecc6c29635540a9b30923b
ff3cb347449e2b4f63248f760ab9245d33bf3c84fa0492b477a9109736677b66
ffa970c77ba7493f0566a17443539f56200a2bd93781acf82ec0b77cb106e19e