urlscan.io logo urlscan.io
SecurityTrails logo

60d59a636ee0c.agencecw.com Open in urlscan Pro
149.28.140.151  Public Scan

Go To Rescan Add Verdict Report
URL: http://60d59a636ee0c.agencecw.com/dr2406/414-smwqyelai.html
Submission Tags: 7198070
Submission: On June 25 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 12 countries across 79 domains to perform 417 HTTP transactions. The main IP is 149.28.140.151, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is 60d59a636ee0c.agencecw.com.
This is the only time 60d59a636ee0c.agencecw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 149.28.140.151 20473 (AS-CHOOPA)
1 2a00:1450:400... 15169 (GOOGLE)
3 61.91.93.188 7470 (TRUEINTER...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
98 150.109.191.115 132203 (TENCENT-N...)
3 2a02:2638::3 44788 (ASN-CRITE...)
7 150.109.206.168 132203 (TENCENT-N...)
1 2a00:1450:400... 15169 (GOOGLE)
1 101.33.10.52 132203 (TENCENT-N...)
3 61.91.94.132 7470 (TRUEINTER...)
4 2a03:2880:f01... 32934 (FACEBOOK)
5 2.18.233.180 16625 (AKAMAI-AS)
2 172.217.18.98 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 216.58.212.162 15169 (GOOGLE)
1 3 65.9.77.122 16509 (AMAZON-02)
3 104.109.76.50 16625 (AKAMAI-AS)
3 119.81.192.134 36351 (SOFTLAYER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 61.91.93.197 7470 (TRUEINTER...)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 61.91.94.198 7470 (TRUEINTER...)
7 185.64.189.112 62713 (AS-PUBMATIC)
8 178.250.0.165 44788 (ASN-CRITE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 14 185.33.220.242 29990 (ASN-APPNEX)
4 28 35.244.159.8 15169 (GOOGLE)
4 2.21.111.28 16625 (AKAMAI-AS)
4 184.30.21.51 16625 (AKAMAI-AS)
4 149.129.240.178 45102 (CNNIC-ALI...)
4 77.245.57.78 36057 (WEBAIR-IN...)
3 185.64.190.78 62713 (AS-PUBMATIC)
7 8 37.157.6.246 198622 (ADFORM)
2 2 213.155.156.169 1299 (TELIANET ...)
9 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 27 185.64.190.80 62713 (AS-PUBMATIC)
6 6 52.49.183.138 16509 (AMAZON-02)
17 21 216.58.212.130 15169 (GOOGLE)
3 3 198.148.27.139 19189 (PULSEPOINT)
1 185.86.139.115 201081 (SMARTADSE...)
1 1 162.55.6.212 24940 (HETZNER-AS)
7 7 185.29.133.199 30419 (MEDIAMATH...)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 2 146.59.148.16 16276 (OVH)
4 6 54.78.254.47 16509 (AMAZON-02)
3 4 159.253.128.188 36351 (SOFTLAYER)
2 11 13.248.242.197 16509 (AMAZON-02)
2 2a00:1288:110... 34010 (YAHOO-IRD)
1 3 18.156.0.31 16509 (AMAZON-02)
6 7 2620:116:800d... 16509 (AMAZON-02)
2 2 151.101.14.49 54113 (FASTLY)
3 3 52.57.142.16 16509 (AMAZON-02)
2 2 18.159.8.206 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2a00:1450:400... 15169 (GOOGLE)
1 51.89.21.21 16276 (OVH)
1 54.194.226.253 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
12 42 2.18.234.21 16625 (AKAMAI-AS)
4 2.18.232.130 16625 (AKAMAI-AS)
4 8 54.239.17.112 16509 (AMAZON-02)
2 2 35.171.130.4 14618 (AMAZON-AES)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 135.125.8.70 16276 (OVH)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 2 54.204.142.198 14618 (AMAZON-AES)
1 1 193.0.160.129 54312 (ROCKETFUEL)
7 185.64.190.82 62713 (AS-PUBMATIC)
3 185.64.190.81 62713 (AS-PUBMATIC)
2 2 213.19.147.44 26120 (RHYTHMONE)
2 2 188.165.4.142 16276 (OVH)
2 72.251.241.196 29791 (VOXEL-DOT...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 38.91.45.7 398989 (DEEPINTENT)
2 2 2a04:4e42:3::300 54113 (FASTLY)
2 199.232.137.44 54113 (FASTLY)
2 4 35.227.248.159 15169 (GOOGLE)
4 4 18.159.182.76 16509 (AMAZON-02)
2 2 34.205.3.24 14618 (AMAZON-AES)
2 38.27.122.126 174 (COGENT-174)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
2 4 77.243.60.138 42697 (NETIC-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 66.155.71.25 13768 (COGECO-PEER1)
2 2 34.98.107.212 15169 (GOOGLE)
2 2 185.33.221.91 29990 (ASN-APPNEX)
2 2 54.194.104.251 16509 (AMAZON-02)
2 2 54.226.209.67 14618 (AMAZON-AES)
2 61.91.94.199 7470 (TRUEINTER...)
1 151.101.14.110 54113 (FASTLY)
1 162.247.242.21 23467 (NEWRELIC-...)
1 203.151.133.55 4618 (INET-TH-A...)
417 86
1    149.28.140.151 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.140.151.vultr.com
60d59a636ee0c.agencecw.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    61.91.93.188 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-188.static.asianet.co.th
www.sanook.com
graph.sanook.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
98    150.109.191.115 (Bangkok, Thailand)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
s.isanook.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    150.109.206.168 (Tokyo, Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
p3.isanook.com
p4.isanook.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    101.33.10.52 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
lvs2.truehits.in.th
3    61.91.94.132 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-132.static.asianet.co.th
sal.isanook.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
www.googleadservices.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
19    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3    65.9.77.122 (United States)

ASN16509 (AMAZON-02, US)
sb.scorecardresearch.com
3    104.109.76.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-76-50.deploy.static.akamaitechnologies.com
avd.innity.net
3    119.81.192.134 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
1    2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
1    61.91.93.197 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-197.static.asianet.co.th
appx.sanook.com
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    61.91.94.198 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-198.static.asianet.co.th
api.u1sf.com
7    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    2606:4700:10::ac43:1ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
code.th.giraff.io
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f6f7b8880998c6e782e171eed9fb6d83.safeframe.googlesyndication.com
bce22fbd3e8dadaac5d2798ba6f6e7bb.safeframe.googlesyndication.com
14    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
28    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
4    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
4    149.129.240.178 (Jakarta, Indonesia)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
as.innity.com
4    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
8    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.169 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
9    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
27    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    52.49.183.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-183-138.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
21    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
cm.g.doubleclick.net
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
7    185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: ns3181477.ip-146-59-148.eu
pixel.onaudience.com
6    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
loadm.exelator.com
4    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
11    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    52.57.142.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    18.159.8.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    51.89.21.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com
id5-sync.com
1    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
42    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
8    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.171.130.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
1    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
3    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
2    54.204.142.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-142-198.compute-1.amazonaws.com
um2.eqads.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
7    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    188.165.4.142 (France)

ASN16276 (OVH, FR)
green.erne.co
2    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
4    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
4    18.159.182.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-182-76.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
2    38.27.122.126 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
2    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    54.194.104.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
2    54.226.209.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    61.91.94.199 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-199.static.asianet.co.th
getimage-member.sanook.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
1    203.151.133.55 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
notification.sanook.com
Apex Domain
Subdomains		 Transfer
108 isanook.com
s.isanook.com
p3.isanook.com
sal.isanook.com
p4.isanook.com
2 MB
65 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
t.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
275 KB
38 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
38 KB
38 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
283 KB
28 openx.net
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
7 KB
20 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
82 KB
14 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
5 KB
12 googlesyndication.com
f6f7b8880998c6e782e171eed9fb6d83.safeframe.googlesyndication.com
bce22fbd3e8dadaac5d2798ba6f6e7bb.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
57 KB
11 adsrvr.org
match.adsrvr.org
4 KB
8 amazon-adsystem.com
s.amazon-adsystem.com
4 KB
8 indexww.com
js-sec.indexww.com
8 KB
8 adform.net
c1.adform.net
4 KB
8 google.com
www.google.com
adservice.google.com
2 KB
7 quantserve.com
pixel.quantserve.com
3 KB
7 mathtag.com
sync.mathtag.com
4 KB
7 innity.com
avd.innity.com
as.innity.com
7 KB
7 facebook.com
www.facebook.com
graph.facebook.com
149 KB
7 sanook.com
www.sanook.com
appx.sanook.com
graph.sanook.com
getimage-member.sanook.com
notification.sanook.com
43 KB
6 exelator.com
loada.exelator.com
loadm.exelator.com
5 KB
6 bidr.io
match.prod.bidr.io
3 KB
5 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
3 KB
5 google.de
www.google.de
adservice.google.de
1 KB
5 googletagservices.com
www.googletagservices.com
153 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 tapad.com
pixel.tapad.com
995 B
4 taboola.com
trc.taboola.com
match.taboola.com
1 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 simpli.fi
um.simpli.fi
2 KB
4 andbeyond.media
rtb-eu.andbeyond.media
1 KB
4 teads.tv
a.teads.tv
988 B
4 facebook.net
connect.facebook.net
175 KB
4 google-analytics.com
www.google-analytics.com
75 KB
3 owneriq.net
px.owneriq.net
1 KB
3 ad4m.at
ad4m.at
2 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 contextweb.com
bh.contextweb.com
1 KB
3 innity.net
avd.innity.net
13 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 criteo.net
static.criteo.net
39 KB
2 ipredictive.com
sync.ipredictive.com
1 KB
2 gumgum.com
rtb.gumgum.com
672 B
2 playground.xyz
ads.playground.xyz
725 B
2 sitescout.com
pixel-sync.sitescout.com
674 B
2 zeotap.com
mwzeom.zeotap.com
749 B
2 bnmla.com
match.bnmla.com
224 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 deepintent.com
match.deepintent.com
83 B
2 adgrx.com
cm.adgrx.com
816 B
2 erne.co
green.erne.co
651 B
2 1rx.io
sync.1rx.io
486 B
2 eqads.com
um2.eqads.com
564 B
2 dyntrk.com
gu.dyntrk.com
850 B
2 advangelists.com
nep.advangelists.com
463 B
2 dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
291 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
744 B
2 onaudience.com
pixel.onaudience.com
736 B
2 de17a.com
d5p.de17a.com
637 B
2 giraff.io
code.th.giraff.io
42 KB
2 googleadservices.com
www.googleadservices.com
15 KB
2 googletagmanager.com
www.googletagmanager.com
78 KB
1 nr-data.net
bam.nr-data.net
275 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 rfihub.com
p.rfihub.com
779 B
1 googleapis.com
ajax.googleapis.com
30 KB
1 crwdcntrl.net
id.crwdcntrl.net
903 B
1 id5-sync.com
id5-sync.com
532 B
1 google.nl
adservice.google.nl
853 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 loopme.me
csync.loopme.me
212 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 u1sf.com
api.u1sf.com
401 B
1 izooto.com
cdn.izooto.com
1 KB
1 truehits.in.th
lvs2.truehits.in.th
3 KB
1 agencecw.com
60d59a636ee0c.agencecw.com
2 KB
417 79
Domain Requested by
98 s.isanook.com www.sanook.com
s.isanook.com
27 simage2.pubmatic.com 2 redirects ads.pubmatic.com
www.sanook.com
21 dsum-sec.casalemedia.com 8 redirects ssum-sec.casalemedia.com
um2.eqads.com
21 cm.g.doubleclick.net 17 redirects eu-u.openx.net
15 securepubads.g.doubleclick.net www.googletagservices.com
www.sanook.com
60d59a636ee0c.agencecw.com
securepubads.g.doubleclick.net
14 ib.adnxs.com 2 redirects www.sanook.com
acdn.adnxs.com
12 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
12 us-u.openx.net 4 redirects eu-u.openx.net
12 eu-u.openx.net ads.pubmatic.com
eu-u.openx.net
11 match.adsrvr.org 2 redirects www.sanook.com
eu-u.openx.net
ssum-sec.casalemedia.com
9 image2.pubmatic.com ads.pubmatic.com
www.sanook.com
8 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
8 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
8 c1.adform.net 7 redirects ads.pubmatic.com
8 bidder.criteo.com www.sanook.com
static.criteo.net
7 t.pubmatic.com www.sanook.com
7 pixel.quantserve.com 6 redirects ssum-sec.casalemedia.com
7 sync.mathtag.com 7 redirects
7 hbopenbid.pubmatic.com www.sanook.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.sanook.com
www.googletagservices.com
6 match.prod.bidr.io 6 redirects
6 www.facebook.com www.sanook.com
connect.facebook.net
www.facebook.com
6 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
5 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
5 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
4 loadm.exelator.com 2 redirects www.sanook.com
4 uipglob.semasio.net 2 redirects www.sanook.com
4 visitor.fiftyt.com 4 redirects
4 pm.w55c.net 4 redirects
4 pixel.tapad.com 2 redirects ads.pubmatic.com
4 acdn.adnxs.com ads.pubmatic.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 rtb-eu.andbeyond.media www.sanook.com
4 as.innity.com www.sanook.com
4 a.teads.tv www.sanook.com
4 htlb.casalemedia.com www.sanook.com
4 tencentth-d.openx.net www.sanook.com
4 adservice.google.com securepubads.g.doubleclick.net
4 www.google.com 1 redirects www.sanook.com
tpc.googlesyndication.com
4 connect.facebook.net www.sanook.com
connect.facebook.net
s.isanook.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 simage4.pubmatic.com ads.pubmatic.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 ad4m.at ssum-sec.casalemedia.com
ads.pubmatic.com
3 x.bidswitch.net 3 redirects
3 ups.analytics.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 bh.contextweb.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 adservice.google.de securepubads.g.doubleclick.net
3 avd.innity.com avd.innity.net
www.sanook.com
3 avd.innity.net p3.isanook.com
avd.innity.net
60d59a636ee0c.agencecw.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 gum.criteo.com 1 redirects static.criteo.net
3 sal.isanook.com www.sanook.com
60d59a636ee0c.agencecw.com
3 static.criteo.net www.sanook.com
2 getimage-member.sanook.com www.sanook.com
2 sync.ipredictive.com 2 redirects
2 rtb.gumgum.com 2 redirects
2 secure.adnxs.com 2 redirects
2 ads.playground.xyz 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 mwzeom.zeotap.com www.sanook.com
ads.pubmatic.com
2 aud.pubmatic.com www.sanook.com
2 match.bnmla.com ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 match.taboola.com ads.pubmatic.com
2 trc.taboola.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 cm.adgrx.com ads.pubmatic.com
2 green.erne.co 2 redirects
2 sync.1rx.io 2 redirects
2 graph.sanook.com s.isanook.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 nep.advangelists.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 code.th.giraff.io s.isanook.com
www.sanook.com
2 www.google.de www.sanook.com
2 mug.criteo.com www.sanook.com
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 www.googletagmanager.com 60d59a636ee0c.agencecw.com
www.sanook.com
1 notification.sanook.com www.sanook.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.sanook.com
1 p4.isanook.com www.sanook.com
1 p.rfihub.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 id.crwdcntrl.net www.sanook.com
1 id5-sync.com www.sanook.com
1 bce22fbd3e8dadaac5d2798ba6f6e7bb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 f6f7b8880998c6e782e171eed9fb6d83.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 api.u1sf.com s.isanook.com
1 graph.facebook.com s.isanook.com
1 appx.sanook.com s.isanook.com
1 cdn.izooto.com s.isanook.com
1 lvs2.truehits.in.th www.sanook.com
1 www.sanook.com 60d59a636ee0c.agencecw.com
1 60d59a636ee0c.agencecw.com
417 118

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.sanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-27 -
2022-06-27		 a year crt.sh
*.isanook.com
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-10-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2021-02-12 -
2022-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-11 -
2021-12-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-14 -
2021-08-14		 a year crt.sh
*.u1sf.com
DigiCert SHA2 Secure Server CA		 2020-01-21 -
2022-03-16		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2021-02-22 -
2022-03-26		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.google.nl
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.id5-sync.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
um3.eqads.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-21 -
2022-04-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 66 frames:

Primary Page: http://60d59a636ee0c.agencecw.com/dr2406/414-smwqyelai.html
Frame ID: E570446C751DC71009774BA42D761C95
Requests: 4 HTTP requests in this frame

Frame: https://www.sanook.com/news/8357734/
Frame ID: 23A790B1754B91D96F1AB0F599FA4B88
Requests: 217 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html
Frame ID: B9D053988B48D17F09B9D9A66D7DC5B8
Requests: 1 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 8593DAE140C00D7CA585FCBBC49C2955
Requests: 2 HTTP requests in this frame

Frame: https://f6f7b8880998c6e782e171eed9fb6d83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D8257556A91E155830532DC993CD392B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D9CCC8F799FD445477CCF0A75E84CCF0
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E4F70F80CFBDF132F3D874ADE751D7B0
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 96BB9038C8D52E3F2BC6C84C5EABC440
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjxgxTu4v9sq-w9DGjbmIsuEtL_qviIwszAh6AQbx7X1tl-JwN0obd8G_OVnpWNQPqUfr2DwZ6XmkTLdDuEnzSMCtBYZEd60VtorLfYr6JxPKvkpNoNdvEBh366NaXII4qlDl2Lrx9ihLBSF94fBzFNfxkL98HT0TDg9nzKvyKQr-0mEVxE6k9suNW4ZLMctIv8YxWzKqrn2n9IGLi95TwmTqCMnKpQBSVgjWT4YPc015kowEU8fq-YWuZ8O8p8PaV7UVxntjjdNvAXtfyX4RzF56xFm1_a9V27uSnH7w006SFEBGZM6qlxHQWDE6Rfl9bWW6haNLywyMRj70NiVcDtTh7&sig=Cg0ArKJSzFPaZlZG_fbeEAE&urlfix=1&adurl=
Frame ID: 9B3A6832C79395815A697C93E9AFC45B
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e30d1a749af48%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff20f1429e833e8c%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Frame ID: 9EE0445297704F33DA6FA2EB3F9F67A6
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
Frame ID: A157888E56D73D390BC042613A51C11C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5338605195965394625
Frame ID: 861CC9E2E17CE5F7E4BA245F4FD9EBEC
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9721F61B76524C7A04533EFE7323455A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977654322079660172
Frame ID: 7B111831E75074C252C7FF161125D161
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAu807BqzcAADptZcDdcw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: C61B032B1BABDF6B67993F216E7D99B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 010DC49FA6E13B958A1C10E8779F2D0C
Requests: 1 HTTP requests in this frame

Frame: https://bce22fbd3e8dadaac5d2798ba6f6e7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 66E9DD9843C4B3FA49076E3A9B869868
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSQ_lg-W15ugITOE4R8Oe5MyroyTd-wdLdEZwH2k1td0q5AYLbLDCOAmzeoFeIMJvSUGzS-d_GxoXrTgIqWsrUvkaCyVrJjRtSnl0Kco7ZXa0hTieKEXIByPmGjfdQv2PtAepJzNA4emcgxLLdrxyO6SVdvESeM9EPU71IHDdaf_orwOGe1cWKYU4vntS-Hj3Vss76pilZDYp41ZYaLgmIeZgfSfd3gdsZSKuqh-fyN3sW3bdCl496HxJTvhIFmpc0I6ZlFQqloIWf2vfLPr1uSnP-8poB7q6OdiWD6QECivlZPmeeOggjtDB6&sig=Cg0ArKJSzF8fLPE17ua3EAE&urlfix=1&adurl=
Frame ID: 4A45EB769CE60294C17E9B97692C5811
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 76667211B468A26F27116FE21F264BFF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C644D7F1E1D71DD5E8A91A02C9286A6
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 18F964F53547588918BE4F76CAB860D9
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Frame ID: BEFCD85BAB29F4925AD2DD5628FDECC3
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Frame ID: EC547DE6C9E91E1CFE2DEEF6CA567A42
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 39F6056118756E8EC4A070E8F041FB1F
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 90BCFC7E91B52BFECE02E0E2F4A4575D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Frame ID: B1222CE3B1CA1FB2D5F1C6CD2FD9676B
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C33E2159C7D9BB602B08366BB81C8138
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 686B3EA91EC2F35877CF1E5D072AB94E
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F2653705976C9B15FA4D24E5CD827964
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Frame ID: 5E4B207E64A4E9D41ADFFBC951506B71
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 042A90581D6E60D1DF05289A30A3106E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BB5E3D01F16D5BA8ADE4F7A9C280C45D
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E6C0C6FAE1542C7C9BE5AB551804B36C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 25EFB4F72A1474289C586F152A0C0C4F
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F42DB772ED8F29062A698021390E46AA
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 7EFE06445F5C36A2E4E205BA1767AA58
Requests: 10 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 446A5498C8FB60B2BF02A2A97560C893
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 09BC68F1F03C8DE4FF146FE1B6177FF6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 1BD933EC0DF0025F5F975F08E63661ED
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
Frame ID: 3F150A6EA60FC4498192C0975B1830BF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: EADBAF7A8F636930A511B57DD47EB10F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B56ACF3DF99DBD3FE6F338B3FF67B10A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=L5aEu4YQMwrG&pid=557219
Frame ID: 13A5B6B156A02F6958045793197B8C1A
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 7BB7020B3E213384EC9D2477F1B3677D
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5da38725-8968-4209-b050-c12f839cc190-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: A1CC121DA821A24F90328816C448021E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 7FD0B91A68C12F3F333271DB5DB510E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
Frame ID: 5C4F1580C008610C78AC4B88D171A43A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibfaBD78TvdCRXsQYWQvZ8HkwTM
Frame ID: 93FCCB5A4A032A9A550AB9DFA11092C2
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 0AD2E04E8136A474E2FEB7FF3ABB0F5F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F0EBAEB929D14B11AA8C9DB60CCFEC2A
Frame ID: 02F1FEF99B1E8C565A49917AA9EF8E4B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: EB9D4CB8F3C010E7D2918DCCD9E3CFF6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: D27F1701C2299B19FCA46C46AF992FB7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
Frame ID: 09983ED5C4530800E3354DFFDF5CF7A8
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: EC08C30F11A5065BF966395A42010878
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 631A4945D0920AFD5891A0C4D6A16C2C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lJrAmgr0utf8&pid=557219
Frame ID: B90E72E9074024957F5F23E5B1655614
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 90ADBE626C7E99CDB0D7ED6CCF4C53FF
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1b07a2d5-d06b-44df-863c-65c026e06f5e-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 1130CD411F897E91C5826AF049208883
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: D9B7C60446C7C756D5BC701E42D37883
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
Frame ID: 2D1561BC2E9CD5C6B944ABEC15BD31D0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=onCPsPCuSd1a4CD3sdO__8HkwTM
Frame ID: DEA856BF1024FD5D34C92F4AA8D4612F
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 5A4BF681A8402A1FA3A51462296DFF16
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A6D58A872D4416F8A67C52F08031FCE
Frame ID: B0D9CAE9A0E19D55D54BB939D7E9139A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=60d59a636ee0c.agencecw.com
Frame ID: EFE67583812F69E69AAC1A5FA8BD730E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 721C4673D7837F2D1FA255147EE59C58
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C4F84A24FB30D6E06143AD1401FD14A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

417
Requests

99 %
HTTPS

29 %
IPv6

79
Domains

118
Subdomains

86
IPs

12
Countries

3715 kB
Transfer

11487 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&domain=www.sanook.com&cw=1&pbt=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=_uJ573xoQkpuWWhxVnk5U2RNd2xKMVlzNktERDdlMTU0THBaKytWZFFoaWlWUFdhZGhHSFArNGRidzFoM29GZlBVZ2tlQmh6RzlUZ1RuckRUMkUxVVlFOWJjcXcwcmlZUVVHVEVPYWtrbFBuNGh2MEpJMWtIVFRxVDNFS09JUUJsVVFtcXVlcUwzVERta0ZUS2tLZDFEb01NbHRHZlEyV25aUnBmZTJkL0NmN3VORDJqd0Rub3ZjYlpiR3NIWE9tazBtTk1xdHBnTU5yYllVRktvaCt1SlRWSGpVVDQwKzM2Q2YwSWtkLzNpK2wyZWZqeFpHLzluSkM4ZEoyZjhKOGY3NzRJfA&cppv=2
Request Chain 75
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=764263744&cv=9&fst=1624611745525&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oZvVYJPXI-aS7_UP386giA0&sscte=1&crd=&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpWg5niOVzJ6iVqjc4n5wgdSzyaPHJpZc0E HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=764263744&cv=9&fst=1624611745525&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oZvVYJPXI-aS7_UP386giA0&cid=CAQSKQCNIrLMKMcmFRdge8pcX5RTve8w_wKurJ6h-7LSPe25KgcbiiXJaIUJ&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpVMFZgQfQhRUfQdOTvf74Y3rrvzNbbViqM&random=3205044131&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=764263744&cv=9&fst=1624611745525&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oZvVYJPXI-aS7_UP386giA0&cid=CAQSKQCNIrLMKMcmFRdge8pcX5RTve8w_wKurJ6h-7LSPe25KgcbiiXJaIUJ&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpVMFZgQfQhRUfQdOTvf74Y3rrvzNbbViqM&random=3205044131&resp=GooglemKTybQhCsO&ipr=y
Request Chain 81
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1624611746130&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&c9=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1624611746130&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&c9=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F
Request Chain 177
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
Request Chain 178
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5338605195965394625
Request Chain 180
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977654322079660172
Request Chain 181
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBTFpFN0JxemNBQURjWWZWeFBnUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBTFpFN0JxemNBQURjWWZWeFBnUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAu807BqzcAADptZcDdcw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAu807BqzcAADptZcDdcw&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAu807BqzcAADptZcDdcw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 182
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zkzgRoXoSFy0SzxYe8L9ow%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 184
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=71f960d5-9ba4-4800-bea2-07db6e1a76be
Request Chain 185
  • https://pixel.onaudience.com/?partner=214&mapped=CE4CE046-85E8-485C-B44B-3C587BC2FDA3 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=25574db5612130065a05e126c820e96f
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0U0Q0UwNDYtODVFOC00ODVDLUI0NEItM0M1ODdCQzJGREEz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ760JdiiPHDkVvt9CJEI6c&google_cver=1
Request Chain 189
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5740926643490249143
Request Chain 190
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&gdpr=0&gdpr_consent=
Request Chain 191
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fb5b0c82-715d-4fe6-b7b5-186d138f2242
Request Chain 192
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4702087275764383235&gdpr=0&gdpr_consent=
Request Chain 194
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7c8BpYtE2uXyJS_0dBm3vDIocGDO.l0-~A&gdpr=0&gdpr_consent=
Request Chain 195
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl
Request Chain 196
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YNWbpAACJqxRsgA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNWbpAACJqxRsgA4&gdpr=0&gdpr_consent=&_test=YNWbpAACJqxRsgA4
Request Chain 197
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=3b35d6dc-a553-48e1-9835-fa7db0318442 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=3b35d6dc-a553-48e1-9835-fa7db0318442 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=58c1a386-48e2-4113-82c2-6e3f0eb94471&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3b35d6dc-a553-48e1-9835-fa7db0318442&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 198
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2810120156450293986&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 199
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:331b6fd5-28a2-4300-8530-f9876f416d43&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 251
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1624611748176 HTTP 302
  • https://avd.innity.com/sync/?partner=appnexus&token=4702087275764383235&type=cookie&itmcb=1624611748176
Request Chain 253
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=12bb60d5-9ba4-4000-bf5b-2b1519d676f7
Request Chain 254
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
Request Chain 255
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
Request Chain 259
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5ca560d5-9ba4-4c00-9c4a-368e43eb7e07
Request Chain 260
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
Request Chain 261
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
Request Chain 265
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f36860d5-9ba5-4000-8315-2a0710adbe5e
Request Chain 266
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
Request Chain 267
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
Request Chain 271
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9a1960d5-9ba5-4f00-a18d-e2768a2ff9e9
Request Chain 272
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
Request Chain 273
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
Request Chain 280
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 283
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 284
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 285
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 286
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDtQAABHkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDtQAABHkAAAAB&dcc=t
Request Chain 287
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWbpIDwM1S00ZfX.6QDuQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2&C=1
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWbpIDwM1S00ZfX-6QDtQAABHkAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
Request Chain 291
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c0725fac-d97e-4dbd-b3c0-4576de304a0b
Request Chain 292
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624698148&gdpr=1
Request Chain 293
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=7HR5ieMmfI_3ICiN73Mwj-N0f4X3dy2O4iYFTfET
Request Chain 295
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWbpIDwM1S00ZfX-6QDuQAABMEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
Request Chain 297
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWbpIDwM1S00ZfX.6QDuQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2&C=1
Request Chain 298
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDuQAABMEAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDuQAABMEAAAAB&dcc=t
Request Chain 299
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 300
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAu807BqzcAADptZcDdcw&expiration=1625821354&gdpr=1
Request Chain 302
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6778981491825175009&uid=Q6778981491825175009&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 304
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWbpKB1r99PkXyAh6cEFgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&C=1
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWbpIDwM1S00ZfX-6QDvAAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
Request Chain 307
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDvAAABK8AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDvAAABK8AAAIB&dcc=t
Request Chain 308
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=ECDC81D8348148F4AEFC831005A1278D&gdpr=1
Request Chain 310
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-35a6e250-4b2b-4057-8e9b-aeeb23459d35
Request Chain 312
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 313
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB&dcc=t
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
Request Chain 316
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWbpKB1r99PkXyAh6cEFgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&C=1
Request Chain 317
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=463260d5-9ba4-4f00-b934-de9e8b6089e9&gdpr=1&gdpr_consent=
Request Chain 319
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819620859833583
Request Chain 345
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 347
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
Request Chain 349
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 350
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=L5aEu4YQMwrG&pid=557219
Request Chain 352
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5da38725-8968-4209-b050-c12f839cc190-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 353
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 354
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
Request Chain 355
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibfaBD78TvdCRXsQYWQvZ8HkwTM
Request Chain 357
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F0EBAEB929D14B11AA8C9DB60CCFEC2A
Request Chain 358
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&addseg=17
Request Chain 359
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 361
  • https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 362
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 363
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4702087275764383235
Request Chain 364
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a0d3d016-1315-423d-90b4-fb9355ec9571
Request Chain 365
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=134be8f8-d594-11eb-ab86-a799382bd3d2&gdpr=0&gdpr_consent=
Request Chain 366
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&addseg=17
Request Chain 367
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 369
  • https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 370
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 371
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 373
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
Request Chain 375
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4702087275764383235
Request Chain 376
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1974aadf-747a-42cb-bd79-5318d849231f
Request Chain 377
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 378
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lJrAmgr0utf8&pid=557219
Request Chain 380
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1b07a2d5-d06b-44df-863c-65c026e06f5e-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 381
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 382
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
Request Chain 383
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=135c3c8c-d594-11eb-ba7f-4d742b07335b&gdpr=0&gdpr_consent=
Request Chain 384
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=onCPsPCuSd1a4CD3sdO__8HkwTM
Request Chain 386
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A6D58A872D4416F8A67C52F08031FCE

417 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 414-smwqyelai.html
60d59a636ee0c.agencecw.com/dr2406/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://60d59a636ee0c.agencecw.com/dr2406/414-smwqyelai.html
Protocol
HTTP/1.1
Server
149.28.140.151 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.140.151.vultr.com
Software
nginx /
Resource Hash
d26dc8e0f543117e511d18da787e445453354869441f45adc469d2b010312427

Request headers

Host
60d59a636ee0c.agencecw.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 09:02:23 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-116306602-2
Requested by
Host: 60d59a636ee0c.agencecw.com
URL: http://60d59a636ee0c.agencecw.com/dr2406/414-smwqyelai.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b64d0b859811e9f2ef4fd68541842861ebb3b0694baa0030210bbb5c780b4db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://60d59a636ee0c.agencecw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36364
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:23 GMT
/
www.sanook.com/news/8357734/ Frame 23A7 		210 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/news/8357734/
Requested by
Host: 60d59a636ee0c.agencecw.com
URL: http://60d59a636ee0c.agencecw.com/dr2406/414-smwqyelai.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
c4dbc7c38fc0967b356d85f9d27649310a42ef71a56aef86f85a049866df5cac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Host
www.sanook.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://60d59a636ee0c.agencecw.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://60d59a636ee0c.agencecw.com/

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 09:02:24 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
SN-Cache-Status
HIT
X-Ua-Device
desktop
X-Ua-Type
human
X-Ua-Key
cover_display
X-Ua-Exp
notset
X-Ua-isExpReadpage
exp_readpage_desktop_notset
X-Ua-shouldPass
0
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116306602-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://60d59a636ee0c.agencecw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5438
date
Fri, 25 Jun 2021 07:31:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 25 Jun 2021 09:31:45 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1019252789&t=pageview&_s=1&dl=http%3A%2F%2F60d59a636ee0c.agencecw.com%2Fdr2406%2F414-smwqyelai.html&ul=en-us&de=UTF-8&dt=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1875266731&gjid=1908695877&cid=746963070.1624611743&tid=UA-116306602-2&_gid=183493957.1624611743&_r=1&gtm=2ou6n0&z=174054194
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://60d59a636ee0c.agencecw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://60d59a636ee0c.agencecw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.4af493dc.chunk.css
s.isanook.com/sr/0/_next/static/css/ Frame 23A7 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/styles.4af493dc.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
35704
server
Lego Server
age
0
etag
W/"60d3ff34-8b78"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
15674048256588542734
accept-ranges
bytes
content-length
7314
expires
Sat, 24 Jul 2021 04:25:29 GMT
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ Frame 23A7 		1 KB
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 12:29:41 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 16 May 2018 08:30:09 GMT
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
177223869875183476
accept-ranges
bytes
content-length
550
expires
Fri, 09 Jul 2021 12:29:41 GMT
publishertag.js
static.criteo.net/js/ld/ Frame 23A7 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:10:01 GMT
server
nginx
etag
W/"60b79139-1d469"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 26 Jun 2021 09:02:25 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ Frame 23A7 		375 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.168 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
etag
"5296e90f-177"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6897818673966280313
accept-ranges
bytes
content-length
266
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ Frame 23A7 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.168 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
etag
"4d5107cb-2b"
content-type
image/gif
x-nws-log-uuid
4561162789776513103
accept-ranges
bytes
content-length
43
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ Frame 23A7 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
9b432db8bfed4434ed2682bd0a4e16e01c8193f670a8de52fc5284f32cd9df90

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 02:06:12 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2691358925051854014
accept-ranges
bytes
content-length
63349
expires
Mon, 19 Jul 2021 02:06:12 GMT
s-regional.png
s.isanook.com/ns/0/uc/1/6213/ Frame 23A7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/uc/1/6213/s-regional.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ff3cb347449e2b4f63248f760ab9245d33bf3c84fa0492b477a9109736677b66

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 04:10:00 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 12 Dec 2019 06:44:29 GMT
server
Lego Server
age
0
etag
"5df1e1cd-ccb"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10502805519291267613
accept-ranges
bytes
content-length
3275
expires
Sun, 18 Jul 2021 04:10:00 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3NfXzc0ODc2MTUuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ Frame 23A7 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3NfXzc0ODc2MTUuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ddf9964d79fd304f55f0253cb9c7f2def776ff9fe5c47d91cb9ea1f3c9aeedb5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 16:41:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16161945189288574407
accept-ranges
bytes
content-length
58097
expires
Sun, 18 Jul 2021 16:41:36 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3NfXzc0ODc2MTQuanBn.jpg
s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/ Frame 23A7 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/r/w728/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY3MS84MzU3NzM0L3NfXzc0ODc2MTQuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fbdc27db510ab0461c8e635479fbd6408d40104c5ecbac79b3154b4db5596f97

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 16:41:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5895930035842141851
accept-ranges
bytes
content-length
81520
expires
Sun, 18 Jul 2021 16:41:36 GMT
covid19-banner2.png
s.isanook.com/sr/0/images/event-banner/2020/covid19/ Frame 23A7 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/event-banner/2020/covid19/covid19-banner2.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
31384c40690287283e6448a7c83fc24cb1c39917a5a07c6a8c1c211e0f6400b6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 13:02:48 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:05 GMT
server
Lego Server
age
0
etag
"60c98555-57eb"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10842214249218176023
accept-ranges
bytes
content-length
22507
expires
Fri, 16 Jul 2021 13:02:48 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAxMjcwL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMTIuanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 23A7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAxMjcwL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoMTIuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
feb5d4ffbb0918d3533b174265720e1a1beeb2c456ecc6c29635540a9b30923b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 06:12:11 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2937979918215474428
accept-ranges
bytes
content-length
16401
expires
Fri, 23 Jul 2021 06:12:11 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwODU0L2xvc3QuanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 23A7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwODU0L2xvc3QuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
44eb0ac8bcd9b192518b53eaad09c84e4c0f1f674c7c4bfac85db1a546ea3997

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 11:35:21 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6894919931645548866
accept-ranges
bytes
content-length
11313
expires
Thu, 22 Jul 2021 11:35:21 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwOTk4L2dvbGQuanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 23A7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwOTk4L2dvbGQuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
0801c6f675417d682c3909e0ed2a9bd69f47a4f1c9f1e2eb02719f9a6f4e2d21

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:40:44 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4424873177378380283
accept-ranges
bytes
content-length
12260
expires
Thu, 22 Jul 2021 15:40:44 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAxMDAyL2NtLWxwLWV4cGxvZGVzLmpwZw==.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 23A7 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAxMDAyL2NtLWxwLWV4cGxvZGVzLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
da489dcc3cf9cb444da375b154b709dc4bbc4134719f8c0c496f9a7effd59a4b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:41:13 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2790781146566874426
accept-ranges
bytes
content-length
25511
expires
Thu, 22 Jul 2021 15:41:13 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwMDM0L3NvbGFyLmpwZw==.jpg
s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/ Frame 23A7 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h197/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY4MC84NDAwMDM0L3NvbGFyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
11e04bf0bddbdb5544b6d570c7cfb466a8b91931f25032d7fa4ccd3b180d99ea

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Jun 2021 07:36:01 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16737223352099854043
accept-ranges
bytes
content-length
20532
expires
Wed, 21 Jul 2021 07:36:01 GMT
entry.js
s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/common/ Frame 23A7 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/common/entry.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bcd44db972bcd70526a04c7459652d82e65c6aee369ec728143be6053667d57a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-e37e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10573375590765412401
accept-ranges
bytes
content-length
12927
expires
Sat, 24 Jul 2021 05:02:18 GMT
_app.js
s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/ Frame 23A7 		329 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/_app.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e6701152297ff536bf907a6566cace758ec7dc842dad945a8a6b56ae0e7d6a3d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:19 GMT
server
Lego Server
age
0
etag
W/"60d40e57-525c7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11849465774022123107
accept-ranges
bytes
content-length
72524
expires
Sat, 24 Jul 2021 05:02:18 GMT
4781b2a8b3928b072d145d1cf2b976331d469d25.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4781b2a8b3928b072d145d1cf2b976331d469d25.373763efdd431ed68264.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14823827425400161367
accept-ranges
bytes
content-length
8443
expires
Sat, 24 Jul 2021 05:02:18 GMT
4909abdef241a9aae5745838bd7e67d0d2f37d3d.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4909abdef241a9aae5745838bd7e67d0d2f37d3d.99c2898dcbff2a789c9c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
12343982569175237490
accept-ranges
bytes
content-length
5530
expires
Sat, 24 Jul 2021 05:02:18 GMT
c8f7fe3b0e41be846d5687592cf2018ff6e22687.6db4a8ec5e94a78e2b5c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		887 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.6db4a8ec5e94a78e2b5c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bcea6ed2b03d8890a03a4e1bbb57c2237e75af15fff58f56b9ffb5bdfef0ca4e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:50:58 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-dddd1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5171352780633847175
accept-ranges
bytes
content-length
231688
expires
Sat, 24 Jul 2021 05:50:58 GMT
cf89254f3b62bfcd72d40b69e1600b42e9852816.8b870b2e2aaff3624f9b.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/cf89254f3b62bfcd72d40b69e1600b42e9852816.8b870b2e2aaff3624f9b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
13b0e40192eec4b88d7eb7f14d3b9579febb47b211bd1a0a336a34b3b6c30383

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-31cd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10563432510170258639
accept-ranges
bytes
content-length
3794
expires
Sat, 24 Jul 2021 05:02:18 GMT
45.2b59ad9dee77e82b3de2.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		288 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/45.2b59ad9dee77e82b3de2.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
785143cb8b94b7496c35f5bb2dd6dc7fd7ead6b1abe88379eaf2d40542cb857a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-47fda"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
5380864334127444826
accept-ranges
bytes
content-length
63179
expires
Sat, 24 Jul 2021 05:02:18 GMT
webpack-d5c9dfd90ff5a41796bb.js
s.isanook.com/sr/0/_next/static/runtime/ Frame 23A7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f1f031acac4bb260679ca40ced78634aca191a4b7afd0ddaa4a1c108324c3749

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"60d40e57-19f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
6898892071166729938
accept-ranges
bytes
content-length
2948
expires
Sat, 24 Jul 2021 05:02:18 GMT
framework.a8c446334694403b7af5.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		136 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework.a8c446334694403b7af5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:50:58 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
139444
server
Lego Server
age
80250
etag
W/"60c9853e-220b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
15404749309958457142
accept-ranges
bytes
content-length
44575
expires
Fri, 16 Jul 2021 08:50:58 GMT
3e73cab0a5995742bc81198d6fa3dd73e45fe44f.6ee61761ec68b3509c52.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3e73cab0a5995742bc81198d6fa3dd73e45fe44f.6ee61761ec68b3509c52.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-1995"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2472752024283178440
accept-ranges
bytes
content-length
2469
expires
Sat, 24 Jul 2021 05:02:18 GMT
4f979d79030e16e7d6bf322f16e2f112703e22b9.3b72f283b635eb4eacd3.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4f979d79030e16e7d6bf322f16e2f112703e22b9.3b72f283b635eb4eacd3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-1def"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2203335018721018973
accept-ranges
bytes
content-length
2559
expires
Sat, 24 Jul 2021 05:02:18 GMT
ce01e3e9f624d98567b3e71b67bbded70e4c64bf.f848520e63915f6f252c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ce01e3e9f624d98567b3e71b67bbded70e4c64bf.f848520e63915f6f252c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-320a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11370986509217905010
accept-ranges
bytes
content-length
4839
expires
Sat, 24 Jul 2021 05:02:18 GMT
8750a08f0d4ebb74088edc9e7844f0c072730000.b7595c8340c8fcd5e360.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8750a08f0d4ebb74088edc9e7844f0c072730000.b7595c8340c8fcd5e360.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-bdf4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17290534535717655273
accept-ranges
bytes
content-length
18431
expires
Sat, 24 Jul 2021 05:02:18 GMT
020cd5d262709bc287d6bc66b74b8155d61ed021.e4725ddb2c84cda01172.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		150 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/020cd5d262709bc287d6bc66b74b8155d61ed021.e4725ddb2c84cda01172.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-2565e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4042758640186153172
accept-ranges
bytes
content-length
47008
expires
Sat, 24 Jul 2021 05:02:18 GMT
ddadccd2333fc79290d41c406d37cb847fa367b0.7a1a2b2083b0c66bf6e7.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ddadccd2333fc79290d41c406d37cb847fa367b0.7a1a2b2083b0c66bf6e7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-9fa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7765341636116075463
accept-ranges
bytes
content-length
14572
expires
Sat, 24 Jul 2021 05:02:18 GMT
47699be2e4d418e3e492b5757642b6c2e49aa1d0.af027d836b2282fda407.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/47699be2e4d418e3e492b5757642b6c2e49aa1d0.af027d836b2282fda407.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-9da8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14775978350394012507
accept-ranges
bytes
content-length
12714
expires
Sat, 24 Jul 2021 05:02:18 GMT
4dbd6cfa95614762cde1d76cbf5153a5138ea291.2ecb9e18e02fabaac6c7.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4dbd6cfa95614762cde1d76cbf5153a5138ea291.2ecb9e18e02fabaac6c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-f905"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17834936413313719465
accept-ranges
bytes
content-length
19637
expires
Sat, 24 Jul 2021 05:02:18 GMT
e0ed27ea0e574000c9c2318a9529e3b9840af08b.382fdcde5dce3d9a8309.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/e0ed27ea0e574000c9c2318a9529e3b9840af08b.382fdcde5dce3d9a8309.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
664186e51f08ee452a19dc92c51b65fe47486c738197bc5f4d6b415e37be0183

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-49e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18285167161812793917
accept-ranges
bytes
content-length
6105
expires
Sat, 24 Jul 2021 05:02:18 GMT
0742e903ef85e35372201cd594e2f86bf0d7241d.31a6257376141e7ef180.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0742e903ef85e35372201cd594e2f86bf0d7241d.31a6257376141e7ef180.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1c540bf66da12459e01db47dfa07ab5426068b2a30a9d02b0ea9b19e8d68e740

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-4cdc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4152049085431329615
accept-ranges
bytes
content-length
6857
expires
Sat, 24 Jul 2021 05:02:18 GMT
0620bbd55e5ab0e73e47a8c1f4769b7a22c8881a.7ece5cd0dfbe31ce1998.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0620bbd55e5ab0e73e47a8c1f4769b7a22c8881a.7ece5cd0dfbe31ce1998.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f01cd6902463d93f2fdecedf90ee4bdbabd4c41603604ee9db65a9087894301b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-2e11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1140520790895299357
accept-ranges
bytes
content-length
3452
expires
Sat, 24 Jul 2021 05:02:18 GMT
3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		284 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
58c9b88f5e2cee331d43bac233cc73741a34044f7907a94f9aa7c2325713ef7d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-46fb5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5736602540805432638
accept-ranges
bytes
content-length
56469
expires
Sat, 24 Jul 2021 05:02:18 GMT
8c841b5e89ba7853a03b841e97a13b9c5fb9326c.db1b049ee320c7a7c3f9.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8c841b5e89ba7853a03b841e97a13b9c5fb9326c.db1b049ee320c7a7c3f9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-776e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8794154710669465748
accept-ranges
bytes
content-length
7416
expires
Sat, 24 Jul 2021 05:02:18 GMT
styles.e56987f829e6da55bdfa.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		107 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/styles.e56987f829e6da55bdfa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 07:31:21 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 22 Jan 2021 03:01:20 GMT
server
Lego Server
age
0
etag
"600a4000-6b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6799674031249927577
accept-ranges
bytes
content-length
107
expires
Sat, 17 Jul 2021 07:31:21 GMT
main-792137066069f4bd9ec1.js
s.isanook.com/sr/0/_next/static/runtime/ Frame 23A7 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cd6038c5672792bce93856c78068a09d1f7162f06ec43c7e0675f91c9a6130df

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
13391
server
Lego Server
age
0
etag
W/"60d3ff34-344f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2458746191449732722
accept-ranges
bytes
content-length
4910
expires
Sat, 24 Jul 2021 04:25:29 GMT
9d437c69cc20c37e37652aec42e1300ea80190be.1d9b70f85cfb1b702a70.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		251 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9d437c69cc20c37e37652aec42e1300ea80190be.1d9b70f85cfb1b702a70.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cd61d37309df288e285bc59d1c9ec3fc4507ff265b33687d6c445cf10c63642a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3ea30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3731127124610176554
accept-ranges
bytes
content-length
26021
expires
Sat, 24 Jul 2021 05:02:18 GMT
4dc270ed147e56e8fbb687252342c66dcf3c4331.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4dc270ed147e56e8fbb687252342c66dcf3c4331.02e73207f7dab7fbde40.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3513768060482070389
accept-ranges
bytes
content-length
5447
expires
Sat, 24 Jul 2021 05:02:18 GMT
0c9b7899ce57ea28ea43c3b3c3f219012b490045.70fd9ee40d6fa0cf0e38.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0c9b7899ce57ea28ea43c3b3c3f219012b490045.70fd9ee40d6fa0cf0e38.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a4f13295a972f241e42e7c7d4c287c890a03b15d6d5e502dbc37496f165adaeb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:48:24 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"60d40e56-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2662049516159155082
accept-ranges
bytes
content-length
4588
expires
Sat, 24 Jul 2021 05:48:24 GMT
2eaa13c4dc5b4d6bdb99ea87ad4a8cd0eb4e8607.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2eaa13c4dc5b4d6bdb99ea87ad4a8cd0eb4e8607.8c7201dca81875cd9bba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13351280834573016213
accept-ranges
bytes
content-length
3936
expires
Sat, 24 Jul 2021 05:02:18 GMT
dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		212 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e1dedc7a0bc38ce43c6c4eb58a9df2423ca7d1559987723c9bf3d552dfcda8f3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:42:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
217498
server
Lego Server
age
0
etag
W/"60d40e56-3519a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5401045498694247020
accept-ranges
bytes
content-length
46209
expires
Sat, 24 Jul 2021 05:42:01 GMT
05cac3a6926197d22062b4c7446ac14202f6c842.6fe0d2db4ad1278b3e1b.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/05cac3a6926197d22062b4c7446ac14202f6c842.6fe0d2db4ad1278b3e1b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3c2a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9476530662682798004
accept-ranges
bytes
content-length
3643
expires
Sat, 24 Jul 2021 05:02:18 GMT
8b8a847e507f4ab3d008b81197223fdebbfda0db.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8b8a847e507f4ab3d008b81197223fdebbfda0db.1c26ec41cba2d9195163.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
11711490428028640486
accept-ranges
bytes
content-length
2691
expires
Sat, 24 Jul 2021 05:02:18 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/ Frame 23A7 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a72de38880d82bc98ab7aecee4d7398a16b468b92f50e946a33c897a5e39b0c4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-1980"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10810599453111666999
accept-ranges
bytes
content-length
1855
expires
Sat, 24 Jul 2021 05:02:18 GMT
oppa.js
p3.isanook.com/sh/0/js/ Frame 23A7 		537 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.168 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 17 May 2017 08:37:40 GMT
server
Lego Server
etag
"591c0bd4-219"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10940896815676024983
accept-ranges
bytes
content-length
363
db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
s.isanook.com/sr/0/js/izooto/ Frame 23A7 		120 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d31f3d46db0cb1cbe85a8028e04fb2e689280f80410523589f193555e3e65552

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 09:31:56 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
age
3673
ntcoent-length
122756
content-length
38834
last-modified
Fri, 18 Jun 2021 02:22:02 GMT
server
Lego Server
etag
"60cc034a-1df84"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2346798675072794540
accept-ranges
bytes
expires
Thu, 22 Jul 2021 09:31:56 GMT
gtm.js
www.googletagmanager.com/ Frame 23A7 		134 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7bde429421ea59c7dc520f813c5a75dbeef0533fc570d6ff231bb5197694e412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43188
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:25 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ Frame 23A7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.10.52 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:25 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Disktank3 Gz
Last-Modified
Thu, 17 Jun 2021 07:02:00 GMT
Server
NWS_Oversea_AP
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
max-age=604800
X-NWS-LOG-UUID
e63f2470-580d-41af-b1bd-c93bd5fcf338
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
2946
Expires
Fri, 02 Jul 2021 09:02:25 GMT
a102.js
sal.isanook.com/js/ Frame 23A7 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-132.static.asianet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
24035
date
Fri, 25 Jun 2021 09:02:26 GMT
content-encoding
gzip
last-modified
Mon, 10 Aug 2020 09:23:14 GMT
server
nginx
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10300
expires
Sun, 25 Jul 2021 09:02:26 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 23A7 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79fcef7a0549ef72c11fc65e27b2e6bb1194eab7d9717980091bc577cfb9b73f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24631
x-xss-protection
0
pragma
public
x-fb-debug
o4V394NvHMa3df7Ehf4qWJqP3UcJ83T0/jMhKtTrdD2G11jEBFZJDICia2DD5Ny3AhHEAM2Et4WF+P/Imvv5dA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 25 Jun 2021 09:02:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo-sanook.svg
s.isanook.com/sr/0/images/ Frame 23A7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:52:31 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:12 GMT
server
Lego Server
age
25652
etag
W/"60c9855c-1633"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
7595768141089656710
accept-ranges
bytes
content-length
5683
expires
Fri, 16 Jul 2021 08:52:31 GMT
wetv-g.svg
s.isanook.com/sr/0/images/homewetv/ Frame 23A7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/homewetv/wetv-g.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 07:19:51 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 14:46:49 GMT
server
Lego Server
age
0
etag
W/"60d49ad9-113a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
12353201676090287565
accept-ranges
bytes
content-length
4410
expires
Sun, 25 Jul 2021 07:19:51 GMT
base-icon-v1.0.33.woff2
s.isanook.com/sr/0/fonts/icon/ Frame 23A7 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.33.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:52:28 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 04:59:49 GMT
server
Lego Server
age
186930
etag
"60c98545-886c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
17850934870379086542
accept-ranges
bytes
content-length
34924
expires
Fri, 16 Jul 2021 08:52:28 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ Frame 23A7 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 05:29:13 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Jun 2021 02:21:50 GMT
server
Lego Server
age
172369
etag
"60cc033e-7a90"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
13302049380882107611
accept-ranges
bytes
content-length
31376
expires
Tue, 20 Jul 2021 05:29:13 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ Frame 23A7 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 18:58:37 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Jun 2021 02:21:50 GMT
server
Lego Server
age
142952
etag
"60cc033e-7df4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14244812028296516811
accept-ranges
bytes
content-length
32244
expires
Thu, 22 Jul 2021 18:58:37 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ Frame 23A7 		2 MB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
last-modified
Wed, 09 Jun 2021 02:13:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a0a4a-1896b8-5c44bd063c1a9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=167087
accept-ranges
bytes
content-type
text/javascript
content-length
198970
expires
Sun, 27 Jun 2021 07:27:12 GMT
1489944661112333
connect.facebook.net/signals/config/ Frame 23A7 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84e997d846f0b228470dd7db80106fee6ccb015c7d915d16cac9deb5cf5f15d5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75660
x-xss-protection
0
pragma
public
x-fb-debug
Uw2VkE0pdr0QsVoMtqdE/bvXThLyRKk3Tajz8t65skukSCiY4ya4+Qy4Fnr3pZqXfLhdnyi4NMrzxOqQyOl+3w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 25 Jun 2021 09:02:25 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 23A7 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4937
date
Fri, 25 Jun 2021 07:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 25 Jun 2021 09:40:08 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 23A7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14011
x-xss-protection
0
server
cafe
etag
1690124483490796579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 09:02:25 GMT
/
www.facebook.com/tr/ Frame 23A7 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&rl=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&if=true&ts=1624611745425&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&it=1624611745380&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 25 Jun 2021 09:02:25 GMT
js
www.google-analytics.com/gtm/ Frame 23A7 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NBRLWV4&t=gtm4&cid=843376716.1624611745
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e357e741203fb8376c567175134ceb9fa35c31ab57ae2b3d0a57d4772d89220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37012
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:25 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ Frame 23A7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1624611745521&cv=9&fst=1624611745521&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f33134e888b871345712eb616f83f8f4d39185d83763cbf138092de76b5f20e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1110
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ Frame 23A7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1624611745525&cv=9&fst=1624611745525&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
fd05ff0d5eba5b9fa545f227b33fcec1962503972fc3f7e0f87e4b3fde7a41ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&domain=www.sanook.com&cw=1&pbt=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.sanook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1395
date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 23A7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&domain=www.sanook.com&cw=1&pbt=1
  • https://mug.criteo.com/sid?cpp=_uJ573xoQkpuWWhxVnk5U2RNd2xKMVlzNktERDdlMTU0THBaKytWZFFoaWlWUFdhZGhHSFArNGRidzFoM29GZlBVZ2tlQmh6RzlUZ1RuckRUMkUxVVlFOWJjcXcwcmlZUVVHVEVPYWtrbFBuNGh2MEpJMWtIVFRxVDNFS0...
345 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_uJ573xoQkpuWWhxVnk5U2RNd2xKMVlzNktERDdlMTU0THBaKytWZFFoaWlWUFdhZGhHSFArNGRidzFoM29GZlBVZ2tlQmh6RzlUZ1RuckRUMkUxVVlFOWJjcXcwcmlZUVVHVEVPYWtrbFBuNGh2MEpJMWtIVFRxVDNFS09JUUJsVVFtcXVlcUwzVERta0ZUS2tLZDFEb01NbHRHZlEyV25aUnBmZTJkL0NmN3VORDJqd0Rub3ZjYlpiR3NIWE9tazBtTk1xdHBnTU5yYllVRktvaCt1SlRWSGpVVDQwKzM2Q2YwSWtkLzNpK2wyZWZqeFpHLzluSkM4ZEoyZjhKOGY3NzRJfA&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e0577f5cc699d096d77bd1c782f45261337c8fec4bd080639530650e12785da0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 25 Jun 2021 09:02:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2326
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 25 Jun 2021 09:02:25 GMT
location
https://mug.criteo.com/sid?cpp=_uJ573xoQkpuWWhxVnk5U2RNd2xKMVlzNktERDdlMTU0THBaKytWZFFoaWlWUFdhZGhHSFArNGRidzFoM29GZlBVZ2tlQmh6RzlUZ1RuckRUMkUxVVlFOWJjcXcwcmlZUVVHVEVPYWtrbFBuNGh2MEpJMWtIVFRxVDNFS09JUUJsVVFtcXVlcUwzVERta0ZUS2tLZDFEb01NbHRHZlEyV25aUnBmZTJkL0NmN3VORDJqd0Rub3ZjYlpiR3NIWE9tazBtTk1xdHBnTU5yYllVRktvaCt1SlRWSGpVVDQwKzM2Q2YwSWtkLzNpK2wyZWZqeFpHLzluSkM4ZEoyZjhKOGY3NzRJfA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1760
content-length
509
expires
0
gpt.js
www.googletagservices.com/tag/js/ Frame 23A7 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d00eb57cae504dd662f2c938bb454085ab0a357b4fbd032ca54a6e9579825df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"912 / 939 of 1000 / last-modified: 1624572544"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23739
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:25 GMT
/
www.google.com/pagead/1p-user-list/408516141/ Frame 23A7 		42 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1624611745521&cv=9&fst=1624611600000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&async=1&fmt=3&is_vtc=1&random=4084484591&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/ Frame 23A7 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1624611745521&cv=9&fst=1624611600000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&async=1&fmt=3&is_vtc=1&random=4084484591&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1007499765/ Frame 23A7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=764263744&cv=9&fst=1624611745525&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=25050...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=764263744&cv=9&fst=1624611745525&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=16...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=764263744&cv=9&fst=1624611745525&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=160...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=764263744&cv=9&fst=1624611745525&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oZvVYJPXI-aS7_UP386giA0&cid=CAQSKQCNIrLMKMcmFRdge8pcX5RTve8w_wKurJ6h-7LSPe25KgcbiiXJaIUJ&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpVMFZgQfQhRUfQdOTvf74Y3rrvzNbbViqM&random=3205044131&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:25 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=764263744&cv=9&fst=1624611745525&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&tiba=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=oZvVYJPXI-aS7_UP386giA0&cid=CAQSKQCNIrLMKMcmFRdge8pcX5RTve8w_wKurJ6h-7LSPe25KgcbiiXJaIUJ&eitems=ChEI8P3VhgYQ3re-lI63gNvjARIdAJJTRpVMFZgQfQhRUfQdOTvf74Y3rrvzNbbViqM&random=3205044131&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021062205.js
securepubads.g.doubleclick.net/gpt/ Frame 23A7 		326 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Jun 2021 16:13:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116215
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:25 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_uJ573xoQkpuWWhxVnk5U2RNd2xKMVlzNktERDdlMTU0THBaKytWZFFoaWlWUFdhZGhHSFArNGRidzFoM29GZlBVZ2tlQmh6RzlUZ1RuckRUMkUxVVlFOWJjcXcwcmlZUVVHVEVPYWtrbFBuNGh2MEpJMWtIVFRxVDNFS09JUUJsVVFtcXVlcUwzVERta0ZUS2tLZDFEb01NbHRHZlEyV25aUnBmZTJkL0NmN3VORDJqd0Rub3ZjYlpiR3NIWE9tazBtTk1xdHBnTU5yYllVRktvaCt1SlRWSGpVVDQwKzM2Q2YwSWtkLzNpK2wyZWZqeFpHLzluSkM4ZEoyZjhKOGY3NzRJfA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
834
date
Fri, 25 Jun 2021 09:02:25 GMT
content-encoding
gzip
vary
Accept-Encoding
/
www.facebook.com/tr/ Frame 23A7 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryii61p17hlALAQnqf

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 25 Jun 2021 09:02:25 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
beacon.js
sb.scorecardresearch.com/ Frame 23A7 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:57:58 GMT
via
1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
268
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
k1edn3EezKiAEkN1VNWLcjoiEboKzb1Cx_ZvWibXv_kLaSS9idqyNQ==
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ Frame 23A7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.109.76.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-76-50.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.18.0
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1839544
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Fri, 16 Jul 2021 16:01:30 GMT
b2
sb.scorecardresearch.com/ Frame 23A7
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1624611746130&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1624611746130&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1624611746130&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&c9=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:26 GMT
via
1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
-xHsyew2j8SyPTMaqRF3gJJa6E9h9bS5-Vgmdq7kci88NRr8g-SWLQ==

Redirect headers

date
Fri, 25 Jun 2021 09:02:26 GMT
via
1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1624611746130&ns_c=UTF-8&ns_if=1&cv=3.5&c8=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&c7=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&c9=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F
content-length
978
x-amz-cf-id
_DdjOrO66TW1b3IpRlzU9VRc_-j9SxWBODc0Kz2NFhefpD2H9k0scA==
dc.js
avd.innity.net/lib/ Frame 23A7 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.109.76.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-76-50.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 01:29:24 GMT
Server
nginx/1.18.0
ETag
"5fa203f4-51a4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1829497
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6442
Expires
Fri, 16 Jul 2021 13:14:03 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ Frame 23A7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: 60d59a636ee0c.agencecw.com
URL: http://60d59a636ee0c.agencecw.com/dr2406/414-smwqyelai.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.109.76.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-76-50.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1771051
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Thu, 15 Jul 2021 20:59:57 GMT
/
avd.innity.com/dc/cb/ Frame 23A7 		59 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
bd84d7808fbcb4e80da17a349a90c3833d5b280413aee004b70e9b4dfc6b3260

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 09:02:28 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
application/javascript
Content-Length
77
Expires
Wed, 04 Aug 1985 12:59:00 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame B9D0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn.izooto.com
:scheme
https
:path
/scripts/sak/iz_setcid.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

date
Fri, 25 Jun 2021 09:02:26 GMT
content-type
text/html; charset=UTF-8
last-modified
Tue, 11 Feb 2020 13:01:43 GMT
x-xss-protection
1; mode=block
cf-cache-status
HIT
age
129482
expires
Mon, 26 Jul 2021 09:02:26 GMT
cache-control
public, max-age=2678400
cf-request-id
0ae4010aec0000323cd933a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
664d0457da54323c-FRA
content-encoding
br
c8f7fe3b0e41be846d5687592cf2018ff6e22687.b1d1731c.chunk.css
s.isanook.com/sr/0/_next/static/css/ Frame 23A7 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/c8f7fe3b0e41be846d5687592cf2018ff6e22687.b1d1731c.chunk.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 03:23:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
7115
server
Lego Server
age
25900
etag
W/"60d31b7a-1bcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
1693374421655122349
accept-ranges
bytes
content-length
1665
expires
Sat, 24 Jul 2021 03:23:28 GMT
d65816b2.94c409eda074d64b8cba.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/d65816b2.94c409eda074d64b8cba.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
14f06f756f4875d5b442a5d0420ffbea7e6fdad87b02304d460fb9b82f87adac

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 01:04:03 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 04 Jun 2021 06:09:33 GMT
server
Lego Server
age
0
etag
W/"60b9c39d-109b1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
14045464546331024089
accept-ranges
bytes
content-length
22708
expires
Sat, 17 Jul 2021 01:04:03 GMT
123e19f2.8e7e22347c3c27645b2d.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		376 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/123e19f2.8e7e22347c3c27645b2d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 06:56:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Jun 2021 02:21:46 GMT
server
Lego Server
age
1
etag
W/"60cc033a-5e0f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
4703438655759942630
accept-ranges
bytes
content-length
108222
expires
Thu, 22 Jul 2021 06:56:47 GMT
a7e7d9dd.55546d0227557c116e7d.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		276 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/a7e7d9dd.55546d0227557c116e7d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 05:27:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 04 Jun 2021 04:56:31 GMT
server
Lego Server
age
0
etag
W/"60b9b27f-451df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14077377035171901657
accept-ranges
bytes
content-length
68517
expires
Sun, 18 Jul 2021 05:27:01 GMT
JooxPlayer.3ca5368302a2b09a4445.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		259 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/JooxPlayer.3ca5368302a2b09a4445.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
34249dfa77ab32bd7186413cca8cd9ab6f8a4380a70ca430239a5e8621a27953

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 03:42:44 GMT
server
Lego Server
age
16
etag
W/"60d3ff34-40bc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11387784158176967212
accept-ranges
bytes
content-length
90369
expires
Sat, 24 Jul 2021 04:25:30 GMT
30cd56ec8b4292fd1d19f6bfd4b67b1689d06305.bd6fdb00664cc180299c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		411 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/30cd56ec8b4292fd1d19f6bfd4b67b1689d06305.bd6fdb00664cc180299c.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4675e01e3e468eea89ea62ddb668821c8fc9848d0abe5d2078ddb95ab45d638c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
420519
server
Lego Server
age
0
etag
W/"60d3ff34-66aa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16225001697151682298
accept-ranges
bytes
content-length
110828
expires
Sat, 24 Jul 2021 04:25:30 GMT
50.9605fcfae5d1a697ac9f.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		1 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/50.9605fcfae5d1a697ac9f.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
526d1b11c53bff7776c18ae3e260c072c0ad424084a337290914af5ac0facc1f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
1446
server
Lego Server
age
0
etag
W/"60d3ff34-5a6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7163765555626762278
accept-ranges
bytes
content-length
662
expires
Sat, 24 Jul 2021 04:25:30 GMT
128.f858d814d24f4f8c70c2.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/128.f858d814d24f4f8c70c2.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f6fd0df45e5f312d62a1a3577dc328cfd9b9965789e5696be957de878af76b3e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:43:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
12694
server
Lego Server
age
51970
etag
"60d40e56-3196"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
13461463519359022302
accept-ranges
bytes
content-length
2532
expires
Sat, 24 Jul 2021 05:43:14 GMT
set
appx.sanook.com/counter/ Frame 23A7 		44 B
114 B 		Script
General
Check archive.org
Download Go to
Full URL
https://appx.sanook.com/counter/set?site_name=news&entry_id=8357734&t=1624611747839&callback=jsonp_1624611747094_17493
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/8c841b5e89ba7853a03b841e97a13b9c5fb9326c.db1b049ee320c7a7c3f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.93.197 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-197.static.asianet.co.th
Software
nginx /
Resource Hash
d03cb8ca4a83d93849ca6e62a45d14914d796fae092a88f2043a468b9a27df9c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
server
nginx
content-type
application/javascript
responsive-voice-1.0.3.min.js
s.isanook.com/sr/0/js/voice/ Frame 23A7 		90 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 22:10:06 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:13 GMT
server
Lego Server
age
0
etag
W/"60c9855d-16928"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5293793033737835556
accept-ranges
bytes
content-length
23390
expires
Fri, 16 Jul 2021 22:10:06 GMT
/
graph.facebook.com/ Frame 23A7 		202 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/cf89254f3b62bfcd72d40b69e1600b42e9852816.8b870b2e2aaff3624f9b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004037114
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
148
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
YvO1RvaNeZKB49SU+FQbQZYET1/BvbDNm4c7CXAVmTfvGuX6OhjN6aNBz+jPIW1AfqZ7cs6rti18Gk1YZT2Yfg==
x-fb-trace-id
CAC3Fnidz5H
date
Fri, 25 Jun 2021 09:02:27 GMT
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AdBKpn7n6uk1TBNjCmR4c3l
cache-control
no-store
facebook-api-version
v3.3
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame 23A7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.6db4a8ec5e94a78e2b5c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb1b82d375fd2dc57cd886ddbe12dff0c5327b4f9eaffd7d6743596c5f6e41e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
EUz6+OMHSvubbnlQq+SWMg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
wG4py33sKCXSEjfhPxyKDN67/RDY/6KBahoAByS1gY85Li4/e6uGNE2Uv5a9SEWHDxPzs7XGQNCslK2uHMvJbA==
x-fb-trip-id
686109401
x-fb-content-md5
bc8ec88b3fbda0aab65d4279992d3715
x-frame-options
DENY
date
Fri, 25 Jun 2021 09:02:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ed3514a140b4324f39db787499205e8f"
timing-allow-origin
*
expires
Fri, 25 Jun 2021 09:15:17 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 8593 		236 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.168 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

:method
GET
:authority
p3.isanook.com
:scheme
https
:path
/jo/0/mu/evt/_cross_storage/ex/hub.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

content-type
text/html
vary
Accept-Encoding
date
Fri, 25 Jun 2021 09:02:21 GMT
x-page-speed
1.13.35.2-0
cache-control
no-cache, max-age=0
age
5
accept-ranges
bytes
server
Lego Server
x-cache-lookup
Cache Miss Hit From Inner Cluster
content-encoding
gzip
content-length
192
x-nws-log-uuid
10761425088071170926
/
api.u1sf.com/geoip2/code/ Frame 23A7 		154 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.u1sf.com/geoip2/code/?callback=jsonp_1624611747109_6141
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/8c841b5e89ba7853a03b841e97a13b9c5fb9326c.db1b049ee320c7a7c3f9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.94.198 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-198.static.asianet.co.th
Software
/
Resource Hash
e3cff8676d519b035664f8abac49aeb916098c81bc392b9fd6c728933120ed1d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Fri, 25 Jun 2021 09:02:28 GMT
Age
0
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=900, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
154
138.209602ae3c302346a3ce.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/138.209602ae3c302346a3ce.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ffa970c77ba7493f0566a17443539f56200a2bd93781acf82ec0b77cb106e19e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 03:42:44 GMT
server
Lego Server
age
30
etag
W/"60d3ff34-12a0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
161033788308223060
accept-ranges
bytes
content-length
1773
expires
Sat, 24 Jul 2021 04:25:30 GMT
48.8c3e0aeee3641a466352.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/48.8c3e0aeee3641a466352.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-d5c9dfd90ff5a41796bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
9f022d21dbd014c80281cb2ad63c5d9590299cdec9e178955cdda4a91bf7adb2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 04:25:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
11176
server
Lego Server
age
0
etag
W/"60d3ff34-2ba8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1674092314924322587
accept-ranges
bytes
content-length
1753
expires
Sat, 24 Jul 2021 04:25:31 GMT
translator
hbopenbid.pubmatic.com/ Frame 23A7 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads.json
s.isanook.com/sh/0/ad/ Frame 23A7 		142 B
360 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/ads.json?v=13538431
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:07:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 02 Nov 2020 03:55:07 GMT
server
Lego Server
age
0
etag
"5f9f831b-8e"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10304636557297333711
accept-ranges
bytes
content-length
142
expires
Sun, 25 Jul 2021 08:07:36 GMT
cdb
bidder.criteo.com/ Frame 23A7 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=87709104883
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ Frame 23A7 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=96667273706
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ Frame 23A7 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=53119248828
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 23A7 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 23A7 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=51528168089
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
abbreviationv2.min.json
s.isanook.com/sr/0/textToSpeech/ Frame 23A7 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/textToSpeech/abbreviationv2.min.json?t=25062021
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 13:01:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:10:02 GMT
server
Lego Server
age
0
etag
"60c30c4a-38e8"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17573351319109293159
accept-ranges
bytes
content-length
2550
expires
Thu, 15 Jul 2021 13:01:42 GMT
widget-sanookcom-news.js
code.th.giraff.io/data/ Frame 23A7 		203 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.th.giraff.io/data/widget-sanookcom-news.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/020cd5d262709bc287d6bc66b74b8155d61ed021.e4725ddb2c84cda01172.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3f7e7a2f6a5550346242522fc341b2baa4d93b28a8b7d3b435df2b760e11fa

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Jun 2021 12:15:16 GMT
server
cloudflare
age
51
etag
W/"60cb3cd4-32c63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
cf-ray
664d045bdb134a68-FRA
cf-request-id
0ae4010d6900004a6838ae7000000001
expires
Fri, 25 Jun 2021 09:02:36 GMT
c
sal.isanook.com/sa/ Frame 23A7 		35 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=1509119271&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&dr=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&dp=%2Fnews%2F8357734%2F&ul=en-us&de=UTF-8&dt=%E0%B8%AB%E0%B8%99%E0%B8%B8%E0%B9%88%E0%B8%A1%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B8%A2%E0%B8%87%E0%B9%83%E0%B8%AB%E0%B8%A1%E0%B9%88%20%E0%B8%8B%E0%B8%B4%E0%B9%88%E0%B8%87%E0%B8%A1%E0%B8%AD%E0%B9%80%E0%B8%95%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%84%E0%B8%8B%E0%B8%84%E0%B9%8C%E0%B8%8A%E0%B8%99%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%96%E0%B9%80%E0%B8%81%E0%B9%8B%E0%B8%87%20%E0%B8%A3%E0%B9%88%E0%B8%B2%E0%B8%87%E0%B8%A5%E0%B8%AD%E0%B8%A2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B9%81%E0%B8%97%E0%B8%81%E0%B8%9E%E0%B8%B7%E0%B9%89%E0%B8%99%E0%B8%94%E0%B8%B1%E0%B8%9A%20%E0%B8%A3%E0%B8%96%E0%B8%9E%E0%B8%B1%E0%B8%87%E0%B9%80%E0%B8%A5%E0%B8%B0%E0%B8%88%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%A3%E0%B8%B9%E0%B9%89%E0%B8%A2%E0%B8%B5%E0%B9%88%E0%B8%AB%E0%B9%89%E0%B8%AD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SAAAAAABC~&cid=undefined&tid=SA-8147095-6&cd4=0&cd8=b&z=1177845997
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-132.static.asianet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
server
nginx
content-type
image/gif
cache-control
no-cache, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
35
expires
Thu, 01 Jan 1970 00:00:01 GMT
category.js
s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/common/ Frame 23A7 		0
153 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/common/category.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-a6859"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12246369354503084641
accept-ranges
bytes
content-length
156095
expires
Sat, 24 Jul 2021 05:02:22 GMT
9d437c69cc20c37e37652aec42e1300ea80190be.1d9b70f85cfb1b702a70.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/9d437c69cc20c37e37652aec42e1300ea80190be.1d9b70f85cfb1b702a70.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3ea30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5881719193650887437
accept-ranges
bytes
content-length
26021
expires
Sat, 24 Jul 2021 05:02:18 GMT
4dc270ed147e56e8fbb687252342c66dcf3c4331.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4dc270ed147e56e8fbb687252342c66dcf3c4331.02e73207f7dab7fbde40.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13291767781520587462
accept-ranges
bytes
content-length
5447
expires
Sat, 24 Jul 2021 05:02:18 GMT
0c9b7899ce57ea28ea43c3b3c3f219012b490045.70fd9ee40d6fa0cf0e38.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0c9b7899ce57ea28ea43c3b3c3f219012b490045.70fd9ee40d6fa0cf0e38.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:48:24 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"60d40e56-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4947979347650423359
accept-ranges
bytes
content-length
4588
expires
Sat, 24 Jul 2021 05:48:24 GMT
2eaa13c4dc5b4d6bdb99ea87ad4a8cd0eb4e8607.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2eaa13c4dc5b4d6bdb99ea87ad4a8cd0eb4e8607.8c7201dca81875cd9bba.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
885929706480765464
accept-ranges
bytes
content-length
3936
expires
Sat, 24 Jul 2021 05:02:18 GMT
dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
45 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dbc8007f4f3356f5e8569aebba90592d5137d62f.901184d07d2ed5be15bd.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:42:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
217498
server
Lego Server
age
0
etag
W/"60d40e56-3519a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1055915302145790481
accept-ranges
bytes
content-length
46209
expires
Sat, 24 Jul 2021 05:42:01 GMT
05cac3a6926197d22062b4c7446ac14202f6c842.6fe0d2db4ad1278b3e1b.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/05cac3a6926197d22062b4c7446ac14202f6c842.6fe0d2db4ad1278b3e1b.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3c2a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16499476469902870020
accept-ranges
bytes
content-length
3643
expires
Sat, 24 Jul 2021 05:02:18 GMT
4781b2a8b3928b072d145d1cf2b976331d469d25.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4781b2a8b3928b072d145d1cf2b976331d469d25.373763efdd431ed68264.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:17 GMT
server
Lego Server
age
0
etag
W/"60d40e55-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16421566625962663452
accept-ranges
bytes
content-length
8443
expires
Sat, 24 Jul 2021 05:02:18 GMT
8b8a847e507f4ab3d008b81197223fdebbfda0db.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8b8a847e507f4ab3d008b81197223fdebbfda0db.1c26ec41cba2d9195163.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
16108628372920514318
accept-ranges
bytes
content-length
2691
expires
Sat, 24 Jul 2021 05:02:18 GMT
4909abdef241a9aae5745838bd7e67d0d2f37d3d.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4909abdef241a9aae5745838bd7e67d0d2f37d3d.99c2898dcbff2a789c9c.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17841468280921570253
accept-ranges
bytes
content-length
5530
expires
Sat, 24 Jul 2021 05:02:18 GMT
21f9507b8238fefee9dcfcab7523ee34f0f5da20.4529e8cca0c5a421c4f0.js
s.isanook.com/sr/0/_next/static/chunks/ Frame 23A7 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/21f9507b8238fefee9dcfcab7523ee34f0f5da20.4529e8cca0c5a421c4f0.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-3540"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15160525365145284335
accept-ranges
bytes
content-length
3450
expires
Sat, 24 Jul 2021 05:02:22 GMT
category.js.b1d1731c.chunk.css
s.isanook.com/sr/0/_next/static/css/static/qOvL723Ats_7yRx7dAtrd/pages/common/ Frame 23A7 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/static/qOvL723Ats_7yRx7dAtrd/pages/common/category.js.b1d1731c.chunk.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-792137066069f4bd9ec1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:02:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:18 GMT
server
Lego Server
age
0
etag
W/"60d40e56-1bcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16860521223220197273
accept-ranges
bytes
content-length
1707
expires
Sat, 24 Jul 2021 05:02:22 GMT
translator
hbopenbid.pubmatic.com/ Frame 23A7 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
sdk.js
connect.facebook.net/en_US/ Frame 23A7 		251 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e69a3bfa41382501c8f8c7f38ce4861d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3785a4240ab5f25b058e4f35b0e8cf9734533ef8a13652bd2e86158f89a9c9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Al7gHjkwY3DJ0mTKL8MWxg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75745
x-fb-rlafr
0
x-fb-debug
EPc0P0bTr4pwe+eTpIITPuHP8B9QFgMeANbSvsekNcwPIp/7IdwHKov+GzvaJqvZbgPrJ3bFbKoxoTzNNyjo+g==
x-fb-content-md5
74ae5da97005197131f1fec6374121d6
x-frame-options
DENY
date
Fri, 25 Jun 2021 09:02:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"96c35b7e258fde60ede43d8f8d57e8ec"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 25 Jun 2022 08:31:34 GMT
integrator.js
adservice.google.de/adsid/ Frame 23A7 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 23A7 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 23A7 		378 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792496657349437&correlator=1842868076471596&output=ldjh&impl=fif&eid=21068030%2C31060400%2C31060976&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cinviewadrequest&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C640x360&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611747&dt=1624611747222&dlt=1624611744474&idt=1313&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=1200&adys=1400&adks=1367402687&ucis=1nq8r6eciihh&ifi=1&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&top=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=400x-1&msz=400x-1&ga_vid=843376716.1624611745&ga_sid=1624611747&ga_hid=1907231560&ga_fc=false&fws=768&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
989071c13646fa049dd59ef2e0d0f402634df81ebc7a8f716de7dd73462bd045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
160
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f6f7b8880998c6e782e171eed9fb6d83.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D825 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6f7b8880998c6e782e171eed9fb6d83.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f6f7b8880998c6e782e171eed9fb6d83.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 25 Jun 2021 09:02:27 GMT
expires
Sat, 25 Jun 2022 09:02:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ Frame 23A7 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792496657349437&correlator=2149965819261423&output=ldjh&impl=fif&eid=21068030%2C31060400%2C31060976&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611747&dt=1624611747231&dlt=1624611744474&idt=1313&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2513669353&ucis=kjw65eemflnd&ifi=2&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&top=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=843376716.1624611745&ga_sid=1624611747&ga_hid=1907231560&ga_fc=false&fws=384&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
336a8070cf861168333e57513361ed3e9024afcf90817af10085a829eb1fd610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4078
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138336206208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame D9CC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76053
expires
Sat, 26 Jun 2021 06:10:00 GMT
date
Fri, 25 Jun 2021 09:02:27 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame E4F7 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76053
expires
Sat, 26 Jun 2021 06:10:00 GMT
date
Fri, 25 Jun 2021 09:02:27 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 96BB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=76053
expires
Sat, 26 Jun 2021 06:10:00 GMT
date
Fri, 25 Jun 2021 09:02:27 GMT
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ Frame 23A7 		376 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792496657349437&correlator=3433321113552301&output=ldjh&impl=fif&eid=21068030%2C31060400%2C31060976&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cinviewarticle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=640x480%7C300x250%7C640x360%7C336x280%7C320x480&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611747&dt=1624611747258&dlt=1624611744474&idt=1313&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=299&adys=2171&adks=3907713653&ucis=myg4twqhmk1a&ifi=3&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&top=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=728x0&msz=728x0&ga_vid=843376716.1624611745&ga_sid=1624611747&ga_hid=1907231560&ga_fc=false&fws=256&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
4a26b581c8ec99e60bc585188b8cdcd333b5f425a4a3cfd7a2bed68d3251f733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 23A7 		139 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
61265bfbc4981194febb25fce76c56e2b02bc96c07525aef930ef8ceb92d55ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:27 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
57ad69f4-2b3d-4c59-b2da-9b00ddead1bd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 23A7 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
tencentth-d.openx.net/w/1.0/ Frame 23A7 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=c76cf738-40cc-4dc9-9e61-1c6dfe038b39&nocache=1624611747270&aus=300x250%2C320x50%2C257x240%2C300x125&divIds=rgpt-reca-4&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
7ee369291548a549b30c7cdd09a1c1f9654635d81f03d41cf2d64f43a868238d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 23A7 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219c31b9a3995df8%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2F60d59a636ee0c.agencecw.com%2F%22%2C%22page%22%3A%22http%3A%2F%2F60d59a636ee0c.agencecw.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222058a7c667510b6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2221d1cae694edee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2222ac12964affe47%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22257x240%22%7D%2C%22banner%22%3A%7B%22w%22%3A257%2C%22h%22%3A240%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2223af1edfa58d237%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e7e1c88ee94b3ac2a8a1dff5f63f8ae1cd52c1745668a2acdebbaa070aa2ddad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[193.228.193.51], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 25 Jun 2021 09:02:27 GMT
bid-request
a.teads.tv/hb/ Frame 23A7 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 25 Jun 2021 09:02:27 GMT
/
as.innity.com/synd/ Frame 23A7 		896 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1624611747274&ver=2&hb=1&output=js&pub=413&zone=64696&url=http%253A%252F%252F60d59a636ee0c.agencecw.com%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=27a29069e78e906&auction=2d1948ce-06af-4b9b-b742-e3f24cee0db5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
67b98323ad232bcdd9e50cb2ca6fe789af69eafce5787a7660fa81e242b26851

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 09:02:28 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
493
Expires
Sat, 03 Sep 1983 02:00:00 GMT
hb
rtb-eu.andbeyond.media/ Frame 23A7 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:27 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
events
bidder.criteo.com/csm/ Frame 23A7 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 23A7 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 20 Jun 2022 09:02:27 GMT
pixel.gif
static.criteo.net/images/ Frame 23A7 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 20 Jun 2022 09:02:27 GMT
/
as.innity.com/synd/ Frame 23A7 		895 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1624611747279&ver=2&hb=1&output=js&pub=413&zone=64738&url=http%253A%252F%252F60d59a636ee0c.agencecw.com%252F&width=728&height=90&vpw=1600&vph=1200&callback=json&callback_uid=3104bee7ac3bb35&auction=b22f3ce5-6d1d-4db8-8edd-1c39988d6fa7
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
e4db55b5e08e951509dc2e04a28eb0755760147fee7c0a64c25ffa40c4b58aeb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 09:02:28 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
493
Expires
Sat, 03 Sep 1983 02:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 23A7 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 23A7 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575408&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22343924a9205c3cc%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2F60d59a636ee0c.agencecw.com%2F%22%2C%22page%22%3A%22http%3A%2F%2F60d59a636ee0c.agencecw.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2235588dd954a3621%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575408%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2236d56279699673b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575408%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f1a9a0a8069f13552a55d28742c308fbb5bc0d9c6cbb14bbfbde3db8c90937e1

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[193.228.193.51], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 25 Jun 2021 09:02:27 GMT
bid-request
a.teads.tv/hb/ Frame 23A7 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 25 Jun 2021 09:02:27 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 23A7 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d0db81bef10c1bd6dfdf824a83d1c8df59d0516b6432b72e4906cae06d19be7c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:27 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8851ea69-98a7-46f2-8748-0305f9cb398f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
rtb-eu.andbeyond.media/ Frame 23A7 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136924&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:27 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
arj
tencentth-d.openx.net/w/1.0/ Frame 23A7 		172 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=0ff9226e-41a7-4d73-9e5a-3b1d0b851dff&nocache=1624611747283&aus=728x90%2C468x60&divIds=rgpt-leaderboard-3&auid=542511416
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
5261c0c748c658074b12b3e815a2f8cab76482187eb94e7c1ebe729aadbf5981

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
events
bidder.criteo.com/csm/ Frame 23A7 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:27 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cygnus
htlb.casalemedia.com/ Frame 23A7 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575405&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224530166311fdedb%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2F60d59a636ee0c.agencecw.com%2F%22%2C%22page%22%3A%22http%3A%2F%2F60d59a636ee0c.agencecw.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224686705587e0678%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221130x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1130%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%224736e103010edd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221090x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1090%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%224838538311851ba%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2fb0eb4fb4e2af148ba08a8d7a68c9e860d302095cd9362cb2547f8b3e5b7363

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[193.228.193.51], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 25 Jun 2021 09:02:27 GMT
translator
hbopenbid.pubmatic.com/ Frame 23A7 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ Frame 23A7 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 25 Jun 2021 09:02:27 GMT
arj
tencentth-d.openx.net/w/1.0/ Frame 23A7 		171 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=068a983d-b0d2-47a6-9cd9-90f5e6064646&nocache=1624611747289&aus=1130x250%2C1090x250%2C970x250&divIds=rgpt-billboard-7&auid=542511408
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
741de590e929ede7f7ffba2c9c8c8e3bb7522d051be5d2c848fcd5a183ddf52a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
rtb-eu.andbeyond.media/ Frame 23A7 		32 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136923&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:27 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
32
/
as.innity.com/synd/ Frame 23A7 		860 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1624611747290&ver=2&hb=1&output=js&pub=413&zone=68097&url=http%253A%252F%252F60d59a636ee0c.agencecw.com%252F&width=1130&height=250&vpw=1600&vph=1200&callback=json&callback_uid=586e2be3df306b9&auction=b920f3aa-c43a-4816-a1b1-24b56e6d66f8
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
85da8c886bc1ff2a66901be9ef82b013d0ea8f6ee7aee239e9a461d7497f3eac

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 09:02:28 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
462
Expires
Sat, 03 Sep 1983 02:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 23A7 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0e07310d9d72a6cb6d6f617265bb02f64a2e8654bfc3be2ef8bff14d857d14a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:27 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
87c44515-09ea-498c-ad37-d3edd5221dda
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
events
bidder.criteo.com/csm/ Frame 23A7 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
as.innity.com/synd/ Frame 23A7 		896 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1624611747297&ver=2&hb=1&output=js&pub=413&zone=64717&url=http%253A%252F%252F60d59a636ee0c.agencecw.com%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=62c4f85d03b2773&auction=c48a30e9-a282-4422-8e87-aead792d28e8
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.129.240.178 Jakarta, Indonesia, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
e889b6ae46bcd208ef3e1e531f4ca3a8b9d12989569481e0dceb060d3adbb3f1

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Jun 2021 09:02:28 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
495
Expires
Sat, 03 Sep 1983 02:00:00 GMT
arj
tencentth-d.openx.net/w/1.0/ Frame 23A7 		172 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=8aa1c867-9c96-409f-8dc4-cbbd91ecf96a&nocache=1624611747297&aus=300x250%2C300x600%2C160x600%2C120x600%2C240x400&divIds=rgpt-tower-5&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
30448c4cd66ce6f5a37f2ca7be41a547448ea55a7a0b5ea05fa42ca7805d147c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
server
OXGW/16.209.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/ Frame 23A7 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 25 Jun 2021 09:02:27 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 23A7 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2694784fa31a20a4ff5973cebc0f90a1e39098cfc20939f527a69b076f5e3cca
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:27 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a6de89e2-b42a-4763-aaba-594388f049ce
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 23A7 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226990757da3165a7%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2F60d59a636ee0c.agencecw.com%2F%22%2C%22page%22%3A%22http%3A%2F%2F60d59a636ee0c.agencecw.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227071c21cc77ba3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2271d0f30662882f8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2272cf5f6edcdc49a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2273a3ee6f7884104%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22748d6163c3a0a82%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22240x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A400%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
362786beb43df23611ff62de50a360e54b28dbcc4a458b53b68317e4169a945f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[193.228.193.51], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 25 Jun 2021 09:02:27 GMT
translator
hbopenbid.pubmatic.com/ Frame 23A7 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
rtb-eu.andbeyond.media/ Frame 23A7 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:27 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
events
bidder.criteo.com/csm/ Frame 23A7 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Fri, 25 Jun 2021 09:02:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
advert.gif
code.th.giraff.io/data/ Frame 23A7 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.th.giraff.io/data/advert.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
cf-cache-status
HIT
age
34
content-length
43
cf-request-id
0ae4010dea00004a68ff0ab000000001
last-modified
Wed, 19 May 2021 11:32:03 GMT
server
cloudflare
etag
"60a4f733-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
cf-ray
664d045cadcf4a68-FRA
expires
Fri, 25 Jun 2021 09:02:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9B3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjxgxTu4v9sq-w9DGjbmIsuEtL_qviIwszAh6AQbx7X1tl-JwN0obd8G_OVnpWNQPqUfr2DwZ6XmkTLdDuEnzSMCtBYZEd60VtorLfYr6JxPKvkpNoNdvEBh366NaXII4qlDl2Lrx9ihLBSF94fBzFNfxkL98HT0TDg9nzKvyKQr-0mEVxE6k9suNW4ZLMctIv8YxWzKqrn2n9IGLi95TwmTqCMnKpQBSVgjWT4YPc015kowEU8fq-YWuZ8O8p8PaV7UVxntjjdNvAXtfyX4RzF56xFm1_a9V27uSnH7w006SFEBGZM6qlxHQWDE6Rfl9bWW6haNLywyMRj70NiVcDtTh7&sig=Cg0ArKJSzFPaZlZG_fbeEAE&urlfix=1&adurl=
Requested by
Host: 60d59a636ee0c.agencecw.com
URL: http://60d59a636ee0c.agencecw.com/dr2406/414-smwqyelai.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 25 Jun 2021 09:02:27 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9B3A 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
5a08dd560af21b52e2ac0d2cbcf510db05beeb31d59b25321143217f556b15cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"912 / 802 of 1000 / last-modified: 1624572544"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23740
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B3A 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:27 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 23A7 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469958711216"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:27 GMT
like.php
www.facebook.com/v2.9/plugins/ Frame 9EE0 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e30d1a749af48%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff20f1429e833e8c%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e69a3bfa41382501c8f8c7f38ce4861d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
728b25bfa042c79ed4388ef2a2695829eba53016f642ec5cb5d5ec567f9fe066
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e30d1a749af48%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff20f1429e833e8c%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coep_report"
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v3.3
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
YgS38TuOGrv3S4Xp7CM/DG8sNLHVbkoq0LHVdZY6cR5LiCYUx166fuaCeC01JiZcL/phIowCDWCFW6L7JFflqw==
date
Fri, 25 Jun 2021 09:02:27 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
PugMaster
image6.pubmatic.com/AdServer/ Frame D9CC 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32025384&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
588cc8c63d4b88632f4842cadfd416416fc371874763b62d94defacae2c08dd2

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubads_impl_2021062205.js
securepubads.g.doubleclick.net/gpt/ Frame 9B3A 		326 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Jun 2021 16:13:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116215
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:27 GMT
match
c1.adform.net/serving/cookie/ Frame A157
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:27 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=3587085013363903173; expires=Tue, 24 Aug 2021 09:02:27 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 25 Jun 2021 09:02:27 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sun, 25 Jul 2021 09:02:27 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 861C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5338605195965394625
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5338605195965394625
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5338605195965394625
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; chkChromeAb67Sec=1; DPSync3=1625788800%3A201_197_219%7C1624665600%3A174; SyncRTB3=1625184000%3A2_223_15%7C1625443200%3A63%7C1625875200%3A35%7C1627171200%3A203%7C1625788800%3A234_220_56_71_22_7_54_166_13_3_8_81_21_161
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5338605195965394625; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:26 GMT; path=/ PugT=1624611746; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:26 GMT; path=/
x-lat
amspug001:0:370
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5338605195965394625
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 9721 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 25 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1232
date
Fri, 25 Jun 2021 09:02:26 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 7B11
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977654322079660172
42 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977654322079660172
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977654322079660172
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; chkChromeAb67Sec=1; DPSync3=1625788800%3A201_197_219%7C1624665600%3A174; SyncRTB3=1625184000%3A2_223_15%7C1625443200%3A63%7C1625875200%3A35%7C1627171200%3A203%7C1625788800%3A234_220_56_71_22_7_54_166_13_3_8_81_21_161; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; PugT=1624611746
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6977654322079660172; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:27 GMT; path=/ PugT=1624611747; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:27 GMT; path=/
x-lat
lhrpug007:0:560
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 25 Jun 2021 09:02:27 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6977654322079660172; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6977654322079660172
redir
rtb-csync.smartadserver.com/ Frame C61B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBTFpFN0JxemNBQURjWWZWeFBnUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBTFpFN0JxemNBQURjWWZWeFBnUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAu807BqzcAADptZcDdcw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAu807BqzcAADptZcDdcw&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAu807BqzcAADptZcDdcw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAu807BqzcAADptZcDdcw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 09:02:35 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Fri, 25 Jun 2021 09:02:35 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAu807BqzcAADptZcDdcw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 010D
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_188=3189-no-consent; PUBMDCID=3; KRTBCOOKIE_107=1471-uid:OMXLgx8M1LWHJn5; PugT=1624611753
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:34 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug016:2:226
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=ae131bc2-97b2-4da1-9339-53bf2a7e2b0e; path=/; domain=csync.loopme.me; Expires=Sun, 25-Jul-2021 09:02:34 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Fri, 25 Jun 2021 09:02:34 GMT
server
_
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D9CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zkzgRoXoSFy0SzxYe8L9ow%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:34 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=71244
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sat, 26 Jun 2021 04:49:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=71f960d5-9ba4-4800-bea2-07db6e1a76be
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=71f960d5-9ba4-4800-bea2-07db6e1a76be
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=71f960d5-9ba4-4800-bea2-07db6e1a76be
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 09:02:31 GMT
/
pixel.onaudience.com/ Frame D9CC
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=25574db5612130065a05e126c820e96f
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=25574db5612130065a05e126c820e96f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3181477.ip-146-59-148.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Fri, 25 Jun 2021 09:02:35 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=25574db5612130065a05e126c820e96f
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0U0Q0UwNDYtODVFOC00ODVDLUI0NEItM0M1ODdCQzJGREEz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:34 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:346
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ760JdiiPHDkVvt9CJEI6c&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ760JdiiPHDkVvt9CJEI6c&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:33 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:281
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ760JdiiPHDkVvt9CJEI6c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D9CC 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 24 Jun 2021 09:02:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5740926643490249143
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5740926643490249143
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:695
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5740926643490249143
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&gdpr=0&gdpr_consent=
42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:29 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:450
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 09:02:31 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fb5b0c82-715d-4fe6-b7b5-186d138f2242
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fb5b0c82-715d-4fe6-b7b5-186d138f2242
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:2702
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fb5b0c82-715d-4fe6-b7b5-186d138f2242
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4702087275764383235&gdpr=0&gdpr_consent=
42 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4702087275764383235&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:25 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:456
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:27 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
30ca2530-9888-4fa2-9fc8-cf1cb54d654b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4702087275764383235&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CE4CE046-85E8-485C-B44B-3C587BC2FDA3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D9CC 		43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CE4CE046-85E8-485C-B44B-3C587BC2FDA3?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7c8BpYtE2uXyJS_0dBm3vDIocGDO.l0-~A&gdpr=0&gdpr_consent=
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7c8BpYtE2uXyJS_0dBm3vDIocGDO.l0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 25 Jun 2021 09:02:28 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7c8BpYtE2uXyJS_0dBm3vDIocGDO.l0-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl
42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:26 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:497
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNWbpAACJqxRsgA4&gdpr=0&gdpr_consent=&_test=YNWbpAACJqxRsgA4
1 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNWbpAACJqxRsgA4&gdpr=0&gdpr_consent=&_test=YNWbpAACJqxRsgA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:544
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1624611748.107222,VS0,VE0
x-served-by
cache-fra19127-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YNWbpAACJqxRsgA4&gdpr=0&gdpr_consent=&_test=YNWbpAACJqxRsgA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=3b35d6dc-a553-48e1-9835-fa7db0318442
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=3b35d6dc-a553-48e1-9835-fa7db0318442
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=58c1a386-48e2-4113-82c2-6e3f0eb94471&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3b35d6dc-a553-48e1-9835-fa7db0318442&gdpr=&gdpr_consent=&gdpr_pd=
1 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3b35d6dc-a553-48e1-9835-fa7db0318442&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:29 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:498
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3b35d6dc-a553-48e1-9835-fa7db0318442&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 25 Jun 2021 09:02:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2810120156450293986&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2810120156450293986&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:461
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2810120156450293986&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 25 Jun 2021 09:02:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D9CC
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:331b6fd5-28a2-4300-8530-f9876f416d43&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:331b6fd5-28a2-4300-8530-f9876f416d43&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:393
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:331b6fd5-28a2-4300-8530-f9876f416d43&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 25 Jun 2021 09:02:28 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame D9CC 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
6370e56d-de14-4dd5-969a-0190972a041f
https://www.sanook.com/ Frame 23A7 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sanook.com/6370e56d-de14-4dd5-969a-0190972a041f
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
integrator.js
adservice.google.nl/adsid/ Frame 9B3A 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9B3A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9B3A 		418 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2633301580554160&correlator=78023720669560&output=ldjh&impl=fif&eid=31061018%2C31061661&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=21863666334%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611747&dt=1624611747528&dlt=1624611747320&idt=202&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=1033481451&ucis=ggazwx8v8fnl&ifi=1&ifk=24158578&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&top=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1756177537.1624611748&ga_sid=1624611748&ga_hid=1977814148&ga_fc=false&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
1d767acd2407e797634484041c000f8a5b1e351e1a3600c0417556dfa7d42088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22633
x-xss-protection
0
google-lineitem-id
5546075965
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138331849821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bce22fbd3e8dadaac5d2798ba6f6e7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bce22fbd3e8dadaac5d2798ba6f6e7bb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bce22fbd3e8dadaac5d2798ba6f6e7bb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 25 Jun 2021 09:02:27 GMT
expires
Sat, 25 Jun 2022 09:02:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 8593 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.168 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2966427924946596069
accept-ranges
bytes
content-length
2483
view
securepubads.g.doubleclick.net/pcs/ Frame 9B3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4-YbwuVI6J15ZsnwHdXuVyXS5fREW0FYIRyySJhG7AzGDZLqT1EHmwtVPauyGx9Fq1Re5gfi6y4MHI_6tgXn6KtW6Em8xbiqTkqaCwCe1_ilFX041N-uU9lihb9EED01LOkRioqI5MaylQzw7w6VLIDAQVCobEj6TmGLPPLf7OfjmN94-kz61Y5s_WZ2ET6-sfbMEtnfBEgMWsIVgM1EXUx11Gff4InJFzZugWGkddBmVQ8m2SVzMVMXPeZ-GmgeCQOCLwIQPUIZuw2QFq7dMqJX1_25j7I3vJxJtw0Uvn-eSO5Ganr4-X4fOXDZmWulo_dQMgyJEHeDWrPzIuLOa4fX1N1c&sig=Cg0ArKJSzA-CWokHieS9EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 25 Jun 2021 09:02:27 GMT
617.json
id5-sync.com/g/v2/ Frame 23A7 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p13.id5-sync.com
Software
/
Resource Hash
9c5a5d2d877843e5e94d777a7ad35d0892b88914c5faab8f563d5b7605809660
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Fri, 25 Jun 2021 09:02:27 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 23A7 		154 B
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f2d94e76a104b552574a0090853139b9c64321740b4da17cc30938cccafd0e3d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.21.156
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ Frame 23A7 		109 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
e432b66935ad0ce548868c0768ab8cd609ecff5b6017f484301196d2a6f57101

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 25 Jul 2021 09:02:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4A45 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSQ_lg-W15ugITOE4R8Oe5MyroyTd-wdLdEZwH2k1td0q5AYLbLDCOAmzeoFeIMJvSUGzS-d_GxoXrTgIqWsrUvkaCyVrJjRtSnl0Kco7ZXa0hTieKEXIByPmGjfdQv2PtAepJzNA4emcgxLLdrxyO6SVdvESeM9EPU71IHDdaf_orwOGe1cWKYU4vntS-Hj3Vss76pilZDYp41ZYaLgmIeZgfSfd3gdsZSKuqh-fyN3sW3bdCl496HxJTvhIFmpc0I6ZlFQqloIWf2vfLPr1uSnP-8poB7q6OdiWD6QECivlZPmeeOggjtDB6&sig=Cg0ArKJSzF8fLPE17ua3EAE&urlfix=1&adurl=
Requested by
Host: 60d59a636ee0c.agencecw.com
URL: http://60d59a636ee0c.agencecw.com/dr2406/414-smwqyelai.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 4A45 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jun 2022 08:21:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A45 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469964731542"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38558
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:27 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 9B3A 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624469958711216"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9B3A 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062205&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93e3f8018cecf054a8c0a2db1e0987f5dc53cb73ac5cf046051a198880c87649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8571
x-xss-protection
0
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY1NC84MjczNTM0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoNDguanBn.jpg
s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/ Frame 23A7 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY1NC84MjczNTM0L3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAoNDguanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ac1716468e92e7f66d6720acf96132e7ff1f1d5d45517a1ff4527e96ee3186bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 23:06:59 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
126042434090461134
accept-ranges
bytes
content-length
18845
expires
Tue, 20 Jul 2021 23:06:59 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY1Ni84MjgyNjAyL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/ Frame 23A7 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w350h210/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY1Ni84MjgyNjAyL3Nhbm9va190aHVtYm5haWxfMTIwMHg3MjAtMi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
653a4e12d09d03b72922721183af52159f5942cdafdcfb10998a9b155943a203

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 23:06:59 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8085153222729045036
accept-ranges
bytes
content-length
19736
expires
Tue, 20 Jul 2021 23:06:59 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY2OC84MzQ0MDQyL21vbTguanBn.jpg
s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/ Frame 23A7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTY2OC84MzQ0MDQyL21vbTguanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a4148beda0bd8d0202f20db810aa194a5a8b49bdc430a217d3d14ebcbdea2be0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 06:18:42 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4253549679963981488
accept-ranges
bytes
content-length
12979
expires
Sun, 18 Jul 2021 06:18:42 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTU5MS83OTU4ODE4L3Nhbm9va190aHVtYm5haWxfNzI4eDQzNyg0OSkuanBn.jpg
s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/ Frame 23A7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTU5MS83OTU4ODE4L3Nhbm9va190aHVtYm5haWxfNzI4eDQzNyg0OSkuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2036793458cbb7533a464ef19f0232632cac7eaaadb37523c8f181d6b15d100b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 20 Jun 2021 17:37:25 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4518073520880564066
accept-ranges
bytes
content-length
12075
expires
Tue, 20 Jul 2021 17:37:25 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTU5Ni83OTgyODEwL2FjY2lkZW50LmpwZw==.jpg
s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/ Frame 23A7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/ns/0/rp/rc/w258h155/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL25zLzAvdWQvMTU5Ni83OTgyODEwL2FjY2lkZW50LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
0701539536ae365a201af6f56d9395dedb157854942c831daaab161c0373aabe

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 10:05:23 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8794839216078180486
accept-ranges
bytes
content-length
11994
expires
Fri, 23 Jul 2021 10:05:23 GMT
logo-sanook-app02.svg
s.isanook.com/sr/0/images/icon/ Frame 23A7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/logo-sanook-app02.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 14:18:51 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 13:11:33 GMT
server
Lego Server
age
0
etag
W/"60d48485-183b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
16429268304568154591
accept-ranges
bytes
content-length
6203
expires
Sat, 24 Jul 2021 14:18:51 GMT
ico-ios.svg
s.isanook.com/sr/0/images/icon/ Frame 23A7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-ios.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:36:33 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 10:11:18 GMT
server
Lego Server
age
0
etag
W/"60d45a46-b27"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
11061201902095891527
accept-ranges
bytes
content-length
2855
expires
Sat, 24 Jul 2021 10:36:33 GMT
ico-android.svg
s.isanook.com/sr/0/images/icon/ Frame 23A7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-android.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 09:05:34 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 16 Jun 2021 04:59:58 GMT
server
Lego Server
age
20170
etag
W/"60c9854e-12a2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
3800832496208448916
accept-ranges
bytes
content-length
4770
expires
Fri, 16 Jul 2021 09:05:34 GMT
speech.gif
s.isanook.com/sr/0/images/icon/ Frame 23A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/speech.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 15:33:22 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"60c9854e-60d"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
3454037688401003472
accept-ranges
bytes
content-length
1549
expires
Fri, 16 Jul 2021 15:33:22 GMT
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 9EE0 		400 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e30d1a749af48%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff20f1429e833e8c%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e30d1a749af48%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff20f1429e833e8c%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
eA1V1rkaGyOaHvtHwObCBxVeQE5AKr6FK3EecdVrnaveHii+qpnjGb2OKSIZ+1jaHdmFg56ROnvYfnraycu1Jw==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Tue, 15 Jun 2021 06:48:15 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
400
x-fb-rlafr
0
expires
Wed, 15 Jun 2022 06:48:15 GMT
fg6D1xdVKKo.js
www.facebook.com/rsrc.php/v3iEpO4/yp/l/en_US/ Frame 9EE0 		510 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yp/l/en_US/fg6D1xdVKKo.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e30d1a749af48%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff20f1429e833e8c%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c91f2120eec92dac8f5b68e488ce4ba750c005018966b6e21b347bcdb9a9757
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e30d1a749af48%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff20f1429e833e8c%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PlBorUMz+uUCFz+Lh+QB2Q==
cross-origin-resource-policy
cross-origin
content-length
136837
x-fb-rlafr
0
x-fb-debug
Cra9a1subFhPpR6ayRfdjJk1mWqJpW+HC1tPiNsAWyuCg9VCUk2zJrcflDHCPT+hjsYN2ay6zSNtSduO5GiYHg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 24 Jun 2022 23:20:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9B3A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4A45 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB26R1kjNAI_n9EfX1o_KhUazTY3pDJUUw2CkfDhB-dCjpAlF2Sj2OR2RiNXfGUSM84dwCc3K7gDjkLzzr0wwOw_t45HI6M4N18vFB8ygyiUtLqaahzP4jy5oXTA_fwnxzelcE66pS2edhhbcBkqmMeBLLyfinUJ3kELP9oal4pQ9PKU5snYVNlyBHIv8luRwpLQx0V2nL-rOw_vw33fq6xpXJLCLa6NEYwPfdTjm0mqo4CMOSgSoSeQAVatyEE7BgnUt4VeZ4UUPzS6HfMWaltqts1CzhXRcmgMyAmUCEUI3BTbJC975Cn4moPsc&sig=Cg0ArKJSzPkqVtPV1L9cEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 25 Jun 2021 09:02:27 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 9EE0 		67 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1624611747719&t_start=1624611747719&t_domcontent=1624611747759&t_layout=1624611747821&t_onload=1624611747821&t_paint=1624611747821&t_creport=1624611747821&t_tti=1624611747759&lid=6977654323882136311-0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v2.9/plugins/like.php?action=like&app_id=1675028022749749&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e30d1a749af48%26domain%3Dwww.sanook.com%26origin%3Dhttps%253A%252F%252Fwww.sanook.com%252Ff20f1429e833e8c%26relation%3Dparent.parent&color_scheme=light&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fsanooknews%2F&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=small&width=270
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
RGdSepN8ah6s3VoLfrORyD/ygjQaRaTYn6WNYGsdkgjXA5onfdT2SJDKnTDZ89bfrehbPnlTu7EHYW/CgWy/lA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 25 Jun 2021 09:02:27 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7666 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 25 Jun 2021 08:27:10 GMT
expires
Sat, 25 Jun 2022 08:27:10 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2117
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9C64 		783 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0794ae1f67e073425a2e3d531b7e4a1540684e95e86812c661b974c3e261eaf6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ajc9PTI2Ux3ML+yOme69/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Fri, 25 Jun 2021 09:02:27 GMT
date
Fri, 25 Jun 2021 09:02:27 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Ajc9PTI2Ux3ML+yOme69/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
pagead2.googlesyndication.com/bg/ Frame 7666 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 09:41:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
170481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5744
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 09:41:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B3A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021062205&jk=2633301580554160&bg=!Z2SlZCDNAAYo4NJEKOA7ACkAdvg8WkxWc5Eo4TH9Fp9Q32Z4hlePRWXHY0-8UDcnlAhfQZIeqKdGaQIAAABYUgAAAAtoAQcKAHULfZvCHlGXjkXgWcN1jRQoRWfZaIkqrV8mJlNQ-kGSdhLNX3s44Vvv7Z40_aEt3LoiQnP2Akx_0M_raAgx29pTQg95syLXzWujJwvlXxS4oXCrKnOy6bzjaOWhXhZIPcbC63AgxDvRTSaJvE_MEkccLNVa6sqZAqcIpTPZC22-5At11LEfHemtXdoK_Q2uqURa-Flj7SF0evjEPCqpdtTU4rCYXBbKDXwou-r2dFea07IVqJEzRlIBXqkrYWMExICXvxhKvlXHEzgyBNmOkeraRcKYtH8JnhwKfjwz13Yd1TmiIlsBfTgdnzlQBI9QonvoLabdTlC9ocgHq00ZIRRHFOsoQPQSAjtd6ZIwMss4KVskK2AcoxPtd46KcVol1q_iEJKLAor4dbBLq0KASzdxrWcA5KbsRSFluXRF8UMeA_43pSdl5iXtz8YI7C0X-8wOIbyvXSddMrUWhs4ac8c7ZnEeSufp9-pxe1eGeQjzvighc1fNckS_2CNEiCbzAoExXjH2w_7iR9PqTdTAeSJWhyTBQ2-7faxH6kcdPe694DliMJbjPzwaRTUY9XfvhKTm6QT8Z-kefqgTtAYvOUexuhjSVic9yZc86GeGqwbNQesLB9YqA8rmQbs7r0QEoz5BfImSDgRsCuDephiMYcCb7i-QwVARFVhbobCOnk-rUP2b_1OQz6H1fNj-QRoznHKq5tg8UcynszF8dAO-GwaS8Ml5GPovH_7VXDPMgBdbpmXnlBjAuRS5iE8BzxsmFAFCqCaBeHkn1itxC568E1efpTQBs95qwDPukYRTEJrjkwxUlcmX8zpg4unvTkbAMylk8nXoA5MBRAaYeuCyBGIuOOid0bzqsxW7hf7vzfdnjNhFH6gw3Wicj5j3NZ3CiqUBCoOzp1ipFrN0cUEXVgZUSNklOgmzsV18htR-qHxRHA61RCgpz5qKMHt0fUKMfXUTvVXNOTuYoAAlJ0hr30jSRSP833A6gR-rZap3t82yMA-KYJbqQfmEwoDMdxTGOh2D0PImIaFsPr789rJciuP4fCMHr1NS8p_dWCYbilsb
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 23A7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 23A7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 23A7 		367 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792496657349437&correlator=440350468811385&output=ldjh&impl=fif&eid=21068030%2C31060400%2C31060976&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C320x50%7C257x240%7C300x125&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611748&dt=1624611748101&dlt=1624611744474&idt=1313&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=1045&adys=815&adks=3064416212&ucis=8sxqzql6hn6a&ifi=4&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&top=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&psts=AGkb-H-BsCiyIXvNaOQUXFwYHVWusl0WZ2AwMXkKnssG_qlXFqtqicdrKj_No2NkcqVIfHdR879gRlEoAA7bum3hN-HWrS4CkCxxPnhyqs4LkEvG6C2C5d7Y5vs%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=843376716.1624611745&ga_sid=1624611747&ga_hid=1907231560&ga_fc=false&fws=256&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
d65cc53403d6178f09ee41f1f9b1cdbe4022086d4376db094ac65d41e84f1ca1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 18F9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame BEFC 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
8f9baacfc21b69f1e4e65f9a93fc0ed623e2bc26b62b8e7e173ad7e4aacb9fa2

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=740afe16-4312-0eda-3e75-1c943298d3a1|1624611747
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=740afe16-4312-0eda-3e75-1c943298d3a1|1624611747; Version=1; Expires=Sat, 25-Jun-2022 09:02:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624611748|gekin0vNiygu; Version=1; Expires=Sat, 10-Jul-2021 09:02:28 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Jun 2021 09:02:28 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame EC54 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
8f9baacfc21b69f1e4e65f9a93fc0ed623e2bc26b62b8e7e173ad7e4aacb9fa2

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=740afe16-4312-0eda-3e75-1c943298d3a1|1624611747
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=740afe16-4312-0eda-3e75-1c943298d3a1|1624611747; Version=1; Expires=Sat, 25-Jun-2022 09:02:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624611748|gekin0vNiygu; Version=1; Expires=Sat, 10-Jul-2021 09:02:28 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Jun 2021 09:02:28 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame 39F6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIvrdKEAoYASABKAEwo7fWhgY4AUABSAEQo7fWhgYYAA..; uuid2=4702087275764383235
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 26 Jun 2021 09:02:30 GMT
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 90BC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame B122 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
8f9baacfc21b69f1e4e65f9a93fc0ed623e2bc26b62b8e7e173ad7e4aacb9fa2

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=740afe16-4312-0eda-3e75-1c943298d3a1|1624611747
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=740afe16-4312-0eda-3e75-1c943298d3a1|1624611747; Version=1; Expires=Sat, 25-Jun-2022 09:02:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624611748|gekin0vNiygu; Version=1; Expires=Sat, 10-Jul-2021 09:02:28 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Jun 2021 09:02:28 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame C33E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIvrdKEAoYASABKAEwo7fWhgY4AUABSAEQo7fWhgYYAA..; uuid2=4702087275764383235
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 26 Jun 2021 09:02:30 GMT
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 686B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIvrdKEAoYASABKAEwo7fWhgY4AUABSAEQo7fWhgYYAA..; uuid2=4702087275764383235
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 26 Jun 2021 09:02:30 GMT
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F265 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 5E4B 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
8f9baacfc21b69f1e4e65f9a93fc0ed623e2bc26b62b8e7e173ad7e4aacb9fa2

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=740afe16-4312-0eda-3e75-1c943298d3a1|1624611747
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=740afe16-4312-0eda-3e75-1c943298d3a1|1624611747; Version=1; Expires=Sat, 25-Jun-2022 09:02:28 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1624611748|gekin0vNiygu; Version=1; Expires=Sat, 10-Jul-2021 09:02:28 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.209.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Jun 2021 09:02:28 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 042A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame BB5E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIvrdKEAoYASABKAEwo7fWhgY4AUABSAEQo7fWhgYYAA..; uuid2=4702087275764383235
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 26 Jun 2021 09:02:30 GMT
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ Frame 23A7 		372 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792496657349437&correlator=3333038108063078&output=ldjh&impl=fif&eid=21068030%2C31060400%2C31060976&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1130x250%7C1090x250%7C970x250&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611748&dt=1624611748159&dlt=1624611744474&idt=1313&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=255&adys=75&adks=4183536285&ucis=nl425lm4e7nw&ifi=5&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&top=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=1090x-1&msz=1090x-1&psts=AGkb-H-BsCiyIXvNaOQUXFwYHVWusl0WZ2AwMXkKnssG_qlXFqtqicdrKj_No2NkcqVIfHdR879gRlEoAA7bum3hN-HWrS4CkCxxPnhyqs4LkEvG6C2C5d7Y5vs%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=843376716.1624611745&ga_sid=1624611747&ga_hid=1907231560&ga_fc=false&fws=260&ohw=1090
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
eef613ec7ef4624d7bbc3a660a357dd87ccd6473ae0d4fbb2012f0b527fb31ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 23A7 		373 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792496657349437&correlator=605769274869920&output=ldjh&impl=fif&eid=21068030%2C31060400%2C31060976&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Cleaderboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C468x60&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611748&dt=1624611748166&dlt=1624611744474&idt=1313&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=255&adys=1304&adks=3181699296&ucis=9y6qj81y5xvr&ifi=6&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&top=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=728x0&msz=728x0&psts=AGkb-H-BsCiyIXvNaOQUXFwYHVWusl0WZ2AwMXkKnssG_qlXFqtqicdrKj_No2NkcqVIfHdR879gRlEoAA7bum3hN-HWrS4CkCxxPnhyqs4LkEvG6C2C5d7Y5vs%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=843376716.1624611745&ga_sid=1624611747&ga_hid=1907231560&ga_fc=false&fws=256&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
0ed38bf992dd6c9a5b828a9c536d0f973cdda84c249072d8d172b887dacae254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
avd.innity.com/sync/ Frame 23A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1624611748176
  • https://avd.innity.com/sync/?partner=appnexus&token=4702087275764383235&type=cookie&itmcb=1624611748176
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=appnexus&token=4702087275764383235&type=cookie&itmcb=1624611748176
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Last-Modified
Fri, 25 Jun 2021 09:02:28 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
84e85dce-b014-4355-8f81-bfbb56dcd730
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://avd.innity.com/sync/?partner=appnexus&token=4702087275764383235&type=cookie&itmcb=1624611748176
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
avd.innity.com/sync/ Frame 23A7 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=50445b631a92370f7134e3a272372603&type=cookie&itmcb=1624611748176
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Last-Modified
Fri, 25 Jun 2021 09:02:28 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BEFC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=12bb60d5-9ba4-4000-bf5b-2b1519d676f7
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=12bb60d5-9ba4-4000-bf5b-2b1519d676f7
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=12bb60d5-9ba4-4000-bf5b-2b1519d676f7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 09:02:31 GMT
sd
us-u.openx.net/w/1.0/ Frame BEFC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BEFC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame BEFC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a7a6c14f-ea95-312d-64a3-d47c56bfe05c&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BEFC 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGJjOTEyODUtMjNlMi02Zjg5LTcxNDMtOGVjNTljNWQyZTNj
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BEFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
date
Fri, 25 Jun 2021 09:02:34 GMT
via
1.1 google
server
OXGW/16.209.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
eu-u.openx.net/w/1.0/ Frame B122
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5ca560d5-9ba4-4c00-9c4a-368e43eb7e07
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5ca560d5-9ba4-4c00-9c4a-368e43eb7e07
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5ca560d5-9ba4-4c00-9c4a-368e43eb7e07
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 09:02:31 GMT
sd
us-u.openx.net/w/1.0/ Frame B122
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B122
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame B122 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a7a6c14f-ea95-312d-64a3-d47c56bfe05c&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B122 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGJjOTEyODUtMjNlMi02Zjg5LTcxNDMtOGVjNTljNWQyZTNj
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B122
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
date
Fri, 25 Jun 2021 09:02:34 GMT
via
1.1 google
server
OXGW/16.209.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
eu-u.openx.net/w/1.0/ Frame 5E4B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f36860d5-9ba5-4000-8315-2a0710adbe5e
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f36860d5-9ba5-4000-8315-2a0710adbe5e
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 25 Jun 2021 09:02:33 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f36860d5-9ba5-4000-8315-2a0710adbe5e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 09:02:32 GMT
sd
us-u.openx.net/w/1.0/ Frame 5E4B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5E4B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 5E4B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a7a6c14f-ea95-312d-64a3-d47c56bfe05c&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5E4B 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGJjOTEyODUtMjNlMi02Zjg5LTcxNDMtOGVjNTljNWQyZTNj
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5E4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
date
Fri, 25 Jun 2021 09:02:34 GMT
via
1.1 google
server
OXGW/16.209.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
eu-u.openx.net/w/1.0/ Frame EC54
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9a1960d5-9ba5-4f00-a18d-e2768a2ff9e9
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9a1960d5-9ba5-4f00-a18d-e2768a2ff9e9
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 25 Jun 2021 09:02:33 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9a1960d5-9ba5-4f00-a18d-e2768a2ff9e9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 09:02:32 GMT
sd
us-u.openx.net/w/1.0/ Frame EC54
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=vkgaP7EaHzmlHEs7vU9TObFIHDOlS044sBpLWC-y
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame EC54
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5740926643490249143
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame EC54 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a7a6c14f-ea95-312d-64a3-d47c56bfe05c&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame EC54 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGJjOTEyODUtMjNlMi02Zjg5LTcxNDMtOGVjNTljNWQyZTNj
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EC54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.209.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
via
1.1 google
server
OXGW/16.209.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEM85jVpxdu9WYbDuwBUDoLo&google_cver=1
date
Fri, 25 Jun 2021 09:02:34 GMT
via
1.1 google
server
OXGW/16.209.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
integrator.js
adservice.google.de/adsid/ Frame 23A7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 23A7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 23A7 		368 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2792496657349437&correlator=1926940912950061&output=ldjh&impl=fif&eid=21068030%2C31060400%2C31060976&vrg=2021062205&ptt=17&sc=1&sfv=1-0-38&ecs=20210625&iu_parts=4899711%2Cnews.sanook%2Cdesktop%2Cregion%2Creadpage%2Ctower&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600%7C240x400&prev_scp=category%3Dnews%2Cnews-2015%2Cregion%2Csanook-regional%26subcategory%3Dhilight-home%2Chilight-index-local%2Chilight-region%26tags%3D%25E0%25B8%25AD%25E0%25B8%25B8%25E0%25B8%259A%25E0%25B8%25B1%25E0%25B8%2595%25E0%25B8%25B4%25E0%25B9%2580%25E0%25B8%25AB%25E0%25B8%2595%25E0%25B8%25B8%2C%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%25A1%25E0%25B8%25AD%25E0%25B9%2580%25E0%25B8%2595%25E0%25B8%25AD%25E0%25B8%25A3%25E0%25B9%258C%25E0%25B9%2584%25E0%25B8%258B%25E0%25B9%258C%25E0%25B8%258A%25E0%25B8%2599%2C%25E0%25B8%258A%25E0%25B8%2599%25E0%25B8%25A3%25E0%25B8%2596%25E0%25B9%2580%25E0%25B8%2581%25E0%25B9%258B%25E0%25B8%2587%2C%25E0%25B8%2594%25E0%25B8%25B1%25E0%25B8%259A%25E0%25B8%25AA%25E0%25B8%25A5%25E0%25B8%2594%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%2594%25E0%25B9%2588%25E0%25B8%25A7%25E0%25B8%2599%2C%25E0%25B8%2582%25E0%25B9%2588%25E0%25B8%25B2%25E0%25B8%25A7%25E0%25B8%25A7%25E0%25B8%25B1%25E0%25B8%2599%25E0%25B8%2599%25E0%25B8%25B5%25E0%25B9%2589%2C%25E0%25B8%25A0%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B8%25A0%25E0%25B8%25B2%25E0%25B8%2584%26partner%3Dsanook-regional%26entry_id%3D8357734&eri=1&cdm=www.sanook.com&bc=23&abxe=1&lmt=1624611748&dt=1624611748198&dlt=1624611744474&idt=1313&frm=24&biw=-12245933&bih=-12245933&isw=1600&ish=1200&oid=3&adxs=1045&adys=2625&adks=3943158814&ucis=y39e7c12qu18&ifi=7&ifk=3152232325&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2Fnews%2F8357734%2F&ref=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&top=http%3A%2F%2F60d59a636ee0c.agencecw.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&psts=AGkb-H-BsCiyIXvNaOQUXFwYHVWusl0WZ2AwMXkKnssG_qlXFqtqicdrKj_No2NkcqVIfHdR879gRlEoAA7bum3hN-HWrS4CkCxxPnhyqs4LkEvG6C2C5d7Y5vs%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=843376716.1624611745&ga_sid=1624611747&ga_hid=1907231560&ga_fc=false&fws=256&ohw=0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
1002c38974ead056ca7f764ead9e55484ca788c228bb3fe8daca4ed493d546d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame E6C0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
15060b164d60759caf7cf70d62f5e15d67df2a5aac2edf5264f8cc9c465264db

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YNWbpIDwM1S00ZfX.6QDtQAA; CMPS=5183
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|39|230|206|195|65|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1883
Expires
Fri, 25 Jun 2021 09:02:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWbpIDwM1S00ZfX.6QDtQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT CMPRO=1145;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT CMST=YNWbpGDVm6QA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 09:02:28 GMT CMRUM3=ce60d59ba405a0&5160d59ba405a0&f160d59ba405a0&4160d59ba405a0&2d60d59ba405a0&2760d59ba40b40&c360d59ba405a00&e660d59ba42760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 25 Jun 2021 09:02:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWbpIDwM1S00ZfX.6QDtQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B3A 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A45 		0
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 25EF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00b6c09f622866552dcc9e828c1af52b1faf7922eb96bfa5a506fd49317fc03d

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5183; CMID=YNWbpIDwM1S00ZfX.6QDuQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|45|241|196|130|5|31
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1686
Expires
Fri, 25 Jun 2021 09:02:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWbpIDwM1S00ZfX.6QDuQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT CMPRO=1217;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT CMRUM3=e660d59ba42760&2760d59ba40b40&2d60d59ba405a0&8260d59ba4a8c0&0560d59ba405a0&c460d59ba405a0&f160d59ba405a0&1f60d59ba405a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMST=YNWbpGDVm6QA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 09:02:28 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 25 Jun 2021 09:02:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWbpIDwM1S00ZfX.6QDuQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F42D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
448751f43dbf6d8e432b56e56df11afa3a7bd3b38f500f45f2917561288edbe9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5183; CMID=YNWbpIDwM1S00ZfX.6QDvAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|39|241|90|206|195|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1921
Expires
Fri, 25 Jun 2021 09:02:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWbpIDwM1S00ZfX.6QDvAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT CMPRO=1199;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT CMRUM3=c360d59ba405a00&2760d59ba40b40&e660d59ba42760&2860d59ba405a00&2d60d59ba405a0&f160d59ba405a0&5a60d59ba405a0&ce60d59ba405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMST=YNWbpGDVm6QA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 09:02:28 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 25 Jun 2021 09:02:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWbpIDwM1S00ZfX.6QDvAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 7EFE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
188e1b039cedd21fc946a1a05ddae0b9a3639ecb88a3015dbee1100ae03141e3

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5183; CMID=YNWbpKB1r99PkXyAh6cEFgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|3|73|57|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1789
Expires
Fri, 25 Jun 2021 09:02:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWbpKB1r99PkXyAh6cEFgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT CMPRO=1208;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT CMST=YNWbpGDVm6QA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 26 Jun 2021 09:02:28 GMT CMRUM3=f160d59ba405a0&5160d59ba405a0&3960d59ba405a0&2d60d59ba405a0&4960d59ba405a0&e660d59ba42760&2760d59ba40b40&0360d59ba405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 25 Jun 2021 09:02:28 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Connection
keep-alive
Set-Cookie
CMID=YNWbpKB1r99PkXyAh6cEFgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Jun 2022 09:02:28 GMT CMPS=5183;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 09:02:28 GMT
dcm
s.amazon-adsystem.com/ Frame E6C0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDtQAABHkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDtQAABHkAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDtQAABHkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:29 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDtQAABHkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E6C0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWbpIDwM1S00ZfX.6QDuQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
336
Expires
Fri, 25 Jun 2021 09:02:34 GMT
casale
match.adsrvr.org/track/cmf/ Frame E6C0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YNWbpIDwM1S00ZfX.6QDtQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame E6C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWbpIDwM1S00ZfX-6QDtQAABHkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame E6C0 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YNWbpIDwM1S00ZfX-6QDtQAABHkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:28 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame E6C0
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c0725fac-d97e-4dbd-b3c0-4576de304a0b
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c0725fac-d97e-4dbd-b3c0-4576de304a0b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:32 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-c0725fac-d97e-4dbd-b3c0-4576de304a0b
date
Fri, 25 Jun 2021 09:02:31 GMT
server
Apache-Coyote/1.1
content-length
0
rum
dsum.casalemedia.com/ Frame E6C0
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624698148&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624698148&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:32 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624698148&gdpr=1
pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame E6C0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=7HR5ieMmfI_3ICiN73Mwj-N0f4X3dy2O4iYFTfET
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=7HR5ieMmfI_3ICiN73Mwj-N0f4X3dy2O4iYFTfET
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:31 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=7HR5ieMmfI_3ICiN73Mwj-N0f4X3dy2O4iYFTfET
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E6C0 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YNWbpIDwM1S00ZfX.6QDtQAA%261145
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:28 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1329
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:24:37 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 25EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWbpIDwM1S00ZfX-6QDuQAABMEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 25EF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YNWbpIDwM1S00ZfX.6QDuQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 25EF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWbpIDwM1S00ZfX.6QDuQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&google_hm=2&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
336
Expires
Fri, 25 Jun 2021 09:02:34 GMT
dcm
s.amazon-adsystem.com/ Frame 25EF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDuQAABMEAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDuQAABMEAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDuQAABMEAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:29 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDuQAABMEAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 25EF
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:32 GMT

Redirect headers

date
Fri, 25 Jun 2021 09:02:29 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 25EF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAu807BqzcAADptZcDdcw&expiration=1625821354&gdpr=1
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAu807BqzcAADptZcDdcw&expiration=1625821354&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:35 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAu807BqzcAADptZcDdcw&expiration=1625821354&gdpr=1
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ix
ad4m.at/ad/sim/ Frame 25EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
noop
px.owneriq.net/ Frame 25EF
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6778981491825175009&uid=Q6778981491825175009&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:29 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 25 Jun 2021 09:02:29 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 25EF 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YNWbpIDwM1S00ZfX.6QDuQAA%261217
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:28 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1329
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:24:37 GMT
crum
dsum-sec.casalemedia.com/ Frame F42D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWbpKB1r99PkXyAh6cEFgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:35 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
320
Expires
Fri, 25 Jun 2021 09:02:34 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F42D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWbpIDwM1S00ZfX-6QDvAAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F42D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YNWbpIDwM1S00ZfX.6QDvAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame F42D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDvAAABK8AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDvAAABK8AAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDvAAABK8AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:29 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpIDwM1S00ZfX-6QDvAAABK8AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F42D
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=ECDC81D8348148F4AEFC831005A1278D&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=ECDC81D8348148F4AEFC831005A1278D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:32 GMT

Redirect headers

date
Fri, 25 Jun 2021 09:02:30 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=ECDC81D8348148F4AEFC831005A1278D&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 24 Jun 2021 09:02:30 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame F42D 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YNWbpIDwM1S00ZfX-6QDvAAABK8AAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:28 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame F42D
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-35a6e250-4b2b-4057-8e9b-aeeb23459d35
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-35a6e250-4b2b-4057-8e9b-aeeb23459d35
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:32 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-35a6e250-4b2b-4057-8e9b-aeeb23459d35
date
Fri, 25 Jun 2021 09:02:31 GMT
server
Apache-Coyote/1.1
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F42D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YNWbpIDwM1S00ZfX.6QDvAAA%261199
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:28 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1329
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:24:37 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 446A
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-142-198.compute-1.amazonaws.com
Software
/
Resource Hash
865dab01cd7b2318b5772484a50af2c55a2c9401c508106d8e0934d78853e037

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=3263bbfd-7d74-48a1-85ad-ebbe35377778
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 25 Jun 2021 09:02:29 GMT
pragma
no-cache

Redirect headers

date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=3263bbfd-7d74-48a1-85ad-ebbe35377778; Path=/; Domain=eqads.com; Expires=Sat, 25 Sep 2021 09:02:29 GMT; Secure; SameSite=None
dcm
s.amazon-adsystem.com/ Frame 7EFE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:29 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7EFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEGRXj0cKhUOPPSr6pImhXU0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7EFE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YNWbpKB1r99PkXyAh6cEFgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7EFE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNWbpKB1r99PkXyAh6cEFgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL6ubio9Qs4GoHxk_BeKPFs&google_cver=1&gdpr=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
320
Expires
Fri, 25 Jun 2021 09:02:34 GMT
crum
dsum-sec.casalemedia.com/ Frame 7EFE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=463260d5-9ba4-4f00-b934-de9e8b6089e9&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=463260d5-9ba4-4f00-b934-de9e8b6089e9&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:31 GMT

Redirect headers

Date
Fri, 25 Jun 2021 09:02:33 GMT
Server
MT3 3799 851f7e8 master zrh-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=463260d5-9ba4-4f00-b934-de9e8b6089e9&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 25 Jun 2021 09:02:32 GMT
YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7EFE 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YNWbpKB1r99PkXyAh6cEFgAABLgAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7EFE
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819620859833583
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819620859833583
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:32 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1875819620859833583
Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame 7EFE 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7EFE 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YNWbpKB1r99PkXyAh6cEFgAA%261208
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 25 Jun 2021 09:02:28 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1329
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:24:37 GMT
async_usersync
ib.adnxs.com/ Frame 39F6 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a011c1f4-ebe6-4383-8e4a-fc9d069cf1ed
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C33E 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
62a303b3-40ca-468d-a7c9-e5436e390148
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 686B 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
276670a1-3129-4954-8fe3-03100e79c9f1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BB5E 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:28 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3f8ac3fd-f6c3-4b46-a585-38bc88c672d4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
graph.sanook.com/ Frame 23A7 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22news%22%2C%22entryId%22%3A%228357734%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a59061cdbb7378531ac02ef6b766b1fa659bd748%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/qOvL723Ats_7yRx7dAtrd/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
0c83223465e0ea00d4676d4ef4d6790a988fb858b6306d8d143bc24565e0e2f0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
XPURGE
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 25 Jun 2021 09:02:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
BYPASS
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getDiscussion&variables=%7B%22app%22%3A%22news%22%2C%22entryId%22%3A%228357734%22%2C%22orderBy%22%3A%22DESC%22%2C%22limit%22%3A3%2C%22first%22%3A20%2C%22status%22%3A%5B%22online%22%2C%22approve%22%2C%22pending%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a59061cdbb7378531ac02ef6b766b1fa659bd748%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,xpurge
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 09:02:30 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
wl
t.pubmatic.com/ Frame 23A7 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 23A7 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 23A7 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 23A7 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 23A7 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 23A7 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ Frame 23A7 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
dc-script-v2.min.js
sal.isanook.com/dc/ Frame 23A7 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: 60d59a636ee0c.agencecw.com
URL: http://60d59a636ee0c.agencecw.com/dr2406/414-smwqyelai.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-132.static.asianet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
25278
date
Fri, 25 Jun 2021 09:02:29 GMT
content-encoding
gzip
last-modified
Mon, 16 Nov 2020 11:46:30 GMT
server
nginx
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10744
expires
Sun, 25 Jul 2021 09:02:29 GMT
crum
dsum-sec.casalemedia.com/ Frame 446A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3263bbfd-7d74-48a1-85ad-ebbe35377778&expiration=1632560549
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Jun 2021 09:02:31 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D9CC 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
jquery-1.8.3.min.js
s.isanook.com/sh/0/js/ Frame 23A7 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 08:51:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
93636
server
Lego Server
age
24581
etag
W/"PSA-aj-0IhQ85x_cu"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16231907972310572429
accept-ranges
bytes
content-length
33384
expires
Fri, 16 Jul 2021 08:51:13 GMT
async_usersync
ib.adnxs.com/ Frame 39F6 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:29 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e76dafcc-2531-489f-afa7-d103878ba37f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C33E 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:29 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1e633a6d-5606-401b-a9e4-3794235abe4b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 686B 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:29 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4e4ca3cb-bc84-44d9-8038-3f9d0996aca3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BB5E 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:29 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c4a034ed-2571-45f3-b367-8ddd04c5bb45
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E4F7 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81773373&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
84339c0145f3b6b66cba583d975a2e72c9bdec84f594bc8ee15feb0e58761f56

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 96BB 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99873033&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
84339c0145f3b6b66cba583d975a2e72c9bdec84f594bc8ee15feb0e58761f56

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:28 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 09BC
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; PugT=1624611749; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:30 GMT; path=/ PugT=1624611750; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:30 GMT; path=/
x-lat
lhrpug020:0:414
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
etag
OPTOUT
dpe
ad4m.at/ad/ Frame 1BD9 		42 B
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae4011a2b000064c1eb9cd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664d04704a5764c1-FRA
Pug
image2.pubmatic.com/AdServer/ Frame 3F15
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; PugT=1624611749; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-qrozz08KKrw1aEKMfDBrXCO-; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:29 GMT; path=/ PugT=1624611749; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:29 GMT; path=/
x-lat
amspug009:0:363
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 25 Jun 2021 09:02:30 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=qrozz08KKrw1aEKMfDBrXCO-; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame EADB 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 25 Jun 2021 09:02:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame B56A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a6noeUMZaACmpqGpU8ItIWVPH1GYG65mVJNjJTap9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aFnseFrZcAQ8BqEr73ydphKHqZaoVyxZdwlZatZaVZceiUkZaS9P6URueYrObZcqrDZbtSVgwtmHi3xUhAgTXTGreX9Hw; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 09:02:30 GMT; SameSite=None; Secure; ANON_ID_old=aFnseFrZcAQ8BqEr73ydphKHqZaoVyxZdwlZatZaVZceiUkZaS9P6URueYrObZcqrDZbtSVgwtmHi3xUhAgTXTGreX9Hw; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 09:02:30 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0ae4011afd00004e4a0920b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664d0471987d4e4a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
352
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=a6noeUMZaACmpqGpU8ItIWVPH1GYG65mVJNjJTap9; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 09:02:30 GMT; SameSite=None; Secure; ANON_ID_old=a6noeUMZaACmpqGpU8ItIWVPH1GYG65mVJNjJTap9; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 09:02:30 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0ae4011a3e00004e4abfacb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664d04705cc44e4a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 13A5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=L5aEu4YQMwrG&pid=557219
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=L5aEu4YQMwrG&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=L5aEu4YQMwrG&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-qrozz08KKrw1aEKMfDBrXCO-; PugT=1624611749
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:30 GMT; path=/
x-lat
lhrpug011:0:440
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-dm4wv
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=L5aEu4YQMwrG&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=16c16366223148fe; path=/; HttpOnly; Secure; SameSite=None
141
match.deepintent.com/usersync/ Frame 7BB7 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 25 Jun 2021 09:02:30 GMT
server
b
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame A1CC
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5da38725-8968-4209-b050-c12f839cc190-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5da38725-8968-4209-b050-c12f839cc190-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5da38725-8968-4209-b050-c12f839cc190-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=1b07a2d5-d06b-44df-863c-65c026e06f5e-tuct7cf2126
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 25 Jun 2021 09:02:33 GMT
via
1.1 varnish
x-served-by
cache-hhn11575-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1624611754.606734,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=5da38725-8968-4209-b050-c12f839cc190-tuct7cf2126;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 25-Jun-2022 09:02:30 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=5da38725-8968-4209-b050-c12f839cc190-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 25 Jun 2021 09:02:30 GMT
via
1.1 varnish
x-served-by
cache-fra19125-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1624611750.482932,VS0,VE9
x-vcl-time-ms
9
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 7FD0
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
154 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1624611750530; TapAd_DID=936bd476-e7ac-4a50-aabb-60e1e1ab1fe2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Fri, 25 Jun 2021 09:02:30 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1624611750530;Expires=Tue, 24 Aug 2021 09:02:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=36713310-0eef-49b7-8f3a-154f78a48175;Expires=Tue, 24 Aug 2021 09:02:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame 5C4F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
42 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_188=3189-no-consent; PUBMDCID=3; PugT=1624611752
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:33 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:OMXLgx8M1LWHJn5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:33 GMT; path=/ PugT=1624611753; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:33 GMT; path=/
x-lat
lhrpug019:0:707
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 25 Jun 2021 09:02:32 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-066a1c0b271e68364@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=OMXLgx8M1LWHJn5; Domain=.w55c.net; Expires=Mon, 25-Jul-2022 09:02:33 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 25-Jul-2021 09:02:33 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 93FC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibfaBD78TvdCRXsQYWQvZ8HkwTM
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibfaBD78TvdCRXsQYWQvZ8HkwTM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibfaBD78TvdCRXsQYWQvZ8HkwTM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-qrozz08KKrw1aEKMfDBrXCO-; KRTBCOOKIE_377=6810-fb5b0c82-715d-4fe6-b7b5-186d138f2242&KRTB&22918-fb5b0c82-715d-4fe6-b7b5-186d138f2242&KRTB&23031-fb5b0c82-715d-4fe6-b7b5-186d138f2242; PugT=1624611750
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:31 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-ibfaBD78TvdCRXsQYWQvZ8HkwTM; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:31 GMT; path=/ PugT=1624611751; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:31 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:31 GMT; path=/
x-lat
lhrpug012:0:565
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 25 Jun 2021 09:02:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibfaBD78TvdCRXsQYWQvZ8HkwTM
Set-Cookie
sa-user-id=s%3A0-89b7da04-3efc-4ef7-4245-7b1061642f67.ayVOwPXF7E%2B0eeG1lNAqUiYAs9PvBPk5tiY83pbx%2B2A; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-89b7da04-3efc-4ef7-4245-7b1061642f67%24ip%24193.228.193.51.jBj0y7vYRKd9HJnuVjYxuduMALMZe0ncW2hX7nZgx9g; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
usersync
match.bnmla.com/ Frame 0AD2 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 09:02:33 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 02F1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F0EBAEB929D14B11AA8C9DB60CCFEC2A
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F0EBAEB929D14B11AA8C9DB60CCFEC2A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F0EBAEB929D14B11AA8C9DB60CCFEC2A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; PugT=1624611749; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:30 GMT; path=/
x-lat
lhrpug010:0:514
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F0EBAEB929D14B11AA8C9DB60CCFEC2A
set-cookie
suid=F0EBAEB929D14B11AA8C9DB60CCFEC2A; Path=/; domain=simpli.fi; Expires=Sun, 26-Jun-22 09:02:30 GMT; SameSite=none; Secure; suid_legacy=F0EBAEB929D14B11AA8C9DB60CCFEC2A; Path=/; domain=simpli.fi; Expires=Sun, 26-Jun-22 09:02:30 GMT; Secure;
expires
Thu, 24 Jun 2021 09:02:30 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Artemis
aud.pubmatic.com/AdServer/ Frame E4F7
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&addseg=17
7 B
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&addseg=17
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 25 Jun 2021 09:02:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&addseg=17
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame E4F7
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:32 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:32 GMT
frontend-id
1
location
/pubmatic/1/info2?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame E4F7 		95 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
664d04707fc605e9-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0ae4011a46000005e946850000000001
/
loadm.exelator.com/load/ Frame E4F7
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 25 Jun 2021 09:02:30 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame E4F7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:33 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:372
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E4F7
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4702087275764383235
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4702087275764383235
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:32 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:428
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:32 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c30f958b-acc3-40d3-9219-71ca404c2ed3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4702087275764383235
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E4F7
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a0d3d016-1315-423d-90b4-fb9355ec9571
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a0d3d016-1315-423d-90b4-fb9355ec9571
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:805
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_a0d3d016-1315-423d-90b4-fb9355ec9571
date
Fri, 25 Jun 2021 09:02:31 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame E4F7
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=134be8f8-d594-11eb-ab86-a799382bd3d2&gdpr=0&gdpr_consent=
1 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=134be8f8-d594-11eb-ab86-a799382bd3d2&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:32 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:519
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=134be8f8-d594-11eb-ab86-a799382bd3d2&gdpr=0&gdpr_consent=
Date
Fri, 25 Jun 2021 09:02:31 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
134be8f9-d594-11eb-ab86-a799382bd3d2
Artemis
aud.pubmatic.com/AdServer/ Frame 96BB
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&addseg=17
7 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&addseg=17
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 25 Jun 2021 09:02:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&addseg=17
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame 96BB
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:32 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:32 GMT
frontend-id
6
location
/pubmatic/1/info2?sType=sync&sExtCookieId=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 96BB 		95 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
664d04707fca05e9-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0ae4011a49000005e9718d8000000001
/
loadm.exelator.com/load/ Frame 96BB
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 25 Jun 2021 09:02:30 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=CE4CE046-85E8-485C-B44B-3C587BC2FDA3&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 96BB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:365
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EB9D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; PugT=1624611749; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:30 GMT; path=/ PugT=1624611750; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:30 GMT; path=/
x-lat
lhrpug008:0:484
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
etag
OPTOUT
dpe
ad4m.at/ad/ Frame D27F 		42 B
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0ae4011a2f000064c10f158000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664d04704a5864c1-FRA
Pug
image2.pubmatic.com/AdServer/ Frame 0998
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
42 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; PugT=1624611749; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:29 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-qrozz08KKrw1aEKMfDBrXCO-; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:29 GMT; path=/ PugT=1624611749; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:29 GMT; path=/
x-lat
amspug010:0:422
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 25 Jun 2021 09:02:30 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=qrozz08KKrw1aEKMfDBrXCO-; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=qrozz08KKrw1aEKMfDBrXCO-
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame EC08 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 25 Jun 2021 09:02:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 96BB
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4702087275764383235
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4702087275764383235
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:32 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:339
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Jun 2021 09:02:32 GMT
X-Proxy-Origin
193.228.193.51; 193.228.193.51; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8478396e-f041-4ba5-b4a5-ea5c373c465f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4702087275764383235
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 96BB
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1974aadf-747a-42cb-bd79-5318d849231f
42 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1974aadf-747a-42cb-bd79-5318d849231f
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:31 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:459
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1974aadf-747a-42cb-bd79-5318d849231f
date
Fri, 25 Jun 2021 09:02:31 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
i.match
s.tribalfusion.com/z/ Frame 631A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=amnoeUy4ZawTBA9MGKDm5lyr6t0Mryr5qyZdjJTcZdk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=awnseFyOZbSEoJTyBqKeC5HGHBH0LSnHl8J7HEATC3FutaJo5gtNqtNgxVUWKxesMPDSOmOUtIyQLf5QnuuNr; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 09:02:30 GMT; SameSite=None; Secure; ANON_ID_old=awnseFyOZbSEoJTyBqKeC5HGHBH0LSnHl8J7HEATC3FutaJo5gtNqtNgxVUWKxesMPDSOmOUtIyQLf5QnuuNr; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 09:02:30 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0ae4011af600004e4a1db10000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664d047188424e4a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
438
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=amnoeUy4ZawTBA9MGKDm5lyr6t0Mryr5qyZdjJTcZdk; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 09:02:30 GMT; SameSite=None; Secure; ANON_ID_old=amnoeUy4ZawTBA9MGKDm5lyr6t0Mryr5qyZdjJTcZdk; path=/; domain=.tribalfusion.com; expires=Thu, 23-Sep-2021 09:02:30 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0ae4011a3b00004e4a250a5000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
664d04705cc54e4a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame B90E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lJrAmgr0utf8&pid=557219
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lJrAmgr0utf8&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lJrAmgr0utf8&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-qrozz08KKrw1aEKMfDBrXCO-; PugT=1624611749
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:30 GMT; path=/
x-lat
lhrpug015:0:254
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-n2wtq
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lJrAmgr0utf8&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=25e28020c6f79031; path=/; HttpOnly; Secure; SameSite=None
141
match.deepintent.com/usersync/ Frame 90AD 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 25 Jun 2021 09:02:29 GMT
server
b
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 1130
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1b07a2d5-d06b-44df-863c-65c026e06f5e-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1b07a2d5-d06b-44df-863c-65c026e06f5e-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1b07a2d5-d06b-44df-863c-65c026e06f5e-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=1b07a2d5-d06b-44df-863c-65c026e06f5e-tuct7cf2126
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 25 Jun 2021 09:02:33 GMT
via
1.1 varnish
x-served-by
cache-hhn11575-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1624611754.606707,VS0,VE11
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=1b07a2d5-d06b-44df-863c-65c026e06f5e-tuct7cf2126;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 25-Jun-2022 09:02:30 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1b07a2d5-d06b-44df-863c-65c026e06f5e-tuct7cf2126&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 25 Jun 2021 09:02:30 GMT
via
1.1 varnish
x-served-by
cache-fra19125-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1624611750.483018,VS0,VE9
x-vcl-time-ms
9
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame D9B7
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1624611750530; TapAd_DID=936bd476-e7ac-4a50-aabb-60e1e1ab1fe2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Fri, 25 Jun 2021 09:02:30 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1624611750530;Expires=Tue, 24 Aug 2021 09:02:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=936bd476-e7ac-4a50-aabb-60e1e1ab1fe2;Expires=Tue, 24 Aug 2021 09:02:30 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame 2D15
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_188=3189-no-consent; PUBMDCID=3; PugT=1624611752
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:33 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:OMXLgx8M1LWHJn5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:33 GMT; path=/ PugT=1624611753; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:33 GMT; path=/
x-lat
lhrpug002:0:456
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 25 Jun 2021 09:02:33 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OMXLgx8M1LWHJn5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=OMXLgx8M1LWHJn5; Domain=.w55c.net; Expires=Mon, 25-Jul-2022 09:02:33 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 25-Jul-2021 09:02:33 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 96BB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=135c3c8c-d594-11eb-ba7f-4d742b07335b&gdpr=0&gdpr_consent=
1 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=135c3c8c-d594-11eb-ba7f-4d742b07335b&gdpr=0&gdpr_consent=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:32 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:579
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=135c3c8c-d594-11eb-ba7f-4d742b07335b&gdpr=0&gdpr_consent=
Date
Fri, 25 Jun 2021 09:02:32 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
135c3c8d-d594-11eb-ba7f-4d742b07335b
Pug
simage2.pubmatic.com/AdServer/ Frame DEA8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=onCPsPCuSd1a4CD3sdO__8HkwTM
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=onCPsPCuSd1a4CD3sdO__8HkwTM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=onCPsPCuSd1a4CD3sdO__8HkwTM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_409=22966-qrozz08KKrw1aEKMfDBrXCO-; KRTBCOOKIE_377=6810-fb5b0c82-715d-4fe6-b7b5-186d138f2242&KRTB&22918-fb5b0c82-715d-4fe6-b7b5-186d138f2242&KRTB&23031-fb5b0c82-715d-4fe6-b7b5-186d138f2242; KRTBCOOKIE_860=16335-ibfaBD78TvdCRXsQYWQvZ8HkwTM; PugT=1624611751
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:31 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-onCPsPCuSd1a4CD3sdO__8HkwTM; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:31 GMT; path=/ PugT=1624611751; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 09:02:31 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:31 GMT; path=/
x-lat
lhrpug008:0:812
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 25 Jun 2021 09:02:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=onCPsPCuSd1a4CD3sdO__8HkwTM
Set-Cookie
sa-user-id=s%3A0-a2708fb0-f0ae-49dd-5ae0-20f7b1d3bfff.e8BJhyuPdegV18XAR12zsap56llkQ4A%2BNTCU1ylMwW4; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-a2708fb0-f0ae-49dd-5ae0-20f7b1d3bfff%24ip%24193.228.193.51.0SUjGiXsaRKYz4MK8p0JRg6NFgmDSe0LpuGNQ1Af8Bk; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
usersync
match.bnmla.com/ Frame 5A4B 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 25 Jun 2021 09:02:33 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame B0D9
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A6D58A872D4416F8A67C52F08031FCE
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A6D58A872D4416F8A67C52F08031FCE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A6D58A872D4416F8A67C52F08031FCE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=CE4CE046-85E8-485C-B44B-3C587BC2FDA3; KRTBCOOKIE_57=22776-4702087275764383235; PUBMDCID=3; KRTBCOOKIE_336=5844-5338605195965394625; KRTBCOOKIE_1101=23040-6977654322079660172; KRTBCOOKIE_391=22924-5740926643490249143&KRTB&23263-5740926643490249143; KRTBCOOKIE_153=19420-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl&KRTB&22979-azLRLWRg1CtwZoApaDWYK2Qy1yFwMYUqZWA_bFHl; KRTBCOOKIE_218=22978-YNWbpAACJqxRsgA4&KRTB&23194-YNWbpAACJqxRsgA4&KRTB&23209-YNWbpAACJqxRsgA4&KRTB&23244-YNWbpAACJqxRsgA4; SPugT=1624611747; KRTBCOOKIE_22=14911-2810120156450293986; KRTBCOOKIE_27=16735-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&16736-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23019-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3&KRTB&23114-uid:268a60d5-9ba4-4a00-b62e-19b22faab4f3; PugT=1624611749; KRTBCOOKIE_466=16530-3b35d6dc-a553-48e1-9835-fa7db0318442; chkChromeAb67Sec=2; DPSync3=1627171200%3A232%7C1624665600%3A174%7C1625788800%3A227_201_197_219_221_226; SyncRTB3=1625875200%3A35%7C1629763200%3A69%7C1625788800%3A7_88_189_104_57_220_13_3_176_78_22_166_230_204_231_5_56_233_8_21_165_234_54_81_161_99_71_55_222%7C1625184000%3A67_2_223_15%7C1625443200%3A63%7C1627171200%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 23-Sep-2021 09:02:30 GMT; path=/
x-lat
lhrpug012:0:449
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 25 Jun 2021 09:02:30 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7A6D58A872D4416F8A67C52F08031FCE
set-cookie
suid=7A6D58A872D4416F8A67C52F08031FCE; Path=/; domain=simpli.fi; Expires=Sun, 26-Jun-22 09:02:30 GMT; SameSite=none; Secure; suid_legacy=7A6D58A872D4416F8A67C52F08031FCE; Path=/; domain=simpli.fi; Expires=Sun, 26-Jun-22 09:02:30 GMT; Secure;
expires
Thu, 24 Jun 2021 09:02:30 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
50x50-02.png
p3.isanook.com/sh/0/di/ Frame 23A7 		356 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p3.isanook.com/sh/0/di/50x50-02.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.168 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b85a4c4ba3263d5ac11d8648a9f29dd5b1f68baf31c57a23a0918d7b6f23aa3b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
etag
W/"PSA-aj-cHt0Yl7Qmt"
content-type
image/png
x-nws-log-uuid
9722537453732122369
accept-ranges
bytes
content-length
356
1.gif
s.isanook.com/sr/0/images/emoji/ Frame 23A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/1.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
35c9c1ae4c3df9a7f113edf895afee54e4908a1995c5254d4858c8bc470db8d0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:05:52 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:28 GMT
server
Lego Server
age
0
etag
"60d40e60-62e"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7859845566921977535
accept-ranges
bytes
content-length
1582
expires
Sat, 24 Jul 2021 10:05:52 GMT
2.gif
s.isanook.com/sr/0/images/emoji/ Frame 23A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/2.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
97a99e100778059aca0bd2216cef21af553a0f7cb0191143e027267c03a0e16e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 08:14:36 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"60d40e60-70c"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
15656317947256002212
accept-ranges
bytes
content-length
1804
expires
Sat, 24 Jul 2021 08:14:36 GMT
3.gif
s.isanook.com/sr/0/images/emoji/ Frame 23A7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/3.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1d19fca94525bced7ad4e7a82e7ed60df670cb0043062c36cc75251e9e27a8a2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 16:30:54 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:04 GMT
server
Lego Server
age
0
etag
"60c98554-be5"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000
x-nws-log-uuid
5088319684616134435
accept-ranges
bytes
content-length
3045
expires
Fri, 16 Jul 2021 16:30:54 GMT
4.gif
s.isanook.com/sr/0/images/emoji/ Frame 23A7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/4.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
6c813ea0c5e40673c9a5040635e44230d2a688474bc36855e426081667a5bbf7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:08:49 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 14:46:51 GMT
server
Lego Server
age
0
etag
"60d49adb-1381"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12295574791936338685
accept-ranges
bytes
content-length
4993
expires
Sun, 25 Jul 2021 08:08:49 GMT
5.gif
s.isanook.com/sr/0/images/emoji/ Frame 23A7 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/5.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
29c0ef5ab2d6df4bbce3486256be8a0fc89966908b00f3aaf53f83b8d16d5424

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 14:12:33 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:04 GMT
server
Lego Server
age
0
etag
"60c98554-d50"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8005802672327444456
accept-ranges
bytes
content-length
3408
expires
Fri, 16 Jul 2021 14:12:33 GMT
6.gif
s.isanook.com/sr/0/images/emoji/ Frame 23A7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/6.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
3d83e9c94493629c76a9e919230e2e4dd47c97256050d34c7cce1d2a4f684a98

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 16:30:56 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 Jun 2021 05:00:04 GMT
server
Lego Server
age
0
etag
"60c98554-efa"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18105000302625003570
accept-ranges
bytes
content-length
3834
expires
Fri, 16 Jul 2021 16:30:56 GMT
7.gif
s.isanook.com/sr/0/images/emoji/ Frame 23A7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/7.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4c2cf1b884f877847a5a361cbe7a799a6727193c518eac90db1d0c14af9807aa

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 08:56:55 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 14:46:51 GMT
server
Lego Server
age
0
etag
"60d49adb-1f61"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15085851576428180774
accept-ranges
bytes
content-length
8033
expires
Sun, 25 Jul 2021 08:56:55 GMT
8.gif
s.isanook.com/sr/0/images/emoji/ Frame 23A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/8.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2ae88801801cbaf45f70192763e8c1f46ef2ef468396347614de2c822b574b4c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 10:09:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 04:47:28 GMT
server
Lego Server
age
0
etag
"60d40e60-748"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9067503093275708604
accept-ranges
bytes
content-length
1864
expires
Sat, 24 Jul 2021 10:09:53 GMT
9.gif
s.isanook.com/sr/0/images/emoji/ Frame 23A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/emoji/9.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bc95034afe6f2d45474187a2f3dc75afa93299f0e1571ec75eac14ecb562d818

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 12:48:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 24 Jun 2021 10:11:22 GMT
server
Lego Server
age
0
etag
"60d45a4a-6c8"
content-type
image/gif
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17835657998943298724
accept-ranges
bytes
content-length
1736
expires
Sat, 24 Jul 2021 12:48:17 GMT
truncated
/ Frame 23A7 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
076140e72d9bc811dc3fea615bfd16196a02e255a9326ae57c7f5c3ef00a1810

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
getimage.php
getimage-member.sanook.com/ Frame 23A7 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getimage-member.sanook.com/getimage.php?avatartype=2&gender=1&imgurl=http://member.sanook.com/sanookmemberimage/null.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.94.199 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-199.static.asianet.co.th
Software
/
Resource Hash
ebad9fa972a9c72ab9a910ba5dd5db724461f9cb04704cacc708c6b0028c45c2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 05 Jun 2021 12:14:39 GMT
Connection
keep-alive
Age
1716471
Accept-Ranges
bytes
Content-Length
1482
Vary
Accept-Encoding
Content-Type
image/jpeg
discussion2013.png
p4.isanook.com/sh/0/di/discussion/ Frame 23A7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4.isanook.com/sh/0/di/discussion/discussion2013.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.168 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b2f8560f1744785ef906efc90546c7e6cb1feea237191c8a537301ba37ae6fdf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:30 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
etag
W/"PSA-aj-hTdBBbAZpp"
content-type
image/png
x-nws-log-uuid
8116083124257543219
accept-ranges
bytes
content-length
15424
discussion2013.png
s.isanook.com/sr/0/images/discussion/ Frame 23A7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/discussion/discussion2013.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b2f8560f1744785ef906efc90546c7e6cb1feea237191c8a537301ba37ae6fdf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 07:27:17 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"60cc0342-3c40"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
9398670871785718333
accept-ranges
bytes
content-length
15424
expires
Thu, 22 Jul 2021 07:27:17 GMT
getimage.php
getimage-member.sanook.com/ Frame 23A7 		741 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getimage-member.sanook.com/getimage.php?avatartype=2&gender=1&imgurl=http://member.sanook.com/sanookmemberimage/4796e71e-9c85-4290-bcbd-62683e5a70b6.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.94.199 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-199.static.asianet.co.th
Software
/
Resource Hash
57f91dc95daf178989dba01cfa17160e9fb86302e83925f7b02edf2c99369675

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 20 Jun 2021 04:50:43 GMT
Connection
keep-alive
Age
447108
Accept-Ranges
bytes
Content-Length
741
Vary
Accept-Encoding
Content-Type
image/jpeg
SPug
simage4.pubmatic.com/AdServer/ Frame E4F7 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 96BB 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
nr-1071.min.js
js-agent.newrelic.com/ Frame 23A7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"a1a545c95f313a230157b47dca555c25"
x-amz-request-id
DM30SWKKVC6S9RTW
x-cache
HIT
content-length
9086
x-amz-id-2
PB2dZdkBAg3MOl6rQOIJs4rDAwkQxHHgoudypaqkid0YQ+oThDmxYru0sr4ENZXjvzCv3wU/M1w=
x-served-by
cache-fra19157-FRA
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1624611755.292536,VS0,VE0
date
Fri, 25 Jun 2021 09:02:35 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
100
syncframe
gum.criteo.com/ Frame EFE6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=60d59a636ee0c.agencecw.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=60d59a636ee0c.agencecw.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1604
set-cookie
uid=983db1d7-e8b6-4d52-8054-df34bbe7817c; expires=Sat, 25 Jun 2022 09:02:34 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Fri, 25 Jun 2021 09:02:34 GMT
content-length
1129
sodar
pagead2.googlesyndication.com/getconfig/ Frame 23A7 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062205&st=env
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57c65fd8be57b2530e77272d33f9d49bfa336f8830214d0c4826598083fd0109
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Jun 2021 09:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
8f062114d3
bam.nr-data.net/1/ Frame 23A7 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=12006&ref=https://www.sanook.com/news/8357734/&be=1935&fe=11912&dc=2046&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1624611743301,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:195,%22c%22:195,%22s%22:212,%22ce%22:876,%22rq%22:876,%22rp%22:1169,%22rpe%22:1384,%22dl%22:1173,%22di%22:2046,%22ds%22:2046,%22de%22:2046,%22dc%22:11911,%22l%22:11911,%22le%22:11922%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 23A7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 25 Jun 2021 09:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 25 Jun 2021 09:02:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 721C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 25 Jun 2021 08:27:10 GMT
expires
Sat, 25 Jun 2022 08:27:10 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9C4F 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
04017e1f31e6fd5c293d77fe432d573fc6b9544d39687d91fab5bc67210556cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZPVBlmvHUXbGOEDFArJvOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Fri, 25 Jun 2021 09:02:36 GMT
date
Fri, 25 Jun 2021 09:02:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ZPVBlmvHUXbGOEDFArJvOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
pagead2.googlesyndication.com/bg/ Frame 721C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 09:41:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
170490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5744
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 09:41:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23A7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021062205&jk=2792496657349437&bg=!-Pul-7_NAAYo4NJEKOA7ACkAdvg8WjDdKvTlV-YGIFmpkPNFmQvHAeV-r1cyB6o5as8c0c_XDBDOzQIAAABYUgAAAAxoAQeZAo39bkXEL_6J8uwxfpFFLGjDZXvP01dp1AgKy0wuQE1I7lecbbhNh9OsYqNltd4Sfc53gwtywmGW4szjh40sieyvZQmujLw0Y1-6NSlVuQyu4K9aOvKScmjI4KHWR56PcNGAYAV2m98EoVo2LDMoQsAeDhNDzivWrYwjv-8AQpDkfjkF3VBErp0SDdWNfLwFEHR3xBjcFtpjvhMm78-DRNM95wARXKPPqCxMz1Q0gQ4eHrPXkwMfwpv3sv_DiZ1-U3-v-oUjbZUvBQvYvqLs9xepDdZGYiC8TCLcbIu632d6eXHyOhB6MVyyzdRW1Nms4TNG_U67ct1TW0m266pZZz1BQ1ZAqcdFzW3ZLcXwWtgelNlXz_u5ldyAzNIhKr35f27SzVWsumazhlycciW5boS_7gqrgUYPBo8XKBUj6EUv-cz1JI4gst4cW6-xrHxpArERfaagrQFwq-dp9YZU01kHj8Q6KkAHnkZZInfTYU2xUNCYRR22A-PGGs4KbhugxtOihCMs9kArrNzgG-q4dRU3ms_4yZM8hkqbt5YA1n6mtAG64GBLrxaNky1S6SisEyXsrl9s4mbSMrbNdr0ovMMvIS0FGyD4dZd771jbj1mRpk0IHcXZB_WuwboVUQTH1RKvr-qQe0FEgSgr-nW7qa8cCIzdNcVjQTZmMuSct3-aFAWFguEUrLJ9boaHn2Kz4h8Kb421awzmg7Xsw0bDfcc2tQulX2kIyRSJvtZxgXwDMTHu-tn0qnk5GsOrt1XISR2Tdqvh0L2SNerc6c_GLP8jUirnx6yc18UsrXmaPOZfAo0vqUKP52IcaRudEOrFrm8zDkE9iXcsJ1_EUnj9OFhqMIotwvxVvuqu5wS-dA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Jun 2021 09:02:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sanook-notification.1.0.3.min.js
s.isanook.com/no/1/js/ Frame 23A7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/3bfe84fc7ea8cc8aa5cc9bd933265c1f05cf8e7c.fb4472abc6dfcae290c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 03:31:24 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
2114
server
Lego Server
age
19180
etag
W/"5d9c5150-842"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
13877009083301854147
accept-ranges
bytes
content-length
1054
expires
Fri, 16 Jul 2021 03:31:24 GMT
sanook-notification-v1.017b.css
s.isanook.com/sh/0/cs/ Frame 23A7 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/cs/sanook-notification-v1.017b.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 01:31:54 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
3433
server
Lego Server
age
19202
etag
"5d9c5105-d69"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
4983867372389861693
accept-ranges
bytes
content-length
825
expires
Fri, 16 Jul 2021 01:31:54 GMT
socket.io.min.1.0.js
s.isanook.com/no/1/js/ Frame 23A7 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/socket.io.min.1.0.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.115 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 09:03:22 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 18 Sep 2013 05:33:33 GMT
server
Lego Server
age
25400
etag
W/"52393b2d-a942"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14579259774967154916
accept-ranges
bytes
content-length
14046
expires
Fri, 16 Jul 2021 09:03:22 GMT
/
notification.sanook.com/socket.io/1/ Frame 23A7 		71 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.sanook.com:9410/socket.io/1/?t=1624611762338
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/news/8357734/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
203.151.133.55 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
Software
/
Resource Hash
f79b1d1e2c233266e9713e5764459c7d3fd77a332bb33f11c0465bec3a3b458a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Fri, 25 Jun 2021 09:02:44 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8fhbcG3vYwc1upbUujsv6pG6o-n4LxR0foNETLHLdOmEDh6FpX9z7uj-i2QNnT6Qh7dkP4K6MAe005HGjaG_0ghCVAXaswcHQdEYvAVHXZK8uyj7U&sig=Cg0ArKJSzMOF7sBobLleEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210623&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=19&adk=2513669353&rs=4&met=ce&la=0&cr=0&osd=1&vs=3&eosm=0&rst=1624611747320&rpt=246&r=u&speed=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVLuLx2cXBpVSnI7R2nUio0b6q1YM0WmvUKVZFuCSUivboZkNsAC3I-3ARu8YK4AYJT11IzC1WIi-BBSSs7eajUCQbgTj4bLQauLfJYlYgKT7mSVPW&sig=Cg0ArKJSzFkRpBRL0d8HEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210623&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=19&adk=1033481451&rs=4&met=ce&la=0&cr=0&osd=1&vs=3&eosm=0&rst=1624611747687&rpt=104&isd=0&r=u

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

12 Cookies

Domain/Path Name / Value
.openx.net/ Name: i
Value: eb14ef6c-08b1-4b07-b7a1-c528d7744f6a|1624611754
.casalemedia.com/ Name: CMST
Value: YNWbq2DVm6sA
.casalemedia.com/ Name: CMPRO
Value: 1199
.casalemedia.com/ Name: CMID
Value: YNWbqrnY1gG5-rPJhMkaRAAA
.casalemedia.com/ Name: CMPS
Value: 5183
.criteo.com/ Name: uid
Value: 983db1d7-e8b6-4d52-8054-df34bbe7817c
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJ760JdiiPHDkVvt9CJEI6c&KRTB&16514-CAESEJ760JdiiPHDkVvt9CJEI6c&KRTB&23025-CAESEJ760JdiiPHDkVvt9CJEI6c
.casalemedia.com/ Name: CMRUM3
Value: 8260d59bab2760AAAu807BqzcAADptZcDdcw
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:OMXLgx8M1LWHJn5
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: PugT
Value: 1624611753
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent

80 Console Messages

Source Level URL
Text
console-api warning URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://s.isanook.com/sr/0/_next/static/chunks/cf89254f3b62bfcd72d40b69e1600b42e9852816.8b870b2e2aaff3624f9b.js(Line 1)
Message:
Error: Bad response from server
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
ResponsiveVoice r1.6.1
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
isHidden: false
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Prerender: false
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: speechSynthesis present but no system voices found
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: Enabling fallback mode
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Voice support NOT ready
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: speechSynthesis present but no system voices found
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
RV: Enabling fallback mode
console-api log URL: https://s.isanook.com/sr/0/js/voice/responsive-voice-1.0.3.min.js(Line 1)
Message:
Configuring

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60d59a636ee0c.agencecw.com
a.teads.tv
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
adservice.google.nl
ajax.googleapis.com
api.u1sf.com
appx.sanook.com
as.innity.com
aud.pubmatic.com
avd.innity.com
avd.innity.net
bam.nr-data.net
bce22fbd3e8dadaac5d2798ba6f6e7bb.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
casale-match.dotomi.com
cdn.izooto.com
cm.adgrx.com
cm.g.doubleclick.net
code.th.giraff.io
connect.facebook.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
f6f7b8880998c6e782e171eed9fb6d83.safeframe.googlesyndication.com
getimage-member.sanook.com
googleads.g.doubleclick.net
graph.facebook.com
graph.sanook.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-agent.newrelic.com
js-sec.indexww.com
loada.exelator.com
loadm.exelator.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
notification.sanook.com
p.rfihub.com
p3.isanook.com
p4.isanook.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb-eu.andbeyond.media
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
t.pubmatic.com
tencentth-d.openx.net
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
pagead2.googlesyndication.com
101.33.10.52
104.109.76.50
104.111.242.53
119.81.192.134
13.248.242.197
135.125.8.70
146.59.148.16
149.129.240.178
149.28.140.151
150.109.191.115
150.109.206.168
151.101.14.110
151.101.14.49
159.253.128.188
159.65.197.210
162.247.242.21
162.55.6.212
172.217.18.98
178.250.0.163
178.250.0.165
178.250.2.146
18.156.0.31
18.159.182.76
18.159.8.206
184.30.21.51
185.29.133.199
185.33.220.242
185.33.221.91
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.82
185.86.139.115
188.165.4.142
193.0.160.129
198.148.27.139
199.232.137.44
2.18.232.130
2.18.233.180
2.18.234.21
2.21.111.28
2001:678:cb4:bbbb::11
203.151.133.55
213.155.156.169
213.19.147.44
216.58.212.130
216.58.212.162
2606:4700:10::6816:1857
2606:4700:10::ac43:1ac7
2606:4700:20::681a:bd1
2606:4700::6812:d05
2606:4700::6812:d941
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:13::1400
2a02:fa8:8806:16::1400
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::300
34.205.3.24
34.98.107.212
35.171.130.4
35.201.96.126
35.227.248.159
35.244.159.8
37.157.6.246
38.27.122.126
38.91.45.7
51.89.21.21
52.49.183.138
52.57.142.16
54.194.104.251
54.194.226.253
54.204.142.198
54.226.209.67
54.239.17.112
54.78.254.47
61.91.93.188
61.91.93.197
61.91.94.132
61.91.94.198
61.91.94.199
65.9.77.122
66.155.71.25
72.251.241.196
77.243.60.138
77.245.57.78
85.114.159.93
00b6c09f622866552dcc9e828c1af52b1faf7922eb96bfa5a506fd49317fc03d
04017e1f31e6fd5c293d77fe432d573fc6b9544d39687d91fab5bc67210556cf
0701539536ae365a201af6f56d9395dedb157854942c831daaab161c0373aabe
076140e72d9bc811dc3fea615bfd16196a02e255a9326ae57c7f5c3ef00a1810
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
0794ae1f67e073425a2e3d531b7e4a1540684e95e86812c661b974c3e261eaf6
0801c6f675417d682c3909e0ed2a9bd69f47a4f1c9f1e2eb02719f9a6f4e2d21
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c83223465e0ea00d4676d4ef4d6790a988fb858b6306d8d143bc24565e0e2f0
0d00eb57cae504dd662f2c938bb454085ab0a357b4fbd032ca54a6e9579825df
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e07310d9d72a6cb6d6f617265bb02f64a2e8654bfc3be2ef8bff14d857d14a8
0ed38bf992dd6c9a5b828a9c536d0f973cdda84c249072d8d172b887dacae254
1002c38974ead056ca7f764ead9e55484ca788c228bb3fe8daca4ed493d546d4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e04bf0bddbdb5544b6d570c7cfb466a8b91931f25032d7fa4ccd3b180d99ea
13b0e40192eec4b88d7eb7f14d3b9579febb47b211bd1a0a336a34b3b6c30383
13c6f1aeadd5d8c5f426b3658373db80484f412addc0070139bb11ec99f7435a
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b
14f06f756f4875d5b442a5d0420ffbea7e6fdad87b02304d460fb9b82f87adac
15060b164d60759caf7cf70d62f5e15d67df2a5aac2edf5264f8cc9c465264db
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188e1b039cedd21fc946a1a05ddae0b9a3639ecb88a3015dbee1100ae03141e3
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377
1c540bf66da12459e01db47dfa07ab5426068b2a30a9d02b0ea9b19e8d68e740
1d19fca94525bced7ad4e7a82e7ed60df670cb0043062c36cc75251e9e27a8a2
1d767acd2407e797634484041c000f8a5b1e351e1a3600c0417556dfa7d42088
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78
2036793458cbb7533a464ef19f0232632cac7eaaadb37523c8f181d6b15d100b
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23
2694784fa31a20a4ff5973cebc0f90a1e39098cfc20939f527a69b076f5e3cca
29c0ef5ab2d6df4bbce3486256be8a0fc89966908b00f3aaf53f83b8d16d5424
2ae88801801cbaf45f70192763e8c1f46ef2ef468396347614de2c822b574b4c
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fb0eb4fb4e2af148ba08a8d7a68c9e860d302095cd9362cb2547f8b3e5b7363
30448c4cd66ce6f5a37f2ca7be41a547448ea55a7a0b5ea05fa42ca7805d147c
31384c40690287283e6448a7c83fc24cb1c39917a5a07c6a8c1c211e0f6400b6
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a
336a8070cf861168333e57513361ed3e9024afcf90817af10085a829eb1fd610
34249dfa77ab32bd7186413cca8cd9ab6f8a4380a70ca430239a5e8621a27953
35c9c1ae4c3df9a7f113edf895afee54e4908a1995c5254d4858c8bc470db8d0
362786beb43df23611ff62de50a360e54b28dbcc4a458b53b68317e4169a945f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d83e9c94493629c76a9e919230e2e4dd47c97256050d34c7cce1d2a4f684a98
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
448751f43dbf6d8e432b56e56df11afa3a7bd3b38f500f45f2917561288edbe9
44eb0ac8bcd9b192518b53eaad09c84e4c0f1f674c7c4bfac85db1a546ea3997
458f47c8d4e71d58a27ff10bd155f9f77a2f630cba8d0479f5810cb74bd8596b
4675e01e3e468eea89ea62ddb668821c8fc9848d0abe5d2078ddb95ab45d638c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a26b581c8ec99e60bc585188b8cdcd333b5f425a4a3cfd7a2bed68d3251f733
4b3f7e7a2f6a5550346242522fc341b2baa4d93b28a8b7d3b435df2b760e11fa
4b64d0b859811e9f2ef4fd68541842861ebb3b0694baa0030210bbb5c780b4db
4c2cf1b884f877847a5a361cbe7a799a6727193c518eac90db1d0c14af9807aa
4d59a5633f0c0824633eb8631d3219b6893ab33de44b2f7989f7828bc599e9e9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e357e741203fb8376c567175134ceb9fa35c31ab57ae2b3d0a57d4772d89220
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5261c0c748c658074b12b3e815a2f8cab76482187eb94e7c1ebe729aadbf5981
526d1b11c53bff7776c18ae3e260c072c0ad424084a337290914af5ac0facc1f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a
57c65fd8be57b2530e77272d33f9d49bfa336f8830214d0c4826598083fd0109
57f91dc95daf178989dba01cfa17160e9fb86302e83925f7b02edf2c99369675
588cc8c63d4b88632f4842cadfd416416fc371874763b62d94defacae2c08dd2
58c9b88f5e2cee331d43bac233cc73741a34044f7907a94f9aa7c2325713ef7d
5a08dd560af21b52e2ac0d2cbcf510db05beeb31d59b25321143217f556b15cd
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
61265bfbc4981194febb25fce76c56e2b02bc96c07525aef930ef8ceb92d55ab
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52
653a4e12d09d03b72922721183af52159f5942cdafdcfb10998a9b155943a203
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
664186e51f08ee452a19dc92c51b65fe47486c738197bc5f4d6b415e37be0183
67b98323ad232bcdd9e50cb2ca6fe789af69eafce5787a7660fa81e242b26851
695e3e04c7d78887cbe74d3449f5c0a5e2ef92d173e6cbf8f692d3e028f4554d
69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c813ea0c5e40673c9a5040635e44230d2a688474bc36855e426081667a5bbf7
6c91f2120eec92dac8f5b68e488ce4ba750c005018966b6e21b347bcdb9a9757
728b25bfa042c79ed4388ef2a2695829eba53016f642ec5cb5d5ec567f9fe066
734b814220ae9a3d44b59d48528f68672c9e17be6857b1dfacb6f18a37fd172b
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed
741de590e929ede7f7ffba2c9c8c8e3bb7522d051be5d2c848fcd5a183ddf52a
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
785143cb8b94b7496c35f5bb2dd6dc7fd7ead6b1abe88379eaf2d40542cb857a
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
79fcef7a0549ef72c11fc65e27b2e6bb1194eab7d9717980091bc577cfb9b73f
7bde429421ea59c7dc520f813c5a75dbeef0533fc570d6ff231bb5197694e412
7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7ee369291548a549b30c7cdd09a1c1f9654635d81f03d41cf2d64f43a868238d
8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84339c0145f3b6b66cba583d975a2e72c9bdec84f594bc8ee15feb0e58761f56
84e997d846f0b228470dd7db80106fee6ccb015c7d915d16cac9deb5cf5f15d5
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
85da8c886bc1ff2a66901be9ef82b013d0ea8f6ee7aee239e9a461d7497f3eac
865dab01cd7b2318b5772484a50af2c55a2c9401c508106d8e0934d78853e037
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8f9baacfc21b69f1e4e65f9a93fc0ed623e2bc26b62b8e7e173ad7e4aacb9fa2
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
92857904df325afe1f29a64b2382eb7df89626a03d79bd16be4dac1296c3aef1
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89
93e3f8018cecf054a8c0a2db1e0987f5dc53cb73ac5cf046051a198880c87649
964b656289b3bc187440e3556d72226c8f364bdc257acb0b3a99956ad013b60a
97a99e100778059aca0bd2216cef21af553a0f7cb0191143e027267c03a0e16e
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
989071c13646fa049dd59ef2e0d0f402634df81ebc7a8f716de7dd73462bd045
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b432db8bfed4434ed2682bd0a4e16e01c8193f670a8de52fc5284f32cd9df90
9c5a5d2d877843e5e94d777a7ad35d0892b88914c5faab8f563d5b7605809660
9f022d21dbd014c80281cb2ad63c5d9590299cdec9e178955cdda4a91bf7adb2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4148beda0bd8d0202f20db810aa194a5a8b49bdc430a217d3d14ebcbdea2be0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f13295a972f241e42e7c7d4c287c890a03b15d6d5e502dbc37496f165adaeb
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a72de38880d82bc98ab7aecee4d7398a16b468b92f50e946a33c897a5e39b0c4
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac1716468e92e7f66d6720acf96132e7ff1f1d5d45517a1ff4527e96ee3186bd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f8560f1744785ef906efc90546c7e6cb1feea237191c8a537301ba37ae6fdf
b35a4ef06e319281153f0f4b026996a350853075e70204a388d524eab724433f
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b
b85a4c4ba3263d5ac11d8648a9f29dd5b1f68baf31c57a23a0918d7b6f23aa3b
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30
bc95034afe6f2d45474187a2f3dc75afa93299f0e1571ec75eac14ecb562d818
bcd44db972bcd70526a04c7459652d82e65c6aee369ec728143be6053667d57a
bcea6ed2b03d8890a03a4e1bbb57c2237e75af15fff58f56b9ffb5bdfef0ca4e
bd84d7808fbcb4e80da17a349a90c3833d5b280413aee004b70e9b4dfc6b3260
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3785a4240ab5f25b058e4f35b0e8cf9734533ef8a13652bd2e86158f89a9c9e
c4dbc7c38fc0967b356d85f9d27649310a42ef71a56aef86f85a049866df5cac
cd6038c5672792bce93856c78068a09d1f7162f06ec43c7e0675f91c9a6130df
cd61d37309df288e285bc59d1c9ec3fc4507ff265b33687d6c445cf10c63642a
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03cb8ca4a83d93849ca6e62a45d14914d796fae092a88f2043a468b9a27df9c
d0db81bef10c1bd6dfdf824a83d1c8df59d0516b6432b72e4906cae06d19be7c
d26dc8e0f543117e511d18da787e445453354869441f45adc469d2b010312427
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd
d31f3d46db0cb1cbe85a8028e04fb2e689280f80410523589f193555e3e65552
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a
d65cc53403d6178f09ee41f1f9b1cdbe4022086d4376db094ac65d41e84f1ca1
da489dcc3cf9cb444da375b154b709dc4bbc4134719f8c0c496f9a7effd59a4b
ddf9964d79fd304f55f0253cb9c7f2def776ff9fe5c47d91cb9ea1f3c9aeedb5
e0577f5cc699d096d77bd1c782f45261337c8fec4bd080639530650e12785da0
e1dedc7a0bc38ce43c6c4eb58a9df2423ca7d1559987723c9bf3d552dfcda8f3
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cff8676d519b035664f8abac49aeb916098c81bc392b9fd6c728933120ed1d
e432b66935ad0ce548868c0768ab8cd609ecff5b6017f484301196d2a6f57101
e4db55b5e08e951509dc2e04a28eb0755760147fee7c0a64c25ffa40c4b58aeb
e4fb5243d8f71436420d15fbf9dbc1b5b2d7b96d1e186d7f24c8a143ae2de492
e6701152297ff536bf907a6566cace758ec7dc842dad945a8a6b56ae0e7d6a3d
e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f
e7e1c88ee94b3ac2a8a1dff5f63f8ae1cd52c1745668a2acdebbaa070aa2ddad
e889b6ae46bcd208ef3e1e531f4ca3a8b9d12989569481e0dceb060d3adbb3f1
eb1b82d375fd2dc57cd886ddbe12dff0c5327b4f9eaffd7d6743596c5f6e41e0
ebad9fa972a9c72ab9a910ba5dd5db724461f9cb04704cacc708c6b0028c45c2
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
eef613ec7ef4624d7bbc3a660a357dd87ccd6473ae0d4fbb2012f0b527fb31ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01cd6902463d93f2fdecedf90ee4bdbabd4c41603604ee9db65a9087894301b
f1a9a0a8069f13552a55d28742c308fbb5bc0d9c6cbb14bbfbde3db8c90937e1
f1f031acac4bb260679ca40ced78634aca191a4b7afd0ddaa4a1c108324c3749
f2d94e76a104b552574a0090853139b9c64321740b4da17cc30938cccafd0e3d
f33134e888b871345712eb616f83f8f4d39185d83763cbf138092de76b5f20e2
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f6fd0df45e5f312d62a1a3577dc328cfd9b9965789e5696be957de878af76b3e
f79b1d1e2c233266e9713e5764459c7d3fd77a332bb33f11c0465bec3a3b458a
fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47
fbdc27db510ab0461c8e635479fbd6408d40104c5ecbac79b3154b4db5596f97
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e
fd05ff0d5eba5b9fa545f227b33fcec1962503972fc3f7e0f87e4b3fde7a41ef
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e
fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b
feb5d4ffbb0918d3533b174265720e1a1beeb2c456ecc6c29635540a9b30923b
ff3cb347449e2b4f63248f760ab9245d33bf3c84fa0492b477a9109736677b66
ffa970c77ba7493f0566a17443539f56200a2bd93781acf82ec0b77cb106e19e