urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
61.91.93.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sanook.com/
Effective URL: https://www.sanook.com/
Submission Tags: falconsandbox
Submission: On June 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 12 countries across 85 domains to perform 409 HTTP transactions. The main IP is 61.91.93.188, located in Thailand and belongs to TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH. The main domain is www.sanook.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 27th 2021. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 61.91.93.188 7470 (TRUEINTER...)
86 150.109.191.116 132203 (TENCENT-N...)
3 2a02:2638::3 44788 (ASN-CRITE...)
4 150.109.206.145 132203 (TENCENT-N...)
1 2a00:1450:400... 15169 (GOOGLE)
2 101.33.11.110 132203 (TENCENT-N...)
3 61.91.94.132 7470 (TRUEINTER...)
2 2a03:2880:f01... 32934 (FACEBOOK)
11 2.18.233.180 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 11 2a00:1450:400... 15169 (GOOGLE)
22 172.217.23.98 15169 (GOOGLE)
1 3 143.204.98.87 16509 (AMAZON-02)
3 104.111.224.62 16625 (AKAMAI-AS)
4 119.81.192.134 36351 (SOFTLAYER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 61.91.94.198 7470 (TRUEINTER...)
7 185.64.189.112 62713 (AS-PUBMATIC)
6 178.250.2.131 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2.21.111.28 16625 (AKAMAI-AS)
18 35.244.159.8 15169 (GOOGLE)
3 9 37.252.172.250 29990 (ASN-APPNEX)
3 2.18.232.7 16625 (AKAMAI-AS)
3 77.245.57.78 36057 (WEBAIR-IN...)
1 101.33.11.48 132203 (TENCENT-N...)
2 2a00:1450:400... 15169 (GOOGLE)
3 185.64.189.115 62713 (AS-PUBMATIC)
1 203.151.130.71 4618 (INET-TH-A...)
2 151.101.13.108 54113 (FASTLY)
4 29 2.18.234.21 16625 (AKAMAI-AS)
1 54.36.109.48 16276 (OVH)
1 2 34.251.130.56 16509 (AMAZON-02)
4 11 76.223.111.131 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
7 8 37.157.5.142 198622 (ADFORM)
2 2 213.155.156.182 1299 (TELIANET ...)
8 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 18 185.64.189.110 62713 (AS-PUBMATIC)
5 5 54.246.13.173 16509 (AMAZON-02)
15 18 142.250.186.98 15169 (GOOGLE)
1 1 185.86.137.132 201081 (SMARTADSE...)
2 2 198.148.27.140 19189 (PULSEPOINT)
5 5 185.29.133.58 30419 (MEDIAMATH...)
4 185.64.190.81 62713 (AS-PUBMATIC)
3 3 51.210.112.63 16276 (OVH)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 159.253.128.188 36351 (SOFTLAYER)
2 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 3.126.56.137 16509 (AMAZON-02)
4 4 2620:116:800d... 16509 (AMAZON-02)
4 4 151.101.114.49 54113 (FASTLY)
6 6 52.58.102.227 16509 (AMAZON-02)
2 2 3.127.166.11 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (TURN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.197.210 14061 (DIGITALOC...)
4 4 66.155.71.149 13768 (COGECO-PEER1)
16 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 6 54.239.17.112 16509 (AMAZON-02)
2 3 18.198.126.47 16509 (AMAZON-02)
2 3 35.227.248.159 15169 (GOOGLE)
1 2 34.251.129.229 16509 (AMAZON-02)
2 2 37.252.172.37 29990 (ASN-APPNEX)
1 1 54.205.198.81 14618 (AMAZON-AES)
1 1 185.183.112.155 60350 (VP)
2 2 51.178.20.139 16276 (OVH)
2 2 18.159.17.140 16509 (AMAZON-02)
4 4 3.66.135.160 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 52.19.7.243 16509 (AMAZON-02)
1 34.107.231.31 15169 (GOOGLE)
7 185.64.190.82 62713 (AS-PUBMATIC)
3 3 213.19.147.45 26120 (RHYTHMONE)
1 1 162.55.6.212 24940 (HETZNER-AS)
1 1 94.23.171.206 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 151.101.13.44 54113 (FASTLY)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 34.204.22.100 14618 (AMAZON-AES)
1 38.27.122.101 174 (COGENT-174)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 54.77.19.59 16509 (AMAZON-02)
1 1 54.175.176.13 14618 (AMAZON-AES)
1 2 3.221.146.169 14618 (AMAZON-AES)
1 151.101.114.110 54113 (FASTLY)
1 162.247.242.18 23467 (NEWRELIC-...)
1 203.151.133.55 4618 (INET-TH-A...)
409 86
8    61.91.93.188 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-188.static.asianet.co.th
www.sanook.com
graph.sanook.com
86    150.109.191.116 (Bangkok, Thailand)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
s.isanook.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    150.109.206.145 (Tokyo, Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
p3.isanook.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    101.33.11.110 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
lvs2.truehits.in.th
3    61.91.94.132 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-132.static.asianet.co.th
sal.isanook.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
11    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
7    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
adservice.google.ch
pagead2.googlesyndication.com
22    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
3    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
sb.scorecardresearch.com
3    104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com
avd.innity.net
4    119.81.192.134 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
1    2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
1    61.91.94.198 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-94-198.static.asianet.co.th
api.u1sf.com
7    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4b0dd50bdb0c7453493cce46dc16ab2b.safeframe.googlesyndication.com
1e73199f2f83d772c56fec2cf8254196.safeframe.googlesyndication.com
3    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
18    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
9    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
3    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
1    101.33.11.48 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
img-as.fsanook.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    203.151.130.71 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 71.130.151.203.sta.inet.co.th
dc.sanook.com
2    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
29    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    54.36.109.48 (France)

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com
id5-sync.com
2    34.251.130.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
11    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.182 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
8    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
18    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
5    54.246.13.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
18    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
5    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
3    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    52.58.102.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-102-227.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.127.166.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prod.perf-serving.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
16    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
22    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadm.exelator.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    34.251.129.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
2    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
1    54.205.198.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
2    18.159.17.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
4    3.66.135.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    52.19.7.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-7-243.eu-west-1.compute.amazonaws.com
global.cloud.netacuity.com
1    34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
p.adlooxtracking.com
7    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
3    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
1    94.23.171.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu
green.erne.co
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    34.204.22.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Hjørring, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    54.175.176.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    3.221.146.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
1    203.151.133.55 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
notification.sanook.com
Apex Domain
Subdomains		 Transfer
93 isanook.com
s.isanook.com
p3.isanook.com
sal.isanook.com
2 MB
59 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
t.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
348 KB
43 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
329 KB
36 googlesyndication.com
4b0dd50bdb0c7453493cce46dc16ab2b.safeframe.googlesyndication.com
tpc.googlesyndication.com
1e73199f2f83d772c56fec2cf8254196.safeframe.googlesyndication.com
pagead2.googlesyndication.com
308 KB
26 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
32 KB
18 openx.net
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
5 KB
16 ampproject.org
cdn.ampproject.org
316 KB
13 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
44 KB
12 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
4 KB
12 google.com
www.google.com
adservice.google.com
2 KB
11 adsrvr.org
match.adsrvr.org
4 KB
10 sanook.com
www.sanook.com
graph.sanook.com
dc.sanook.com
notification.sanook.com
49 KB
8 adform.net
c1.adform.net
4 KB
7 googletagservices.com
www.googletagservices.com
225 KB
6 amazon-adsystem.com
s.amazon-adsystem.com
4 KB
6 bidswitch.net
x.bidswitch.net
2 KB
6 indexww.com
js-sec.indexww.com
6 KB
5 gstatic.com
fonts.gstatic.com
77 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 google.de
www.google.de
adservice.google.de
522 B
4 w55c.net
pm.w55c.net
3 KB
4 sitescout.com
pixel-sync.sitescout.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 innity.com
avd.innity.com
2 KB
3 tapad.com
pixel.tapad.com
1 KB
3 exelator.com
loadm.exelator.com
4 KB
3 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
86 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
3 simpli.fi
um.simpli.fi
2 KB
3 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
1 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 andbeyond.media
rtb-eu.andbeyond.media
832 B
3 teads.tv
a.teads.tv
1 KB
3 innity.net
avd.innity.net
13 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 google-analytics.com
www.google-analytics.com
55 KB
3 criteo.net
static.criteo.net
39 KB
2 audrte.com
a.audrte.com
2 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
559 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 dyntrk.com
gu.dyntrk.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 turn.com
ad.turn.com
943 B
2 perf-serving.com
prod.perf-serving.com
1 KB
2 contextweb.com
bh.contextweb.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
1006 B
2 facebook.com
www.facebook.com
312 B
2 googleadservices.com
www.googleadservices.com
15 KB
2 facebook.net
connect.facebook.net
99 KB
2 truehits.in.th
lvs2.truehits.in.th
4 KB
1 nr-data.net
bam.nr-data.net
275 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 gumgum.com
rtb.gumgum.com
335 B
1 playground.xyz
ads.playground.xyz
487 B
1 bnmla.com
match.bnmla.com
114 B
1 stackadapt.com
sync.srv.stackadapt.com
650 B
1 deepintent.com
match.deepintent.com
44 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
1009 B
1 erne.co
green.erne.co
327 B
1 loopme.me
csync.loopme.me
212 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adlooxtracking.com
p.adlooxtracking.com
3 KB
1 netacuity.com
global.cloud.netacuity.com
406 B
1 jquery.com
code.jquery.com
30 KB
1 adotmob.com
sync.adotmob.com
682 B
1 extend.tv
sync.extend.tv
546 B
1 google.ch
adservice.google.ch
853 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 smartadserver.com
rtb-csync.smartadserver.com
762 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 id5-sync.com
id5-sync.com
532 B
1 fsanook.com
img-as.fsanook.com
32 KB
1 u1sf.com
api.u1sf.com
407 B
1 izooto.com
cdn.izooto.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
42 KB
409 85
Domain Requested by
86 s.isanook.com www.sanook.com
s.isanook.com
26 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.sanook.com
cdn.ampproject.org
tpc.googlesyndication.com
22 securepubads.g.doubleclick.net www.googletagservices.com
www.sanook.com
securepubads.g.doubleclick.net
18 cm.g.doubleclick.net 15 redirects eu-u.openx.net
18 simage2.pubmatic.com 1 redirects ads.pubmatic.com
16 cdn.ampproject.org securepubads.g.doubleclick.net
15 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
11 match.adsrvr.org 4 redirects www.sanook.com
eu-u.openx.net
ssum-sec.casalemedia.com
11 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
9 eu-u.openx.net ads.pubmatic.com
eu-u.openx.net
9 ib.adnxs.com 3 redirects www.sanook.com
acdn.adnxs.com
9 www.google.com 1 redirects www.sanook.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.sanook.com
www.googletagservices.com
8 image2.pubmatic.com ads.pubmatic.com
8 c1.adform.net 7 redirects ads.pubmatic.com
7 t.pubmatic.com www.sanook.com
7 hbopenbid.pubmatic.com www.sanook.com
7 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
6 us-u.openx.net eu-u.openx.net
6 x.bidswitch.net 6 redirects
6 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
6 graph.sanook.com s.isanook.com
6 bidder.criteo.com www.sanook.com
static.criteo.net
5 fonts.gstatic.com fonts.googleapis.com
5 sync.mathtag.com 5 redirects
5 match.prod.bidr.io 5 redirects
4 pm.w55c.net 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 pixel.quantserve.com 4 redirects
4 avd.innity.com avd.innity.net
www.sanook.com
4 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 loadm.exelator.com 2 redirects ads.pubmatic.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 pixel.onaudience.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 rtb-eu.andbeyond.media www.sanook.com
3 a.teads.tv www.sanook.com
3 tencentth-d.openx.net www.sanook.com
3 htlb.casalemedia.com www.sanook.com
3 adservice.google.com securepubads.g.doubleclick.net
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 gum.criteo.com 1 redirects static.criteo.net
3 www.google.de www.sanook.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.sanook.com
3 sal.isanook.com www.sanook.com
3 static.criteo.net www.sanook.com
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 sync.1rx.io 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 dsum.casalemedia.com 1 redirects ssum-sec.casalemedia.com
2 a.sportradarserving.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 secure.adnxs.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 ad.turn.com 2 redirects
2 prod.perf-serving.com 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 bh.contextweb.com 2 redirects
2 d5p.de17a.com 2 redirects
2 acdn.adnxs.com ads.pubmatic.com
2 adservice.google.de securepubads.g.doubleclick.net
2 mug.criteo.com www.sanook.com
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.facebook.com www.sanook.com
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 connect.facebook.net www.sanook.com
connect.facebook.net
2 lvs2.truehits.in.th www.sanook.com
2 www.sanook.com 1 redirects
1 notification.sanook.com www.sanook.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.sanook.com
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 match.bnmla.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 p.adlooxtracking.com www.sanook.com
1 global.cloud.netacuity.com www.sanook.com
1 code.jquery.com www.sanook.com
1 sync.adotmob.com 1 redirects
1 sync.extend.tv 1 redirects
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 1e73199f2f83d772c56fec2cf8254196.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.ch securepubads.g.doubleclick.net
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 spl.zeotap.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 id.crwdcntrl.net www.sanook.com
1 id5-sync.com www.sanook.com
1 dc.sanook.com www.sanook.com
1 img-as.fsanook.com www.sanook.com
1 4b0dd50bdb0c7453493cce46dc16ab2b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 api.u1sf.com s.isanook.com
1 cdn.izooto.com s.isanook.com
1 stats.g.doubleclick.net www.sanook.com
1 www.googletagmanager.com www.sanook.com
409 122
Subject Issuer Validity Valid
*.sanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-27 -
2022-06-27		 a year crt.sh
*.isanook.com
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-10-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2021-02-12 -
2022-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-11 -
2021-12-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-14 -
2021-08-14		 a year crt.sh
*.u1sf.com
DigiCert SHA2 Secure Server CA		 2020-01-21 -
2022-03-16		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
teads.tv
R3		 2021-06-11 -
2021-09-09		 3 months crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2021-02-22 -
2022-03-26		 a year crt.sh
*.fsanook.com
DigiCert SHA2 Secure Server CA		 2019-09-19 -
2021-12-22		 2 years crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.id5-sync.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.cloud.netacuity.com
Amazon		 2021-04-11 -
2022-05-10		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2021-04-30 -
2021-07-30		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-21 -
2022-04-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 49 frames:

Primary Page: https://www.sanook.com/
Frame ID: F8AABB74809E45ACE6E2F322ECA9FC39
Requests: 195 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html
Frame ID: 5C78600C28F111D2BCE29E8D834405D6
Requests: 1 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 7EF8169DFDBFCC2647DF916FF009E80E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7B9E2BA53C1A74B485A323137CCCAB2A
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0B7094F2A030080CB5EA38B7CA854513
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 167DDF9CD3A8E6B86B863584C62A9A13
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 00518DDF7D964CD635CB154B19DD2B33
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZI-ceNT5ht1zV44BV7NnDNUXTI1vxu0S38_xHeUa6dlmn387EXa4Bpyx4vR3KpzV_AYExQ7UvQVlJyclwehs_25IxVXsFFZMKXyN118Bqgh6XFKcb4LHU0FxdGSAkZKkwoZvJVmA97HV0W3DMrc1GCyImzLNiAhrdpXqaT4VYWbx8i5HASs4hAHSwB1jfIeiLgQWojkiFbxyFj1TG5nGWiBMW3U_fe8HnnWY-dz_cs_7xlfPhSO4dwbMfZtRhzWyq665geq1swJNAoTDr36_UsfXPogwLAfnkbCrKdOVSW2XGRuBA7Homg4ozDT1Lm02vKVLCAq6HxkQ&sig=Cg0ArKJSzOsRWNxrSr5yEAE&urlfix=1&adurl=
Frame ID: 58421943F0938AD33034D07EE201CDDA
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssalA2cL86kqsbUpl7k26ehO-eY-i3aHyoHuGcoCK3LJ7ARcbwSmLY9j2hFFJ3fBFYbUtPna4mtxt-_7hr1wnJEBKc4G0hQ60hX5mNDfBg5bCaGaLtuVjeiHphzTGFmwexGE0rif6TsnRloqrblQ7wxO4GgK823Lp_rhlcCt9lLJ-BuFpPUM13kziGM_YfmJImdo55kr4wKGIY32bf6CeCXHn8hdJLLO9wYL24b8WRRhVxo7ci_XYIjFs5XrUST9z-Fz7CVUhT2UmEfvEYIbjxlb2xX6nIKYJXE8Y1BEO9-gUMdVaiqORhRhU-dvqitDupfapwvV6jysbDgS3s&sig=Cg0ArKJSzGtGOawLeBUDEAE&urlfix=1&adurl=
Frame ID: 108D219BBF94E22E5FB813C5AF0C8780
Requests: 5 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 911547EEDD2D8B9D0337EB46B6A5D7EC
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: CCDB94130A0F237394A81481F100C14C
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EE0ACB6623A738F7BCDC683190A52885
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2392827D34B1D411A66D6C7F721DBB50
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 40280079DAB818E5B5C17D6F303BE2E9
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E1D8915D0A3C03DB5AD967BD4D72195C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 708C2354AE910EEA8542EF2098AD180C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: BA69F182E487461E9AD89D42527041CC
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlr28P_EI1unHLtYAL_zJuDFXBqhLFZa9MEmyOb-9nxMs3AqPMGtFn_tlL7fJ8CleWPBVkNACRRtbX6bsyl1-OgBafaeSTjHguTe8Tj79jdg0yJFj1TUf29ZFdoumzl3XUi9twCUTJ2Cn9BRrcPoP7Yg8b2HL32sncoX6qhF72jjIUshk1fJDKzZ6zcL-7v2Z7-6XrK5aZXSFCZX1a4Uq7he3loMAo2QCVheD_j6-XfWgDJIXHWABk_kPxynN6npYIfSsnwnUv8njUs0ifl9RL6GrPbl5clh5dkDE98H4Bc6vIXLBWBIS6pxMDiMVZAaXPHQ9jSLEk3Q&sig=Cg0ArKJSzHnYWun4vaRPEAE&adurl=
Frame ID: F587EA4FA438DD57199464F7176C3736
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BEB6B3E-EE66-479A-A113-AD156D2A8585
Frame ID: 233C35BDCF478ADE6DD1A13122CFA2BF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8704743018942366899
Frame ID: 6800DB3AA7348B1CEDC5E81A3487A322
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F7D90A44FCF5FEB40F5C8BE450459C40
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973535607355472014
Frame ID: 9BF54F6DF635D3EFDC5767EB03AF5D07
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA__k7BjfMAADKabvqv2g
Frame ID: 7DE0DAC58E651928417FC27BD62DD8CB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 952F064AC2C028995F9A3F6063E93FD1
Requests: 17 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BF514E0EE72AEB35D880F044E615E64A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BD20A27F120C3C257B68BD45AA784F4C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9728BA9AB25A22FB9ABD370981E473C7
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4R8svPhrQeREjakKlZZf7VtuGz00PDbhwadoQYoUQS5Jrz6omQObXwzRppSGUIIcUoSmh3piXQ0dIuMd6AR0cKVayB6ErNBwR263oRO5AX9qOn0yXHk-SyCK27FUk1NdxcoRFI7B47VI7zi2Z6INWeXPoX5XLNFr4QYjKP0Y4GN1iHuboovPPFh1WUVjaXqRutHQDqkQO90szrUePf1m9DsoIymDrhZzKCFgOFk5GNaTlqNVspMtta3lwB9vVWaze7v5I25pjY8-Gx9ihDHtnHdsc74JgjhlYr6oXKE9DQLAoseE&sig=Cg0ArKJSzFwfZw_edU1vEAE&urlfix=1&adurl=
Frame ID: C9B70C9E87884141C04234F86B97FC21
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 36412D4290D7E1465EC6D198D279FE37
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 518110E86CD7467EEAE4A4907EF8B9E1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2F468AC5B569E5D4084A08FCAF7AC9E6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 3275796FEAEBA4AD78B133C5EF3036E3
Requests: 18 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003
Frame ID: F48C28877FAFFF2B12F4A10D36CECE4A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: C6190BD5BBB4656C10BA6ED2EC1D287B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aGRTeHpJYNm6LVbfz39JW-VP
Frame ID: 17AD7060C52BBE9A3F9FB8E364F1A6A7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: EA0D0438E6086BD6233409B3C8231051
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: CEB944C9BDFEDB908DA8CA7D31204DFE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 639E087ACF7BDC87BAA6DA8053786D5B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=otERy3TvvmEt&pid=557219
Frame ID: BD7DA8927F5A47BEB015EECDCE7A1BDB
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a136259-8f15-489e-9c45-1a50c0174b66-tuct7c07f33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 34F38BFBE96C8D50A0178F7006E13CB7
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 2A1EE291C09E8278BAB3EA51C890F276
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pVLtIVl2RhJD6Ff7xoYLq1uEiIw
Frame ID: C0C6C64C6271D04AD9F9F00D578C6EE5
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Frame ID: 8FF2E2DB13B25B8999148CCAE6C536DD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oY5VY1KW1LSGgb5&gdpr=0&gdpr_consent=
Frame ID: D6D0DDA5500881FDA3399E1766248422
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2DF79FBBC614B029EF6A431CA04A6F7
Frame ID: B5289372EC1A02A359083444CC7BA046
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 91011EA6CA8D69AE126B56C0BB890122
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 6EF29CD36ED5C5215CB2BA7954F11BB1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 0BF555CCF92921EDCDD510170169BB7B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED5C46C685ACB66D7DE3D1F122A98D09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.sanook.com/ HTTP 302
    https://www.sanook.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

409
Requests

99 %
HTTPS

31 %
IPv6

85
Domains

122
Subdomains

86
IPs

12
Countries

3920 kB
Transfer

12045 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sanook.com/ HTTP 302
    https://www.sanook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HbdZxXxIelNwSzRiTTI0dTBuQ0htTUlNTHdJaTJ5MlpoYllxcGsveC9iSlFFVFFRandSV1BPVWJmSEtNU3VpelkrdlRCZG56bWZwQWEwZDZzTGdrbjl0dWxUay9md0xQMTVsMzRJYkNSNFJSeGNLdjg2WEY3S01VSkxqUWxXQWM3aFRJc01uVFdTU2ZuczQ0dllnMFVxc0EycHNidGR6bTNQQ2ZsdXhyVmZNeTVuWTAwRFE0SFh1WWlJSjVETnlrZ1BNZ24vcHdUeTUzTkRXR1BhVFdUTzBoSDlRQUZXZWNrTUJoYU1Wdnc5QVBuU3ZVPXw&cppv=2
Request Chain 78
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1162153147&cv=9&fst=1623652782356&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rvnGYMHNGJT3gAf_gZs4&sscte=1&crd=&eitems=ChEI8NmWhgYQruSrxuLU0aOgARIdAIiQ94z1zehLtVEe1mcSvO9Gxkih0beDVcPsje4 HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1162153147&cv=9&fst=1623652782356&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rvnGYMHNGJT3gAf_gZs4&cid=CAQSKQCNIrLMzjGHhQNhNSXmrP7_UU_FyQqLIPpZaqbrm-5lyrvzlgJ04jf9&eitems=ChEI8NmWhgYQruSrxuLU0aOgARIdAIiQ94zYlolh5MnEVoBEGSxxZfrHB1TGIjDwafU&random=1144999242&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1162153147&cv=9&fst=1623652782356&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rvnGYMHNGJT3gAf_gZs4&cid=CAQSKQCNIrLMzjGHhQNhNSXmrP7_UU_FyQqLIPpZaqbrm-5lyrvzlgJ04jf9&eitems=ChEI8NmWhgYQruSrxuLU0aOgARIdAIiQ94zYlolh5MnEVoBEGSxxZfrHB1TGIjDwafU&random=1144999242&resp=GooglemKTybQhCsO&ipr=y
Request Chain 84
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1623652783023&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623652783023&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
Request Chain 152
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1623652784284 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1623652784284 HTTP 302
  • https://avd.innity.com/sync/?partner=appnexus&token=4238030769023193479&type=cookie&itmcb=1623652784284
Request Chain 193
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3BEB6B3E-EE66-479A-A113-AD156D2A8585 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BEB6B3E-EE66-479A-A113-AD156D2A8585
Request Chain 194
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8704743018942366899
Request Chain 196
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973535607355472014
Request Chain 197
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBX19rN0JqZk1BQURLYWJ2cXYyZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA__k7BjfMAADKabvqv2g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6683934870527725497 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAA__k7BjfMAADKabvqv2g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D6683934870527725497%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=6683934870527725497&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAA__k7BjfMAADKabvqv2g&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA__k7BjfMAADKabvqv2g
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O-trPu5mR5qhE60VbSqFhQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 199
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c18460c6-f9b1-4500-8e41-815624057569
Request Chain 200
  • https://pixel.onaudience.com/?partner=214&mapped=3BEB6B3E-EE66-479A-A113-AD156D2A8585 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6c16abb3d0e9114556947689f526c5f0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=3cbe2ceb-017c-4329-a88c-e8b3505c211e&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=a262c5e9d136a2c6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c9d7546e-0e07-4f7a-4aff-c84f10cb8d0e&reqId=922e0eb0-144c-4090-527c-a7e018174e23&zcluid=a262c5e9d136a2c6&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c9d7546e-0e07-4f7a-4aff-c84f10cb8d0e&reqId=922e0eb0-144c-4090-527c-a7e018174e23&zcluid=a262c5e9d136a2c6&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJEePblpTJWo6nxhf_wRwow&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c9d7546e-0e07-4f7a-4aff-c84f10cb8d0e&reqId=922e0eb0-144c-4090-527c-a7e018174e23&zcluid=a262c5e9d136a2c6&zdid=1332
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0JFQjZCM0UtRUU2Ni00NzlBLUExMTMtQUQxNTZEMkE4NTg1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAAKJvflXgLTtoxRKvRL5ZY&google_cver=1
Request Chain 204
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&gdpr=0&gdpr_consent=
Request Chain 205
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1440206410165877309
Request Chain 206
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cbe2ceb-017c-4329-a88c-e8b3505c211e
Request Chain 207
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4238030769023193479&gdpr=0&gdpr_consent=
Request Chain 209
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G41rBBBE2uWLdHMgXvMr84owcnz0W.E-~A&gdpr=0&gdpr_consent=
Request Chain 210
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT
Request Chain 211
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YMb5tAABhJ8d4QBg HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMb5tAABhJ8d4QBg&gdpr=0&gdpr_consent=&_test=YMb5tAABhJ8d4QBg
Request Chain 212
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=ac1d81ff-871a-4c4d-bc64-065ac94db0e5&ssp=pubmatic&user_group=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 213
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2731647555875736110&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 215
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d3f70248-b0e6-45ad-a70d-1d879eb727ef&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 216
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&gdpr=0&gdpr_consent=
Request Chain 232
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=59f060c6-f9b1-4000-919c-a2d15c118453
Request Chain 233
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NSbDrGUvwqoudMOiNHSNqzVwk_gucsKoOy8K0pBL
Request Chain 234
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1440206410165877309
Request Chain 237
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
Request Chain 242
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=680260c6-f9b1-4000-bfe0-ec9d8e1be637
Request Chain 243
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Zmq5sjZjuLR9OLmzNGn35jU86eZ9YuuzNGka0t08
Request Chain 244
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=718171576702452188
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
Request Chain 248
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e63e60c6-f9b1-4c00-8395-d283e681b223
Request Chain 249
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3Y1bw42EWsXG31uW2oQVxIiLDc3G3l7Gid-eWMVQ
Request Chain 250
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7734921317384708750
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
Request Chain 288
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
Request Chain 289
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMb5sNxV6AU6UnECs.C0dQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
Request Chain 291
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348%2526expiration%253D1626244785 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348%26expiration%3D1626244785 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348%26expiration%3D1626244785 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&expiration=1626244785
Request Chain 292
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YMb5sNxV6AU6UnECs.C0dQAA%261164?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMb5sNxV6AU6UnECs.C0dQAA%261164
Request Chain 293
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4238030769023193479
Request Chain 300
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
Request Chain 303
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMb5sNxV6AU6UnECs.C0dQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
Request Chain 304
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=01e1ade7-6ca7-4136-8cbe-b262fe079f5e
Request Chain 305
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06592204006349aacc3ae352&expiration=[EXPIRATION]
Request Chain 306
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_60c6f9b47ca5f&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60c6f9b47ca5f
Request Chain 307
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YMb5tAABhKAd7wBg HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMb5tAABhKAd7wBg&_test=YMb5tAABhKAd7wBg
Request Chain 310
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
Request Chain 312
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMb5sNxV6AU6UnECs.C0dQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
Request Chain 313
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E2DF79FBBC614B029EF6A431CA04A6F7
Request Chain 314
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9cfaef82-acf5-4995-bb60-1076cd0f2390&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b&C=1
Request Chain 315
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2731647555875736110
Request Chain 316
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=PvF8ziUu1LSGgb5
Request Chain 373
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1002512638 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3cbe2ceb-017c-4329-a88c-e8b3505c211e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003
Request Chain 374
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 375
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aGRTeHpJYNm6LVbfz39JW-VP
Request Chain 378
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 379
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=otERy3TvvmEt&pid=557219
Request Chain 380
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a136259-8f15-489e-9c45-1a50c0174b66-tuct7c07f33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 382
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pVLtIVl2RhJD6Ff7xoYLq1uEiIw
Request Chain 383
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Request Chain 384
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oY5VY1KW1LSGgb5&gdpr=0&gdpr_consent=
Request Chain 385
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2DF79FBBC614B029EF6A431CA04A6F7
Request Chain 387
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&addseg=31
Request Chain 388
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3BEB6B3E-EE66-479A-A113-AD156D2A8585&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3BEB6B3E-EE66-479A-A113-AD156D2A8585&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 390
  • https://loadm.exelator.com/load/?p=204&g=71&buid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 391
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4238030769023193479
Request Chain 392
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6
Request Chain 393
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5022bd08-ccdb-11eb-8aef-4b13e082f862&gdpr=0&gdpr_consent=
Request Chain 398
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3BEB6B3E-EE66-479A-A113-AD156D2A8585 HTTP 302
  • https://a.audrte.com/p

409 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/
Redirect Chain
  • http://www.sanook.com/
  • https://www.sanook.com/
645 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
91126bd23024bcc95cf11e76e6536b93ac1d1ef6f2307bc611f97a0c929c1378
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Host
www.sanook.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 14 Jun 2021 06:39:40 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
SN-Cache-Status
HIT
X-Ua-Device
desktop
X-Ua-Type
human
X-Ua-Key
cover_display
X-Ua-Exp
notset
X-Ua-isExpReadpage
0
X-Ua-shouldPass
0
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;

Redirect headers

Server
nginx
Date
Mon, 14 Jun 2021 06:39:39 GMT
Content-Type
text/html
Content-Length
151
Connection
keep-alive
Location
https://www.sanook.com/
Strict-Transport-Security
max-age=15724800; includeSubDomains;
styles.e0e44015.chunk.css
s.isanook.com/sr/0/_next/static/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/styles.e0e44015.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 04:24:16 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 04:22:04 GMT
server
Lego Server
age
0
etag
W/"60c2e4ec-8b78"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12731410581421376981
accept-ranges
bytes
content-length
7608
expires
Sun, 11 Jul 2021 04:24:16 GMT
38fdbeae34e88c3c48ae9d63cd9aa8c0bd527c6e.e122f107.chunk.css
s.isanook.com/sr/0/_next/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/38fdbeae34e88c3c48ae9d63cd9aa8c0bd527c6e.e122f107.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 08:12:31 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
age
6699
ntcoent-length
7115
content-length
1737
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
etag
"60c30c3a-1bcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14300188693820686349
accept-ranges
bytes
expires
Mon, 12 Jul 2021 08:12:31 GMT
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 00:30:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 16 May 2018 08:30:09 GMT
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6347024678740172871
accept-ranges
bytes
content-length
548
expires
Sat, 10 Jul 2021 00:30:53 GMT
publishertag.js
static.criteo.net/js/ld/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:10:01 GMT
server
nginx
etag
W/"60b79139-1d469"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 15 Jun 2021 06:39:42 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		375 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
etag
"5296e90f-177"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
5760981999269195470
accept-ranges
bytes
content-length
266
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		0
0
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0NzMvYmFuZ2tvay5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0NzMvYmFuZ2tvay5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
112622e9973f370ad52d62bebb929e22e961f23fe6a1f55f99579d25fa24f79f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:13:07 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10373885826478666728
accept-ranges
bytes
content-length
34774
expires
Wed, 14 Jul 2021 06:13:07 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0ODEvZmxvb29vLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0ODEvZmxvb29vLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
eb62a61163d0dac1fbf6fa43e340ed872eca9ab1377ed4b15d4804de4a74086f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:18:29 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9135520432549697363
accept-ranges
bytes
content-length
7866
expires
Wed, 14 Jul 2021 06:18:29 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjI3NDEvbmV3cHJvamVjdC0yMDIxLTA2LTEwdDEzNTUuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjI3NDEvbmV3cHJvamVjdC0yMDIxLTA2LTEwdDEzNTUuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e8436467b72c413f99991d3952ef646b2c963da409bd728f83f86a479a0cbe74

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 05:12:28 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9460169965647730460
accept-ranges
bytes
content-length
7261
expires
Wed, 14 Jul 2021 05:12:28 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0NDEvcF9zcG9ydC0yMDIxLTA2LTE0dDA5MzMwOC4xLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0NDEvcF9zcG9ydC0yMDIxLTA2LTE0dDA5MzMwOC4xLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a531b434701d61f81d8c01d369d309f34e49be29156ef432f0f4ff3e066a51ed

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 05:12:28 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4755356413721587618
accept-ranges
bytes
content-length
6170
expires
Wed, 14 Jul 2021 05:12:28 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0NTMvY29sbGFnZS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0NTMvY29sbGFnZS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
99b55458db648927887e86a12c2345c021fc20eab9dacaaa6ceab24e8e25b2c9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 05:12:28 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15804396639072899266
accept-ranges
bytes
content-length
6002
expires
Wed, 14 Jul 2021 05:12:28 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEwLzE1NTM1MDUvdHVtKDMpLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEwLzE1NTM1MDUvdHVtKDMpLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
0be44fe931e5afb75e5ea88fc0177f7a33d328265342cd67860cb89b5bae8dca

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 05:12:28 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
420685371215907344
accept-ranges
bytes
content-length
4302
expires
Wed, 14 Jul 2021 05:12:28 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0MjUvdG9jLXBzZCg2KS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0MjUvdG9jLXBzZCg2KS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bd6c3fb45b3ab487787672f998d74fa8c849149538e2aaa54a4c981bb42fd321

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 05:07:11 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6118238687103310491
accept-ranges
bytes
content-length
5224
expires
Wed, 14 Jul 2021 05:07:11 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjM3MjkvdG5ob21lMTQyLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjM3MjkvdG5ob21lMTQyLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d5737c3b78bc7e3e590bd9955a0dde2d76b0ace243d312e53326bc2f9974a055

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 05:12:28 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14608285054230597852
accept-ranges
bytes
content-length
5936
expires
Wed, 14 Jul 2021 05:12:28 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQzNjkvbWV3LmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQzNjkvbWV3LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a87d98db8d2e625fb5c5a63b289373847b0729882d9f3b1efdfb0852dd8a7aa9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:28:56 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17430261385810432980
accept-ranges
bytes
content-length
7537
expires
Wed, 14 Jul 2021 06:28:56 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0MTMvc2hpYmEuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0MTMvc2hpYmEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
6f449cb6e903f8e3ceaa9a6b7a0302dd23fec5db708e29c8035df6e008d00894

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 05:07:11 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4255476034094758433
accept-ranges
bytes
content-length
7380
expires
Wed, 14 Jul 2021 05:07:11 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzAwLzE1MDAyODUvaG9tZS1zd2VldC1ob21lLSgxKS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzAwLzE1MDAyODUvaG9tZS1zd2VldC1ob21lLSgxKS5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
949b55a6243955874bb11a7ec835b30d1dc68ddc67a9282a12b5bc87eab0d0c8

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 09:59:57 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16305955852667950300
accept-ranges
bytes
content-length
2736
expires
Fri, 09 Jul 2021 09:59:57 GMT
category.js
s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/common/ 		627 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/common/category.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
de018589e83964192bc0b93f0e5845f1b8522ba38e0b32f32eec0059fee05671

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:18:49 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:44 GMT
server
Lego Server
age
0
etag
W/"60c30c38-9cb2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8500902161800617264
accept-ranges
bytes
content-length
143678
expires
Sun, 11 Jul 2021 07:18:49 GMT
_app.js
s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/ 		329 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/_app.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d50126f40941fdf368ad2735ddcca8de9736054b64452c8e167068d9ff3f7966

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
337284
server
Lego Server
age
0
etag
W/"60c30c39-52584"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16354655572749926051
accept-ranges
bytes
content-length
67355
expires
Sun, 11 Jul 2021 07:15:05 GMT
webpack-ed8f02f568349b9b99fb.js
s.isanook.com/sr/0/_next/static/runtime/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/webpack-ed8f02f568349b9b99fb.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2f395f4fba1edd1dd7579e71e3b76a37b92062ed5d0fe3215edbb09a7f4c7ff9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
age
28
etag
W/"60c30c3a-1a4d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
12647910806365770681
accept-ranges
bytes
content-length
3019
expires
Mon, 12 Jul 2021 10:03:39 GMT
framework.a8c446334694403b7af5.js
s.isanook.com/sr/0/_next/static/chunks/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework.a8c446334694403b7af5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
2
etag
W/"60c30c39-220b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9342173901826825427
accept-ranges
bytes
content-length
46310
expires
Mon, 12 Jul 2021 10:03:38 GMT
231dba074b3acb49502f48dc8fe87ac2102e269f.6ee61761ec68b3509c52.js
s.isanook.com/sr/0/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/231dba074b3acb49502f48dc8fe87ac2102e269f.6ee61761ec68b3509c52.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
age
0
etag
W/"60c30c39-1995"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
1412420873724619530
accept-ranges
bytes
content-length
2437
expires
Sun, 11 Jul 2021 07:15:05 GMT
4d7625eb7b93b3067e79b95161f8c0eae0a6c123.72cd02f786ed330dfcb4.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4d7625eb7b93b3067e79b95161f8c0eae0a6c123.72cd02f786ed330dfcb4.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f0b002f3bbd864cec1fe3869c5add1468504ef19e6593bb5fb5c3a498c3edb9e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
7663
server
Lego Server
age
0
etag
W/"60c30c39-1def"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
11618227229783977312
accept-ranges
bytes
content-length
2492
expires
Mon, 12 Jul 2021 10:03:38 GMT
15104d9fb99304137da1da4517712eefa829d91d.f730df8e8b37583cb0b9.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/15104d9fb99304137da1da4517712eefa829d91d.f730df8e8b37583cb0b9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ef4e71e9a2ab98f6494be890955e6426a21459dd86f030cce59f05e61b9b5016

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:19:06 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
96272
etag
W/"60c30c39-320a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9527479581629872307
accept-ranges
bytes
content-length
4839
expires
Sun, 11 Jul 2021 07:19:06 GMT
7cdf05257b2e548d6341e21b7b0d4f96890e8427.b7595c8340c8fcd5e360.js
s.isanook.com/sr/0/_next/static/chunks/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7cdf05257b2e548d6341e21b7b0d4f96890e8427.b7595c8340c8fcd5e360.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
48628
server
Lego Server
age
0
etag
W/"60c30c3a-bdf4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9346714199104693112
accept-ranges
bytes
content-length
17703
expires
Sun, 11 Jul 2021 07:15:05 GMT
082b752612d0d784dd388de60090549239aef446.e4725ddb2c84cda01172.js
s.isanook.com/sr/0/_next/static/chunks/ 		150 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/082b752612d0d784dd388de60090549239aef446.e4725ddb2c84cda01172.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
153182
server
Lego Server
age
0
etag
W/"60c30c39-2565e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16906372058978294740
accept-ranges
bytes
content-length
44078
expires
Sun, 11 Jul 2021 07:15:05 GMT
b3575bd676ac9f2adb6479b2916df145c5558fbb.7a1a2b2083b0c66bf6e7.js
s.isanook.com/sr/0/_next/static/chunks/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/b3575bd676ac9f2adb6479b2916df145c5558fbb.7a1a2b2083b0c66bf6e7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
40871
server
Lego Server
age
0
etag
W/"60c30c39-9fa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16510090159749996578
accept-ranges
bytes
content-length
14025
expires
Sun, 11 Jul 2021 07:15:05 GMT
eb2ea99ac599d86fab0119e62a2a5d0f1810021b.af027d836b2282fda407.js
s.isanook.com/sr/0/_next/static/chunks/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/eb2ea99ac599d86fab0119e62a2a5d0f1810021b.af027d836b2282fda407.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
40360
server
Lego Server
age
95231
etag
W/"60c30c39-9da8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1177715246074038778
accept-ranges
bytes
content-length
12342
expires
Sun, 11 Jul 2021 07:15:05 GMT
eeee793da282b04b97db73c179a290439f43227e.2ecb9e18e02fabaac6c7.js
s.isanook.com/sr/0/_next/static/chunks/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/eeee793da282b04b97db73c179a290439f43227e.2ecb9e18e02fabaac6c7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:18:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
0
etag
W/"60c30c39-f905"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
389409189669828923
accept-ranges
bytes
content-length
19637
expires
Sun, 11 Jul 2021 07:18:46 GMT
32c2826d7d463f3f5baf7903d9b570a40482cdd1.df1b8256edfb641f58c1.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/32c2826d7d463f3f5baf7903d9b570a40482cdd1.df1b8256edfb641f58c1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
28c9dee7d73d99d6c8060ffec9466505dfa7c20780a0b4351aa21d95c775d3bb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:18:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
0
etag
W/"60c30c39-49e2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8087967170972617224
accept-ranges
bytes
content-length
6104
expires
Sun, 11 Jul 2021 07:18:46 GMT
2d78c493cedd33b9adacfe1edf70208ed84f7b42.a8fb52492d8c75ebc0a9.js
s.isanook.com/sr/0/_next/static/chunks/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/2d78c493cedd33b9adacfe1edf70208ed84f7b42.a8fb52492d8c75ebc0a9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2605f455c564da350e89e78c1671e36180559e717367457a623253a9ac6172cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:18:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
age
0
etag
W/"60c30c3a-4cdc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12946661163564453300
accept-ranges
bytes
content-length
6857
expires
Sun, 11 Jul 2021 07:18:46 GMT
f710081da6a56584eda05a53f514e3a1a848fc6b.c5fca7a1defe30181f54.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/f710081da6a56584eda05a53f514e3a1a848fc6b.c5fca7a1defe30181f54.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
40baa072e8d2fda318d7997982fd82f709bc517e6ccded90d510f5cf0d694c74

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:18:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
0
etag
W/"60c30c39-2e11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17203451788175124116
accept-ranges
bytes
content-length
3452
expires
Sun, 11 Jul 2021 07:18:46 GMT
5c2ce1b90f5a5547af86098b9935ea82665f5fcb.d2cf53f0a65b4453ffa9.js
s.isanook.com/sr/0/_next/static/chunks/ 		284 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5c2ce1b90f5a5547af86098b9935ea82665f5fcb.d2cf53f0a65b4453ffa9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
95441ab1d14f5ff3b83ed2f068960a5cefb92f0c808b3464af0ca4a4b86ddd93

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
290741
server
Lego Server
age
0
etag
W/"60c30c3a-46fb5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
12453334592144291509
accept-ranges
bytes
content-length
50386
expires
Mon, 12 Jul 2021 10:03:39 GMT
77557ee1ad2cbeab3f421b3f4b88a5a1b932160b.db1b049ee320c7a7c3f9.js
s.isanook.com/sr/0/_next/static/chunks/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/77557ee1ad2cbeab3f421b3f4b88a5a1b932160b.db1b049ee320c7a7c3f9.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
30574
server
Lego Server
age
95437
etag
W/"60c30c39-776e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16213957088975575462
accept-ranges
bytes
content-length
7107
expires
Sun, 11 Jul 2021 07:15:05 GMT
styles.0ca305d73607ebe4ae5a.js
s.isanook.com/sr/0/_next/static/chunks/ 		107 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/styles.0ca305d73607ebe4ae5a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4996a083825c331e56e13372d3eb0660679a2c19b84032b9bcc6eb1e0792f569

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 16:22:34 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 02 Jun 2021 09:37:03 GMT
server
Lego Server
age
232184
etag
"60b7513f-6b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13906655015874696917
accept-ranges
bytes
content-length
107
expires
Tue, 06 Jul 2021 16:22:34 GMT
main-2908131e712561857f39.js
s.isanook.com/sr/0/_next/static/runtime/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
9eab4bc0eec58056c3b00a50a62561731b2620c59302f501f34ba4de6421aa31

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 08:14:20 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
age
68343
ntcoent-length
13391
content-length
5063
last-modified
Tue, 08 Jun 2021 07:57:58 GMT
server
Lego Server
etag
"60bf2306-344f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3326943850121533985
accept-ranges
bytes
expires
Thu, 08 Jul 2021 08:14:20 GMT
5aa15df406396602b179cd01c6224a59e1cf64de.ba405c7daaf7facffe5c.js
s.isanook.com/sr/0/_next/static/chunks/ 		251 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5aa15df406396602b179cd01c6224a59e1cf64de.ba405c7daaf7facffe5c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fec554dc67cf85228a5b76981f07b368a75d285eddd3d67f2537eb61fd6d9f10

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
256560
server
Lego Server
age
0
etag
W/"60c30c39-3ea30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10018196496616359620
accept-ranges
bytes
content-length
19887
expires
Sun, 11 Jul 2021 07:15:05 GMT
ff37df730c7793373376decd03e6beecad49a901.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ff37df730c7793373376decd03e6beecad49a901.02e73207f7dab7fbde40.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
age
0
etag
W/"60c30c3a-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
11783973965735232743
accept-ranges
bytes
content-length
5447
expires
Mon, 12 Jul 2021 10:03:39 GMT
bd254c9df33cca0a17600841aa713c71dc78bc8b.a75629a2097adec5378c.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/bd254c9df33cca0a17600841aa713c71dc78bc8b.a75629a2097adec5378c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
808f3c02d6505b24bf51b011d778f5bff0293dbae9cd5629de180a9953033a98

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13459
server
Lego Server
age
0
etag
W/"60c30c39-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10582677400893203546
accept-ranges
bytes
content-length
4584
expires
Mon, 12 Jul 2021 10:03:38 GMT
75cd28269567a86fabea054c37dc965d8aab65d0.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/75cd28269567a86fabea054c37dc965d8aab65d0.8c7201dca81875cd9bba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:18:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
0
etag
W/"60c30c39-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
6135600005168191664
accept-ranges
bytes
content-length
3936
expires
Sun, 11 Jul 2021 07:18:46 GMT
7d0d8c4a97dd5d31ff602908d972a53646db5957.901184d07d2ed5be15bd.js
s.isanook.com/sr/0/_next/static/chunks/ 		212 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7d0d8c4a97dd5d31ff602908d972a53646db5957.901184d07d2ed5be15bd.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e1dedc7a0bc38ce43c6c4eb58a9df2423ca7d1559987723c9bf3d552dfcda8f3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:18:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
0
etag
W/"60c30c39-3519a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
573910485055674101
accept-ranges
bytes
content-length
48376
expires
Sun, 11 Jul 2021 07:18:46 GMT
ead303fed4cd688baabd88169095391e68ae01fb.6fe0d2db4ad1278b3e1b.js
s.isanook.com/sr/0/_next/static/chunks/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ead303fed4cd688baabd88169095391e68ae01fb.6fe0d2db4ad1278b3e1b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:23:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
age
96042
ntcoent-length
15402
content-length
3673
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
etag
"60c30c3a-3c2a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
418923671646404827
accept-ranges
bytes
expires
Sun, 11 Jul 2021 07:23:28 GMT
6351332d16a43db46073e2a55785ed28a6e76188.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/6351332d16a43db46073e2a55785ed28a6e76188.373763efdd431ed68264.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
34596
server
Lego Server
age
96281
etag
W/"60c30c39-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7214991582948727973
accept-ranges
bytes
content-length
8098
expires
Sun, 11 Jul 2021 07:15:05 GMT
ac4e64ed3831744c000de578960cb434b1ac9c7b.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ac4e64ed3831744c000de578960cb434b1ac9c7b.1c26ec41cba2d9195163.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
5823
server
Lego Server
age
0
etag
W/"60c30c39-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
17641747604290182750
accept-ranges
bytes
content-length
2659
expires
Sun, 11 Jul 2021 07:15:05 GMT
ab6616f735c410e0590c1cf4ae61b8096b09faad.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ab6616f735c410e0590c1cf4ae61b8096b09faad.99c2898dcbff2a789c9c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
29385
server
Lego Server
age
96281
etag
W/"60c30c39-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
381513857953325145
accept-ranges
bytes
content-length
5322
expires
Sun, 11 Jul 2021 07:15:05 GMT
38fdbeae34e88c3c48ae9d63cd9aa8c0bd527c6e.d78986082232a551f17b.js
s.isanook.com/sr/0/_next/static/chunks/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/38fdbeae34e88c3c48ae9d63cd9aa8c0bd527c6e.d78986082232a551f17b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
56e6ed5bbbb9077c8bfdda4d8ca32afff6c7368bb1ade4a6f57ecf3a26df870c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
53732
server
Lego Server
age
96294
etag
W/"60c30c3a-d1e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
13053377054673848619
accept-ranges
bytes
content-length
14349
expires
Sun, 11 Jul 2021 07:15:05 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
df89dd8124d1fb8287620db7097cd5102c2a7c6a6c8e009c98300cd2f2de6086

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
4893
server
Lego Server
age
0
etag
W/"60c30c38-131d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
12676988229540318593
accept-ranges
bytes
content-length
1743
expires
Sun, 11 Jul 2021 07:15:05 GMT
oppa.js
p3.isanook.com/sh/0/js/ 		537 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
server
Lego Server
etag
W/"591c0bd4-219"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10832782239771557295
accept-ranges
bytes
content-length
363
db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
s.isanook.com/sr/0/js/izooto/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
dc8acdb75d8e5a18b6c02d03a842bf4383df926b7a4aad907614a037e5eaa277

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 01:22:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
122756
server
Lego Server
age
204068
etag
W/"PSA-aj-4UqXOPMF_n"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10673214514701050707
accept-ranges
bytes
content-length
34490
expires
Sat, 10 Jul 2021 01:07:17 GMT
gtm.js
www.googletagmanager.com/ 		133 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b43d9136d2689ffdaa1aa4468624e6316027ac849d8392c02b7e33d56ba7583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42904
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Jun 2021 06:39:42 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.110 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 06:39:42 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Disktank3 Gz
Last-Modified
Thu, 10 Jun 2021 07:02:00 GMT
Server
NWS_Oversea_AP
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
max-age=604800
X-NWS-LOG-UUID
59085247-8efb-4ee0-ac86-a3f70e7e60cc
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
2946
Expires
Mon, 21 Jun 2021 06:39:41 GMT
a102.js
sal.isanook.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-132.static.asianet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
24035
date
Mon, 14 Jun 2021 06:39:43 GMT
content-encoding
gzip
last-modified
Mon, 10 Aug 2020 09:23:14 GMT
server
nginx
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10300
expires
Wed, 14 Jul 2021 06:39:43 GMT
fbevents.js
connect.facebook.net/en_US/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24515
x-fb-rlafr
0
pragma
public
x-fb-debug
35faBpypm+SVrNFTEiRBk7HBYnvcD3dXF9qt2SUA29o2aJdyYsFBgm5lq6+tL7cLx5LoZVG9nTeM79LU5fq0NQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 14 Jun 2021 06:39:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo-sanook.svg
s.isanook.com/sr/0/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 07:31:00 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 09 Jun 2021 04:46:54 GMT
server
Lego Server
age
0
etag
W/"60c047be-1633"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
11288311925701205461
accept-ranges
bytes
content-length
5683
expires
Fri, 09 Jul 2021 07:31:00 GMT
wetv-g.svg
s.isanook.com/sr/0/images/homewetv/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/homewetv/wetv-g.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 08:51:47 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 04 Jun 2021 06:09:41 GMT
server
Lego Server
age
326171
etag
W/"60b9c3a5-113a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14517053311566704063
accept-ranges
bytes
content-length
4410
expires
Mon, 05 Jul 2021 08:51:47 GMT
covid-bg.png
s.isanook.com/sr/0/images/events/2020/covid2019/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2020/covid2019/covid-bg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7f90dcd0fba90d90c2bb4b845ecacdfb21873fef07fc57d931fce0a5a43f4a40

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 10:05:37 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 09 Jun 2021 04:46:46 GMT
server
Lego Server
age
0
etag
"60c047b6-c8d"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2590889287777182452
accept-ranges
bytes
content-length
3213
expires
Fri, 09 Jul 2021 10:05:37 GMT
base-icon-v1.0.33.woff2
s.isanook.com/sr/0/fonts/icon/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.33.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 03:42:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 03:31:26 GMT
server
Lego Server
age
0
etag
"60c2d90e-886c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
13839365120706597079
accept-ranges
bytes
content-length
34924
expires
Sun, 11 Jul 2021 03:42:53 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 03:54:10 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 09 Jun 2021 04:46:45 GMT
server
Lego Server
age
194970
etag
"60c047b5-7a90"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
14129818082617032705
accept-ranges
bytes
content-length
31376
expires
Sat, 10 Jul 2021 03:54:10 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 22:23:27 GMT
x-cache-lookup
Cache Hit
last-modified
Wed, 02 Jun 2021 09:37:06 GMT
server
Lego Server
age
449361
etag
"60b75142-7df4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6900765909841599830
accept-ranges
bytes
content-length
32244
expires
Sat, 03 Jul 2021 22:23:27 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
last-modified
Wed, 09 Jun 2021 02:13:01 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a0a4a-1896b8-5c44bd063c1a9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=37277
accept-ranges
bytes
content-type
text/javascript
content-length
198970
expires
Mon, 14 Jun 2021 17:00:59 GMT
goggen.php
lvs2.truehits.in.th/ 		91 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=yA1RX46rXb%2bDzXMUH/wxfQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=52E532D1.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.110 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 06:39:42 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
no-cache
X-Daa-Tunnel
hop_count=2
X-NWS-LOG-UUID
d0c07f7d-5b5b-4102-b5d5-2327d15d15d8
Connection
keep-alive
Content-Type
image/jpeg
1489944661112333
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.41&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c361370e5b93024f75c586ec20a5692f4a4e7dbe2ef15905b75cd47d74dfceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75784
x-xss-protection
0
pragma
public
x-fb-debug
riiwv+MoFBrEEnrUaKiNzn8dBRQNByjh33T3w/P8Cc0mhN3eWWekCREcvylsPXIfBr0qcBj3HB20CDiMcQ6pAg==
date
Mon, 14 Jun 2021 06:39:42 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
902
date
Mon, 14 Jun 2021 06:24:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 14 Jun 2021 08:24:40 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3ac71c3ae051581f7cf3ecefdb030e36b15501920e0584c10a84167d516540ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13990
x-xss-protection
0
server
cafe
etag
17037312688149531852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Jun 2021 06:39:42 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1623652782283&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623652782281.2029814937&it=1623652782246&coo=false&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 14 Jun 2021 06:39:42 GMT
js
www.google-analytics.com/gtm/ 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NBRLWV4&t=gtm4&cid=1786900154.1623652782
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13701a9edcbf0de7608478665d67de5afe837af2ffc4afcf4de8e5a4e420bbc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36813
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:42 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1869417839&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1217864925&gjid=1836356023&cid=1786900154.1623652782&tid=UA-8147095-6&_gid=839044505.1623652782&_r=1&gtm=2wg690PNXLXRS&cd4=0&cd12=1623652782325.7yxhy2tn&cd22=firstpage&cd23=indexpage&z=1532393119
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-8147095-6&cid=1786900154.1623652782&jid=1217864925&gjid=1836356023&_gid=839044505.1623652782&_u=aGDAAEACQAAAAC~&z=1125705677
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 14 Jun 2021 06:39:42 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1623652782356&cv=9&fst=1623652782356&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
6641fbba44321ca6bbc3b7869ffb57abc001b66dd0d7cd57a265caf4ab1b1399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1253
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/privacysandbox/conversion/1007499765/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/privacysandbox/conversion/1007499765/?random=1623652782356&cv=9&fst=1623652782356&num=1&fmt=3&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1623652782363&cv=9&fst=1623652782363&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47e3fce67e64855fd3ac642f05d9ae116000277749f4ffea0f657132aa5bd293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1069
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-8147095-6&cid=1786900154.1623652782&jid=1217864925&_u=aGDAAEACQAAAAC~&z=49739865
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-8147095-6&cid=1786900154.1623652782&jid=1217864925&_u=aGDAAEACQAAAAC~&z=49739865
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.sanook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1706
date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
  • https://mug.criteo.com/sid?cpp=HbdZxXxIelNwSzRiTTI0dTBuQ0htTUlNTHdJaTJ5MlpoYllxcGsveC9iSlFFVFFRandSV1BPVWJmSEtNU3VpelkrdlRCZG56bWZwQWEwZDZzTGdrbjl0dWxUay9md0xQMTVsMzRJYkNSNFJSeGNLdjg2WEY3S01VSkxqUW...
355 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HbdZxXxIelNwSzRiTTI0dTBuQ0htTUlNTHdJaTJ5MlpoYllxcGsveC9iSlFFVFFRandSV1BPVWJmSEtNU3VpelkrdlRCZG56bWZwQWEwZDZzTGdrbjl0dWxUay9md0xQMTVsMzRJYkNSNFJSeGNLdjg2WEY3S01VSkxqUWxXQWM3aFRJc01uVFdTU2ZuczQ0dllnMFVxc0EycHNidGR6bTNQQ2ZsdXhyVmZNeTVuWTAwRFE0SFh1WWlJSjVETnlrZ1BNZ24vcHdUeTUzTkRXR1BhVFdUTzBoSDlRQUZXZWNrTUJoYU1Wdnc5QVBuU3ZVPXw&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4937f429deda4a15ffebd97aa3490c62df9cc023a46a734a8021402b77cfa407
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 14 Jun 2021 06:39:42 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2098
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Jun 2021 06:39:42 GMT
location
https://mug.criteo.com/sid?cpp=HbdZxXxIelNwSzRiTTI0dTBuQ0htTUlNTHdJaTJ5MlpoYllxcGsveC9iSlFFVFFRandSV1BPVWJmSEtNU3VpelkrdlRCZG56bWZwQWEwZDZzTGdrbjl0dWxUay9md0xQMTVsMzRJYkNSNFJSeGNLdjg2WEY3S01VSkxqUWxXQWM3aFRJc01uVFdTU2ZuczQ0dllnMFVxc0EycHNidGR6bTNQQ2ZsdXhyVmZNeTVuWTAwRFE0SFh1WWlJSjVETnlrZ1BNZ24vcHdUeTUzTkRXR1BhVFdUTzBoSDlRQUZXZWNrTUJoYU1Wdnc5QVBuU3ZVPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1640
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"902 / 672 of 1000 / last-modified: 1623449339"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21293
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:42 GMT
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1623652782363&cv=9&fst=1623650400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&async=1&fmt=3&is_vtc=1&random=2926323375&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1623652782363&cv=9&fst=1623650400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&async=1&fmt=3&is_vtc=1&random=2926323375&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=1162153147&cv=9&fst=1623652782356&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=1162153147&cv=9&fst=1623652782356&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=1162153147&cv=9&fst=1623652782356&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=16...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=1162153147&cv=9&fst=1623652782356&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rvnGYMHNGJT3gAf_gZs4&cid=CAQSKQCNIrLMzjGHhQNhNSXmrP7_UU_FyQqLIPpZaqbrm-5lyrvzlgJ04jf9&eitems=ChEI8NmWhgYQruSrxuLU0aOgARIdAIiQ94zYlolh5MnEVoBEGSxxZfrHB1TGIjDwafU&random=1144999242&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:42 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=1162153147&cv=9&fst=1623652782356&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg690&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rvnGYMHNGJT3gAf_gZs4&cid=CAQSKQCNIrLMzjGHhQNhNSXmrP7_UU_FyQqLIPpZaqbrm-5lyrvzlgJ04jf9&eitems=ChEI8NmWhgYQruSrxuLU0aOgARIdAIiQ94zYlolh5MnEVoBEGSxxZfrHB1TGIjDwafU&random=1144999242&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021060801.js
securepubads.g.doubleclick.net/gpt/ 		318 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114129
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:42 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HbdZxXxIelNwSzRiTTI0dTBuQ0htTUlNTHdJaTJ5MlpoYllxcGsveC9iSlFFVFFRandSV1BPVWJmSEtNU3VpelkrdlRCZG56bWZwQWEwZDZzTGdrbjl0dWxUay9md0xQMTVsMzRJYkNSNFJSeGNLdjg2WEY3S01VSkxqUWxXQWM3aFRJc01uVFdTU2ZuczQ0dllnMFVxc0EycHNidGR6bTNQQ2ZsdXhyVmZNeTVuWTAwRFE0SFh1WWlJSjVETnlrZ1BNZ24vcHdUeTUzTkRXR1BhVFdUTzBoSDlRQUZXZWNrTUJoYU1Wdnc5QVBuU3ZVPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
994
date
Mon, 14 Jun 2021 06:39:41 GMT
content-encoding
gzip
vary
Accept-Encoding
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarypAXiWj41b244wBSL

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 14 Jun 2021 06:39:42 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:36:45 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
177
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
OTuLwbne3_d7CcdVep-snX6xSc-2njIyCXJod80vaS3RGb0ibQueAw==
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 06:39:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.18.0
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=465721
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3222
Expires
Sat, 19 Jun 2021 16:01:43 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1623652783023&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623652783023&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8...
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623652783023&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:43 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
3B_tU4U7XwX9oKZxeXr7Ir3Mggl70FkqRL3qFMVoGx9y1eM7KDKfWA==

Redirect headers

date
Mon, 14 Jun 2021 06:39:43 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1623652783023&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
content-length
433
x-amz-cf-id
qn266lCyXFDQaFwDJ6FJDwv4kZp27zCXARCczpr8VkqBS679OpIr1w==
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 06:39:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 01:29:24 GMT
Server
nginx/1.18.0
ETag
"5fa203f4-51a4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=439623
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6437
Expires
Sat, 19 Jun 2021 08:46:46 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 06:39:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=397395
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Fri, 18 Jun 2021 21:02:58 GMT
/
avd.innity.com/dc/cb/ 		59 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
392be8fc24902e49c54400eda11d69bb116c680d89df6c379197a1145eb1abad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 14 Jun 2021 06:39:43 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
application/javascript
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 5C78 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn.izooto.com
:scheme
https
:path
/scripts/sak/iz_setcid.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

date
Mon, 14 Jun 2021 06:39:43 GMT
content-type
text/html; charset=UTF-8
last-modified
Tue, 11 Feb 2020 13:01:43 GMT
x-xss-protection
1; mode=block
cf-cache-status
HIT
age
1848922
expires
Thu, 15 Jul 2021 06:39:43 GMT
cache-control
public, max-age=2678400
cf-request-id
0aaad86e79000018e5fe8d9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
65f1902a5b7118e5-FRA
content-encoding
br
123e19f2.8e7e22347c3c27645b2d.js
s.isanook.com/sr/0/_next/static/chunks/ 		376 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/123e19f2.8e7e22347c3c27645b2d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-ed8f02f568349b9b99fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 01:35:55 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
age
0
etag
W/"60c30c3a-5e0f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17009914956630995536
accept-ranges
bytes
content-length
108222
expires
Wed, 14 Jul 2021 01:35:55 GMT
a7e7d9dd.29101f59d4b366d42e27.js
s.isanook.com/sr/0/_next/static/chunks/ 		276 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/a7e7d9dd.29101f59d4b366d42e27.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-ed8f02f568349b9b99fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
dca1f4e2612b116221b7c2544644cf400809ec7a2e5c4d5f1b6569536eceba87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
283103
server
Lego Server
age
2
etag
W/"60c30c39-451df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9357288065940905895
accept-ranges
bytes
content-length
65434
expires
Mon, 12 Jul 2021 10:03:38 GMT
JooxPlayer.67af19cc9c9f7e92c734.js
s.isanook.com/sr/0/_next/static/chunks/ 		259 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/JooxPlayer.67af19cc9c9f7e92c734.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-ed8f02f568349b9b99fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
840af75bc8b3a5fbc16c4871c3f1a15c95fa59abd76f2a6fbed17718e2c29884

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 09:12:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 09 Jun 2021 04:46:42 GMT
server
Lego Server
age
0
etag
W/"60c047b2-40bc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
13121434201316926147
accept-ranges
bytes
content-length
90368
expires
Fri, 09 Jul 2021 09:12:02 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 7EF8 		236 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

:method
GET
:authority
p3.isanook.com
:scheme
https
:path
/jo/0/mu/evt/_cross_storage/ex/hub.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

content-type
text/html
vary
Accept-Encoding
date
Mon, 14 Jun 2021 06:31:41 GMT
x-page-speed
1.13.35.2-0
cache-control
no-cache, max-age=0
age
482
accept-ranges
bytes
server
Lego Server
x-cache-lookup
Cache Miss Hit From Inner Cluster
content-encoding
gzip
content-length
186
x-nws-log-uuid
9240074509464886031
/
api.u1sf.com/geoip2/code/ 		160 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.u1sf.com/geoip2/code/?callback=jsonp_1623652783981_32624
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/77557ee1ad2cbeab3f421b3f4b88a5a1b932160b.db1b049ee320c7a7c3f9.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.94.198 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-198.static.asianet.co.th
Software
/
Resource Hash
e498a2ebbfff35477db91350665710aa901d16336483a5cb9c2823e73b7e5394

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Mon, 14 Jun 2021 06:39:45 GMT
Age
0
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=900, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
160
116.7de05d8ed63e34b7489e.js
s.isanook.com/sr/0/_next/static/chunks/ 		301 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/116.7de05d8ed63e34b7489e.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-ed8f02f568349b9b99fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
bf693376bfcfc1b85adad412d8ca798a23092967b57fa68f6109443572f15342

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 03:11:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Tue, 08 Jun 2021 11:28:25 GMT
server
Lego Server
age
0
etag
W/"60bf5459-4b31f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
996894689264792046
accept-ranges
bytes
content-length
99853
expires
Fri, 09 Jul 2021 03:11:27 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads.json
s.isanook.com/sh/0/ad/ 		142 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/ads.json?v=13530439
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/7d0d8c4a97dd5d31ff602908d972a53646db5957.901184d07d2ed5be15bd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 16:19:59 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 02 Nov 2020 03:55:07 GMT
server
Lego Server
age
0
etag
"5f9f831b-8e"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13538860445149824968
accept-ranges
bytes
content-length
142
expires
Tue, 13 Jul 2021 16:19:59 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=71586337002
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:44 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=82577008324
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:43 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
latest.json
s.isanook.com/an/0/covid-19/static/data/thailand/daily/ 		116 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/an/0/covid-19/static/data/thailand/daily/latest.json?1623652783982
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
80f32c724a3ad590cf7f4de8f379d1fd1e86d80bff928ff53ff77820617c048e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
x-cache-lookup
Cache Miss, Hit From Inner Cluster
last-modified
Mon, 14 Jun 2021 06:30:13 GMT
server
Lego Server
age
0
etag
"60c6f775-74"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16017817744268517821
accept-ranges
bytes
content-length
116
expires
Wed, 14 Jul 2021 06:39:44 GMT
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getHomeHilightEntries&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%2C%22poll%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A15%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%226a056dc7f08c6d2e00ee86da7454619643df4a58%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Mon, 14 Jun 2021 06:39:44 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
ico-policy-2.svg
s.isanook.com/sr/0/images/icon/ 		994 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-policy-2.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 07:58:39 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 09 Jun 2021 04:46:48 GMT
server
Lego Server
age
0
etag
W/"60c047b8-3e2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6807459938402213202
accept-ranges
bytes
content-length
994
expires
Fri, 09 Jul 2021 07:58:39 GMT
/
graph.sanook.com/ 		17 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getHomeHilightEntries&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%2C%22poll%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A15%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%226a056dc7f08c6d2e00ee86da7454619643df4a58%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
bc0fa65e660d3375e5c30ba37ba5e7c12284662ea62607a3ccd9bdeda332272b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Mon, 14 Jun 2021 06:39:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-132.static.asianet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cteonnt-length
25278
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
last-modified
Mon, 16 Nov 2020 11:46:30 GMT
server
nginx
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10744
expires
Wed, 14 Jul 2021 06:39:44 GMT
c
sal.isanook.com/sa/ 		35 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=892193610&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SAAAAAABC~&cid=1469487810.1623652784&tid=SA-8147095-6&cd4=0&cd8=b&z=198359009
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
61.91.94.132 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-94-132.static.asianet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
server
nginx
content-type
image/gif
cache-control
no-cache, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
35
expires
Thu, 01 Jan 1970 00:00:01 GMT
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=184&cb=91657796002
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:43 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3628474863181208&correlator=1103574291597028&output=ldjh&impl=fif&eid=31060783%2C31061422%2C21064366%2C21068031%2C31061424&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623652784&dt=1623652784211&dlt=1623652780601&idt=1965&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=345054422&ucis=1&ifi=1&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1786900154.1623652782&ga_sid=1623652784&ga_hid=1869417839&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
969d47b6c2ce2bed1d31c26cf06b0d0855d265bce00899682a51afbd4358e253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4096
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138336206208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4b0dd50bdb0c7453493cce46dc16ab2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://4b0dd50bdb0c7453493cce46dc16ab2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3628474863181208&correlator=886225919154054&output=ldjh&impl=fif&eid=31060783%2C31061422%2C21064366%2C21068031%2C31061424&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623652784&dt=1623652784221&dlt=1623652780601&idt=1965&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2209700283&ucis=2&ifi=2&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1786900154.1623652782&ga_sid=1623652784&ga_hid=1869417839&ga_fc=false&fws=132&ohw=130&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
8bdc3a26b47deb625f4e0017f21daa2e5760ab2f8599c8f1e14ee1295bd0286b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4710
x-xss-protection
0
google-lineitem-id
5610434112
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339427655
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		451 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3628474863181208&correlator=1378589259627502&output=ldjh&impl=fif&eid=31060783%2C31061422%2C21064366%2C21068031%2C31061424&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cthemead&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623652784&dt=1623652784226&dlt=1623652780601&idt=1965&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=362149050&ucis=3&ifi=3&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1786900154.1623652782&ga_sid=1623652784&ga_hid=1869417839&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
8cf1d62280dd96d147f46d59f387e171a673769005a8923350dca6309d9f7e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213a37a85586941a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22149b395daefbb29%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7cd9887504bab2d8ff316f4deace2c22bff76646a1f7d53600e97cb52aaa21a8

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.140], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Mon, 14 Jun 2021 06:39:44 GMT
arj
tencentth-d.openx.net/w/1.0/ 		173 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b051a9be-8aec-4784-8383-8a62a93132a1&nocache=1623652784237&aus=300x250&divIds=rgpt-recb-4&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
88f2cbc38757dd025f854f6045eb74647a12e8c1f7ab5d08f603adc3e4878701

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b1eb6aaa7bf55df75bdcd750d41cbd945bd03691ece48655fb6a0a24c01574b4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.228:80
AN-X-Request-Uuid
1bb0bb38-af79-4f3b-9677-817db2d12f3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 14 Jun 2021 06:39:44 GMT
hb
rtb-eu.andbeyond.media/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:44 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 09 Jun 2022 06:39:44 GMT
pixel.gif
static.criteo.net/images/ 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 09 Jun 2022 06:39:44 GMT
arj
tencentth-d.openx.net/w/1.0/ 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b0e6dc98-109b-4e07-b373-8f1a28e9a2fd&nocache=1623652784247&aus=1130x250%2C1090x250%2C970x250%2C1x1&divIds=rgpt-billboard-6&auid=542511408
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
ed40cd22625566ae2d59c2da002984922abc97f011ef058cfdb2a5e490b47723

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
rtb-eu.andbeyond.media/ 		32 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136923&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
32
cygnus
htlb.casalemedia.com/ 		25 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575405&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223107dca18101477%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232d7e0d70c0659%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221130x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1130%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2233b2afe2c527f8c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221090x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1090%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2234dac8fb7f0ff87%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2235cee55d4d04e1e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c1f228b938fb722eb0ca1755ade87e3bf24147e0355643bf51145412f8e7d2dd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.140], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Mon, 14 Jun 2021 06:39:44 GMT
bid-request
a.teads.tv/hb/ 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 14 Jun 2021 06:39:44 GMT
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:43 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
entry.js
s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/common/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/common/entry.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:19:06 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 11 Jun 2021 07:09:44 GMT
server
Lego Server
age
96273
etag
W/"60c30c38-9c11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1580252272330171976
accept-ranges
bytes
content-length
9914
expires
Sun, 11 Jul 2021 07:19:06 GMT
5aa15df406396602b179cd01c6224a59e1cf64de.ba405c7daaf7facffe5c.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5aa15df406396602b179cd01c6224a59e1cf64de.ba405c7daaf7facffe5c.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
256560
server
Lego Server
age
0
etag
W/"60c30c39-3ea30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12965718923568001956
accept-ranges
bytes
content-length
19887
expires
Sun, 11 Jul 2021 07:15:05 GMT
ff37df730c7793373376decd03e6beecad49a901.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ff37df730c7793373376decd03e6beecad49a901.02e73207f7dab7fbde40.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:39 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
age
0
etag
W/"60c30c3a-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
6023920955394341752
accept-ranges
bytes
content-length
5447
expires
Mon, 12 Jul 2021 10:03:39 GMT
bd254c9df33cca0a17600841aa713c71dc78bc8b.a75629a2097adec5378c.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/bd254c9df33cca0a17600841aa713c71dc78bc8b.a75629a2097adec5378c.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
13459
server
Lego Server
age
0
etag
W/"60c30c39-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14284707077900586847
accept-ranges
bytes
content-length
4584
expires
Mon, 12 Jul 2021 10:03:38 GMT
75cd28269567a86fabea054c37dc965d8aab65d0.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/75cd28269567a86fabea054c37dc965d8aab65d0.8c7201dca81875cd9bba.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:18:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
0
etag
W/"60c30c39-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
13543848249128680510
accept-ranges
bytes
content-length
3936
expires
Sun, 11 Jul 2021 07:18:46 GMT
7d0d8c4a97dd5d31ff602908d972a53646db5957.901184d07d2ed5be15bd.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/7d0d8c4a97dd5d31ff602908d972a53646db5957.901184d07d2ed5be15bd.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:18:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
0
etag
W/"60c30c39-3519a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
4331490301094370763
accept-ranges
bytes
content-length
48376
expires
Sun, 11 Jul 2021 07:18:46 GMT
ead303fed4cd688baabd88169095391e68ae01fb.6fe0d2db4ad1278b3e1b.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ead303fed4cd688baabd88169095391e68ae01fb.6fe0d2db4ad1278b3e1b.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:23:28 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
age
96042
ntcoent-length
15402
content-length
3673
last-modified
Fri, 11 Jun 2021 07:09:46 GMT
server
Lego Server
etag
"60c30c3a-3c2a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13202885374743954576
accept-ranges
bytes
expires
Sun, 11 Jul 2021 07:23:28 GMT
ac4e64ed3831744c000de578960cb434b1ac9c7b.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ac4e64ed3831744c000de578960cb434b1ac9c7b.1c26ec41cba2d9195163.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:15:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
5823
server
Lego Server
age
0
etag
W/"60c30c39-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
7350082589370482761
accept-ranges
bytes
content-length
2659
expires
Sun, 11 Jul 2021 07:15:05 GMT
d150df3a0372a1c6f2336fcdb01378e099558d1a.b68d17254e59e1fe0b22.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/d150df3a0372a1c6f2336fcdb01378e099558d1a.b68d17254e59e1fe0b22.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-2908131e712561857f39.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 07:28:23 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 11 Jun 2021 07:09:45 GMT
server
Lego Server
age
95715
etag
W/"60c30c39-474f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18369480612632963559
accept-ranges
bytes
content-length
4248
expires
Sun, 11 Jul 2021 07:28:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3628474863181208&correlator=181688776776633&output=ldjh&impl=fif&eid=31060783%2C31061422%2C21064366%2C21068031%2C31061424&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cnative1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=257x240&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623652784&dt=1623652784260&dlt=1623652780601&idt=1965&frm=20&biw=1600&bih=1200&oid=3&adxs=1088&adys=1797&adks=2250919550&ucis=4&ifi=4&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=257x0&msz=257x0&ga_vid=1786900154.1623652782&ga_sid=1623652784&ga_hid=1869417839&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
07aed17dc2f45a983f81b275c168d11b3fe762d356516f1bf571f1495225a7fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11913
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7B9E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=33161
expires
Mon, 14 Jun 2021 15:52:25 GMT
date
Mon, 14 Jun 2021 06:39:44 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0B70 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=33161
expires
Mon, 14 Jun 2021 15:52:25 GMT
date
Mon, 14 Jun 2021 06:39:44 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 167D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=33161
expires
Mon, 14 Jun 2021 15:52:25 GMT
date
Mon, 14 Jun 2021 06:39:44 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0051 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=33161
expires
Mon, 14 Jun 2021 15:52:25 GMT
date
Mon, 14 Jun 2021 06:39:44 GMT
vary
Accept-Encoding
arj
tencentth-d.openx.net/w/1.0/ 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d9cb49c5-0c8a-462c-953d-6ac9acbbf1d8&nocache=1623652784273&aus=300x250%2C257x240%2C300x125&divIds=rgpt-reca-8&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
da864b4fb1600ad5ae6491b5e72adcf63432e8543bea02beb7266aa479771bb4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 14 Jun 2021 06:39:44 GMT
cygnus
htlb.casalemedia.com/ 		25 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22466f57a60c0173b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2247bfcbb4c6fa3dd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2248347201c9dcf6c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22257x240%22%7D%2C%22banner%22%3A%7B%22w%22%3A257%2C%22h%22%3A240%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2249e682e2da7624%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8254d406442f130ae4253d400abb50c2a7083b737757abd530d78480a69075d2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.140], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Mon, 14 Jun 2021 06:39:44 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1c829c9313915d46081658224cf9eac0f339c0bde3ebd5849f170808c9724124
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.228:80
AN-X-Request-Uuid
f428043a-60e6-4d9d-ac02-9e37c9cf54db
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:42 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
rtb-eu.andbeyond.media/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Mon, 14 Jun 2021 06:39:43 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
avd.innity.com/dc/ 		43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=d558d85dfb542965f28e90430f14fa29&cb=1623652784284&douid=&sess=94108552.225.1623652784282&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
Last-Modified
Mon, 14 Jun 2021 06:39:44 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1623652784284
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Favd.innity.com%252Fsync%252F%253Fpartner%253Dappnexus%2526token%253D%2524UID%2526type%253Dcookie%2526itmcb%253D1623652784284
  • https://avd.innity.com/sync/?partner=appnexus&token=4238030769023193479&type=cookie&itmcb=1623652784284
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=appnexus&token=4238030769023193479&type=cookie&itmcb=1623652784284
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
Last-Modified
Mon, 14 Jun 2021 06:39:44 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.11:80
AN-X-Request-Uuid
fe9dded7-dde0-40b4-a588-bef01553c44e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://avd.innity.com/sync/?partner=appnexus&token=4238030769023193479&type=cookie&itmcb=1623652784284
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
avd.innity.com/sync/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=d558d85dfb542965f28e90430f14fa29&type=cookie&itmcb=1623652784284
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
Last-Modified
Mon, 14 Jun 2021 06:39:44 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5842 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZI-ceNT5ht1zV44BV7NnDNUXTI1vxu0S38_xHeUa6dlmn387EXa4Bpyx4vR3KpzV_AYExQ7UvQVlJyclwehs_25IxVXsFFZMKXyN118Bqgh6XFKcb4LHU0FxdGSAkZKkwoZvJVmA97HV0W3DMrc1GCyImzLNiAhrdpXqaT4VYWbx8i5HASs4hAHSwB1jfIeiLgQWojkiFbxyFj1TG5nGWiBMW3U_fe8HnnWY-dz_cs_7xlfPhSO4dwbMfZtRhzWyq665geq1swJNAoTDr36_UsfXPogwLAfnkbCrKdOVSW2XGRuBA7Homg4ozDT1Lm02vKVLCAq6HxkQ&sig=Cg0ArKJSzOsRWNxrSr5yEAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5842 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
8f95d222e7d69ea62172fa291feb6c08c6842a3dd5ce2ad874d07e2499fed799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"902 / 220 of 1000 / last-modified: 1623449339"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21290
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5842 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:44 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410781212720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28237
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:44 GMT
2021-06-14.json
s.isanook.com/an/0/covid-19/static/data/thailand/daily/ 		35 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/an/0/covid-19/static/data/thailand/daily/2021-06-14.json?1623652783982
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
56bf6c003da89bf70ce77f111c997190c8b1e660913d2f30418c3e8a73287288

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Hit From Inner Cluster
last-modified
Mon, 14 Jun 2021 06:30:13 GMT
server
Lego Server
age
0
etag
"60c6f775-8a48"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
2769331780230825180
accept-ranges
bytes
expires
Wed, 14 Jul 2021 06:39:44 GMT
affc285f-c5a0-41a2-a837-722cb2c9e826
https://www.sanook.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sanook.com/affc285f-c5a0-41a2-a837-722cb2c9e826
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 108D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssalA2cL86kqsbUpl7k26ehO-eY-i3aHyoHuGcoCK3LJ7ARcbwSmLY9j2hFFJ3fBFYbUtPna4mtxt-_7hr1wnJEBKc4G0hQ60hX5mNDfBg5bCaGaLtuVjeiHphzTGFmwexGE0rif6TsnRloqrblQ7wxO4GgK823Lp_rhlcCt9lLJ-BuFpPUM13kziGM_YfmJImdo55kr4wKGIY32bf6CeCXHn8hdJLLO9wYL24b8WRRhVxo7ci_XYIjFs5XrUST9z-Fz7CVUhT2UmEfvEYIbjxlb2xX6nIKYJXE8Y1BEO9-gUMdVaiqORhRhU-dvqitDupfapwvV6jysbDgS3s&sig=Cg0ArKJSzGtGOawLeBUDEAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 108D 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:44 GMT
/
graph.sanook.com/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getJooxBannersQuery&variables=%7B%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%229d7bf40fa4e39e4e741ae8d00d5c35059c84ee45%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
88098bfcf6d26f4e9a3d9bbfcd845907013e74d9bb6feda2e2eba998848c6f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Mon, 14 Jun 2021 06:39:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getJooxBannersQuery&variables=%7B%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%229d7bf40fa4e39e4e741ae8d00d5c35059c84ee45%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Mon, 14 Jun 2021 06:39:45 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
o_1eu83pcof1g21aqe4nv1n1g3gib.png
img-as.fsanook.com/files/uploads/ads/dfp/20210211/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20210211/o_1eu83pcof1g21aqe4nv1n1g3gib.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.48 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
60fad079dc91b61a311881988011fcfee25a6f5e9899a937e6e7294c5bd0c442

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Thu, 11 Feb 2021 08:37:07 GMT
server
NWS_Oversea_AP
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
09caa99a-4559-42da-935e-e557b406cb09
accept-ranges
bytes
content-length
32418
expires
Wed, 14 Jul 2021 06:39:44 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3628474863181208&correlator=3810344898032671&output=ldjh&impl=fif&eid=31060783%2C31061422%2C21064366%2C21068031%2C31061424&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1130x250%7C1090x250%7C970x250%7C1x1&prev_scp=category%3Dall&eri=1&cookie=ID%3D4d4525cab051107a%3AT%3D1623652784%3AS%3DALNI_MYmJlcWhYTHgKYizgQiZsvJMYt0fw&bc=31&abxe=1&lmt=1623652784&dt=1623652784423&dlt=1623652780601&idt=1965&frm=20&biw=1600&bih=1200&oid=3&adxs=255&adys=75&adks=2010139517&ucis=5&ifi=5&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1090x-1&msz=1090x-1&psts=AGkb-H-pBGV--uPQ0eD89RL6T76Ho_6NWLcwrlo3fRqo7Hwb30iVJXWPNkqrb25gTLEuLu0H_hAfvH9PgnmWEsI6nQPWwZcI2pwVk1IcLNqZ-_UUipOAYr-kFho%2CAGkb-H9dBaSDnkOULb6XAWA-qMdekA00LrujyOl8ZExiAyYl_N0o_jyluG_YmlK0F1xAwlaqOf3LiDOAvQ9oNMgviYsZ0Q2wPnd7oKbD64vaSeI%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1786900154.1623652782&ga_sid=1623652784&ga_hid=1869417839&ga_fc=false&fws=4&ohw=1090&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
b7a52f3cb46e6fd7bc077e1ead202fa0df11bb8feed26db926a9dd17c55fdfbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12745
x-xss-protection
0
google-lineitem-id
5715271852
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138352338854
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3628474863181208&correlator=3596165710909131&output=ldjh&impl=fif&eid=31060783%2C31061422%2C21064366%2C21068031%2C31061424&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Crecb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&prev_scp=category%3Dall&eri=1&cookie=ID%3D4d4525cab051107a%3AT%3D1623652784%3AS%3DALNI_MYmJlcWhYTHgKYizgQiZsvJMYt0fw&bc=31&abxe=1&lmt=1623652784&dt=1623652784429&dlt=1623652780601&idt=1965&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=1863&adks=3963815495&ucis=6&ifi=6&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H-pBGV--uPQ0eD89RL6T76Ho_6NWLcwrlo3fRqo7Hwb30iVJXWPNkqrb25gTLEuLu0H_hAfvH9PgnmWEsI6nQPWwZcI2pwVk1IcLNqZ-_UUipOAYr-kFho%2CAGkb-H9dBaSDnkOULb6XAWA-qMdekA00LrujyOl8ZExiAyYl_N0o_jyluG_YmlK0F1xAwlaqOf3LiDOAvQ9oNMgviYsZ0Q2wPnd7oKbD64vaSeI%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1786900154.1623652782&ga_sid=1623652784&ga_hid=1869417839&ga_fc=false&fws=4&ohw=300&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
3c0f4bd24f819c687386793a6461563adcca1e5dbe158da308a1b7971fa63aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11544
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7B9E 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53138440&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
129aebf4097c510af9cf9234851278c2f663fd37b7cbd325bc4a9f87548d627c

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
d
dc.sanook.com/sanookStat/userActBinary/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=892193610&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cd4=0&cd22=firstpage&cd23=indexpage&_gid=839044505.1623652782&_u=AAAAAEABC~&cid=1786900154.1623652782&tid=DC-8147095-6&z=350402966
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.130.71 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
71.130.151.203.sta.inet.co.th
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 14 Jun 2021 06:39:44 GMT
X-Powered-By
ARR/3.0
Content-Length
0
truncated
/ Frame 108D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16b12197fe58095998769413b6fff5a1870807dcd93cff2fe1cb9aafc16ca3cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 108D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZFnvwL9BYBrMusLcnGvafNMGWGd2ov3B9cVeCUFII_GlMjFiNObEboYzOpDzIvGHDUqDx11xF5b6HRJXbqLYj0XthSWJcfKHO0B_Qps7WZka_DNOlaZHjoihgvrDK5M88e44LKQNwTOw6OhTfzHO3bM6EOUeZkPAqZFFp2gpIokaj-iXXXa906u9KghoENXARb4ByG-p_c6SnThX3NxmIV3t072WR729BzdF11NKWmJnkIKFsQcvAy1I5P83ukDStXUAnfcGRlJPS5BT7bowheZWhh1T8hK15eQrmVIwsUTbZhBTIiEOYZb8Fe8MFdbz7nm2GE4g5RP_QDMMifA&sig=Cg0ArKJSzLAyWFA2ib67EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 14 Jun 2021 06:39:44 GMT
pd
eu-u.openx.net/w/1.0/ Frame 9115 		668 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
5d49b7f3daa361234989dbf43745360f9424f7583998a847bde5a5398345efa3

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=766e23e9-3b24-091f-0837-45f09f63ac63|1623652784
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=766e23e9-3b24-091f-0837-45f09f63ac63|1623652784; Version=1; Expires=Tue, 14-Jun-2022 06:39:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623652784|gekin0vNiygu; Version=1; Expires=Tue, 29-Jun-2021 06:39:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 14 Jun 2021 06:39:44 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame CCDB 		668 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
5d49b7f3daa361234989dbf43745360f9424f7583998a847bde5a5398345efa3

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=766e23e9-3b24-091f-0837-45f09f63ac63|1623652784
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=766e23e9-3b24-091f-0837-45f09f63ac63|1623652784; Version=1; Expires=Tue, 14-Jun-2022 06:39:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623652784|gekin0vNiygu; Version=1; Expires=Tue, 29-Jun-2021 06:39:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 14 Jun 2021 06:39:44 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
async_usersync.html
acdn.adnxs.com/dmp/ Frame EE0A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIvrdKEAoYASABKAEwsPObhgY4AUABSAEQsPObhgYYAA..; uuid2=4238030769023193479
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 14 Jun 2021 04:37:10 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 14 Jun 2021 06:39:44 GMT
Age
7354
X-Served-By
cache-lga13624-LGA, cache-fra19140-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 49911
X-Timer
S1623652785.598622,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2392 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 14 Jun 2021 06:39:44 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4028 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgIvrdKEAoYASABKAEwsPObhgY4AUABSAEQsPObhgYYAA..; uuid2=4238030769023193479
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 14 Jun 2021 04:37:10 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 14 Jun 2021 06:39:44 GMT
Age
7354
X-Served-By
cache-lga13624-LGA, cache-fra19134-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 48336
X-Timer
S1623652785.604327,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E1D8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 14 Jun 2021 06:39:44 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 708C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 14 Jun 2021 06:39:44 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame BA69 		668 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
5d49b7f3daa361234989dbf43745360f9424f7583998a847bde5a5398345efa3

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=766e23e9-3b24-091f-0837-45f09f63ac63|1623652784
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=766e23e9-3b24-091f-0837-45f09f63ac63|1623652784; Version=1; Expires=Tue, 14-Jun-2022 06:39:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623652784|gekin0vNiygu; Version=1; Expires=Tue, 29-Jun-2021 06:39:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 14 Jun 2021 06:39:44 GMT
content-type
text/html
content-length
420
content-encoding
gzip
via
1.1 google
alt-svc
clear
617.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS
p03.id5-sync.com
Software
/
Resource Hash
98c05e23d14f3e41457323395f7527121c7a520233fc770ab0041d93ee6104b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Mon, 14 Jun 2021 06:39:43 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		77 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e23f696040c52a9654736ab6ae1be2e4c44359077c98268cbff6603646e6f40d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.4.192
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ 		109 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
ee08002d27020b166087a8214f6c79bc4637ef6b0a68d3ca3da2fad05a094046

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 14 Jul 2021 06:39:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		78 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3628474863181208&correlator=2159486562136504&output=ldjh&impl=fif&eid=31060783%2C31061422%2C21064366%2C21068031%2C31061424&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&prev_scp=category%3Dall&eri=1&cookie=ID%3D4d4525cab051107a%3AT%3D1623652784%3AS%3DALNI_MYmJlcWhYTHgKYizgQiZsvJMYt0fw&bc=31&abxe=1&lmt=1623652784&dt=1623652784557&dlt=1623652780601&idt=1965&frm=20&biw=1600&bih=1200&oid=3&adxs=1045&adys=924&adks=3191418387&ucis=7&ifi=7&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H-pBGV--uPQ0eD89RL6T76Ho_6NWLcwrlo3fRqo7Hwb30iVJXWPNkqrb25gTLEuLu0H_hAfvH9PgnmWEsI6nQPWwZcI2pwVk1IcLNqZ-_UUipOAYr-kFho%2CAGkb-H9dBaSDnkOULb6XAWA-qMdekA00LrujyOl8ZExiAyYl_N0o_jyluG_YmlK0F1xAwlaqOf3LiDOAvQ9oNMgviYsZ0Q2wPnd7oKbD64vaSeI%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1786900154.1623652782&ga_sid=1623652784&ga_hid=1869417839&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
5d9477366cf7148b4daf6b0eb2b6332bd1400eaee6fce91e24d349831ea6d8af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14536
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021060801.js
securepubads.g.doubleclick.net/gpt/ Frame 5842 		318 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114129
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:44 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 7EF8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.145 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6652806136951581969
accept-ranges
bytes
content-length
2483
view
securepubads.g.doubleclick.net/pcs/ Frame F587 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlr28P_EI1unHLtYAL_zJuDFXBqhLFZa9MEmyOb-9nxMs3AqPMGtFn_tlL7fJ8CleWPBVkNACRRtbX6bsyl1-OgBafaeSTjHguTe8Tj79jdg0yJFj1TUf29ZFdoumzl3XUi9twCUTJ2Cn9BRrcPoP7Yg8b2HL32sncoX6qhF72jjIUshk1fJDKzZ6zcL-7v2Z7-6XrK5aZXSFCZX1a4Uq7he3loMAo2QCVheD_j6-XfWgDJIXHWABk_kPxynN6npYIfSsnwnUv8njUs0ifl9RL6GrPbl5clh5dkDE98H4Bc6vIXLBWBIS6pxMDiMVZAaXPHQ9jSLEk3Q&sig=Cg0ArKJSzHnYWun4vaRPEAE&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame F587 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:33:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Jun 2021 06:33:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame F587 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Jun 2021 06:39:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F587 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:44 GMT
l
www.google.com/ads/measurement/ Frame F587 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGG55rtQQX8BS30hOzLybBWZ9I6HqkgftjOLL6GKuNRMJ4wnGHVlVdqgC3lJxgNaUTakTe63KMu1k2v88uzUn9larZpQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6897399913517630988
tpc.googlesyndication.com/simgad/ Frame F587 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6897399913517630988
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbb7f2eb63570173079762753e2a4a729ba18771d195dace43c73e39efdd02b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:31:35 GMT
x-content-type-options
nosniff
age
180489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121971
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 10:56:23 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires
Sun, 12 Jun 2022 04:31:35 GMT
match
c1.adform.net/serving/cookie/ Frame 233C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3BEB6B3E-EE66-479A-A113-AD156D2A8585
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BEB6B3E-EE66-479A-A113-AD156D2A8585
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BEB6B3E-EE66-479A-A113-AD156D2A8585
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=3BEB6B3E-EE66-479A-A113-AD156D2A8585
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:44 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1440206410165877309; expires=Fri, 13 Aug 2021 06:39:44 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Mon, 14 Jun 2021 06:39:44 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BEB6B3E-EE66-479A-A113-AD156D2A8585
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 14 Jul 2021 06:39:44 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 6800
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8704743018942366899
42 B
522 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8704743018942366899
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8704743018942366899
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; chkChromeAb67Sec=1; DPSync3=1624838400%3A219_201_197%7C1623715200%3A174; SyncRTB3=1624838400%3A161_54_71_81_220_3_22_166_55_21_56_7_8_13%7C1624924800%3A35%7C1626220800%3A203%7C1624233600%3A2_15_223%7C1624492800%3A63; KRTBCOOKIE_1101=23040-6973535607355472014; PugT=1623652783; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-8704743018942366899; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:44 GMT; path=/ PugT=1623652784; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:44 GMT; path=/
x-lat
lhrpug018:0:374
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8704743018942366899
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame F7D9 		43 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 14 Jun 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1174
date
Mon, 14 Jun 2021 06:39:44 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 9BF5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973535607355472014
42 B
522 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973535607355472014
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973535607355472014
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; chkChromeAb67Sec=1; DPSync3=1624838400%3A219_201_197%7C1623715200%3A174; SyncRTB3=1624838400%3A161_54_71_81_220_3_22_166_55_21_56_7_8_13%7C1624924800%3A35%7C1626220800%3A203%7C1624233600%3A2_15_223%7C1624492800%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6973535607355472014; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:43 GMT; path=/ PugT=1623652783; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:43 GMT; path=/
x-lat
amspug005:0:517
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 14 Jun 2021 06:39:44 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6973535607355472014; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6973535607355472014
Pug
image2.pubmatic.com/AdServer/ Frame 7DE0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBX19rN0JqZk1BQURLYWJ2cXYyZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA__k7BjfMAADKabvqv2g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6683934870527725497
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAA__k7BjfMAADKabvqv2g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D6683934870527725497%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=6683934870527725497&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAA__k7BjfMAADKabvqv2g&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA__k7BjfMAADKabvqv2g
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA__k7BjfMAADKabvqv2g
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA__k7BjfMAADKabvqv2g
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5; KRTBCOOKIE_409=22966-aGRTeHpJYNm6LVbfz39JW-VP; KRTBCOOKIE_107=1471-uid:oY5VY1KW1LSGgb5; KRTBCOOKIE_1074=22956-e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6; KRTBCOOKIE_594=17105-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003&KRTB&17107-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003; KRTBCOOKIE_279=22890-5022bd08-ccdb-11eb-8aef-4b13e082f862&KRTB&23011-5022bd08-ccdb-11eb-8aef-4b13e082f862; KRTBCOOKIE_860=16335-pVLtIVl2RhJD6Ff7xoYLq1uEiIw; KRTBCOOKIE_218=22978-YMb5tAABhJ8d4QBg&KRTB&23194-YMb5tAABhJ8d4QBg&KRTB&23209-YMb5tAABhJ8d4QBg&KRTB&23244-YMb5tAABhJ8d4QBg; PugT=1623652787
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AAA__k7BjfMAADKabvqv2g; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:49 GMT; path=/ PugT=1623652789; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:49 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:49 GMT; path=/
x-lat
lhrpug005:0:478
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Mon, 14 Jun 2021 06:39:49 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA__k7BjfMAADKabvqv2g
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7B9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O-trPu5mR5qhE60VbSqFhQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 06:44:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-2080-5c3aeac410031"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=115829
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2586
expires
Tue, 15 Jun 2021 14:50:14 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c18460c6-f9b1-4500-8e41-815624057569
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c18460c6-f9b1-4500-8e41-815624057569
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 03:56:10 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 14 Jun 2021 06:39:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c18460c6-f9b1-4500-8e41-815624057569
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 14 Jun 2021 06:39:36 GMT
mw
mwzeom.zeotap.com/ Frame 7B9E
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3BEB6B3E-EE66-479A-A113-AD156D2A8585
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6c16abb3d0e9114556947689f526c5f0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=3cbe2ceb-017c-4329-a88c-e8b3505c211e&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=a262c5e9d136a2c6
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c9d7546e-0e07-4f7a-4aff-c84f10cb8d0e&reqId=922e0eb0-144c-4090-527c-a7e018174e23&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c9d7546e-0e07-4f7a-4aff-c84f10cb8d0e&reqId=922e0eb0-144c-4090-527c-a7e018174e23&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEJEePblpTJWo6nxhf_wRwow&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c9d7546e-0e07-4f7a-4aff-c84f10cb8d0e&reqId=922e0eb0-144c-4090-527c-a7e...
95 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEJEePblpTJWo6nxhf_wRwow&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c9d7546e-0e07-4f7a-4aff-c84f10cb8d0e&reqId=922e0eb0-144c-4090-527c-a7e018174e23&zcluid=a262c5e9d136a2c6&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65f1905e1f13dffb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0aaad88ecb0000dffbf6071000000001

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEJEePblpTJWo6nxhf_wRwow&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c9d7546e-0e07-4f7a-4aff-c84f10cb8d0e&reqId=922e0eb0-144c-4090-527c-a7e018174e23&zcluid=a262c5e9d136a2c6&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0JFQjZCM0UtRUU2Ni00NzlBLUExMTMtQUQxNTZEMkE4NTg1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:531
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAAKJvflXgLTtoxRKvRL5ZY&google_cver=1
42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAAKJvflXgLTtoxRKvRL5ZY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:434
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAAKJvflXgLTtoxRKvRL5ZY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7B9E 		43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 13 Jun 2021 06:39:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&gdpr=0&gdpr_consent=
42 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:330
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 14 Jun 2021 06:39:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 14 Jun 2021 06:39:36 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1440206410165877309
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1440206410165877309
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:504
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1440206410165877309
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cbe2ceb-017c-4329-a88c-e8b3505c211e
42 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cbe2ceb-017c-4329-a88c-e8b3505c211e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:383
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cbe2ceb-017c-4329-a88c-e8b3505c211e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4238030769023193479&gdpr=0&gdpr_consent=
42 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4238030769023193479&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:469
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.238:80
AN-X-Request-Uuid
883280f2-64dc-4227-bee0-15d57743fe66
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4238030769023193479&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
3BEB6B3E-EE66-479A-A113-AD156D2A8585
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7B9E 		43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3BEB6B3E-EE66-479A-A113-AD156D2A8585?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G41rBBBE2uWLdHMgXvMr84owcnz0W.E-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G41rBBBE2uWLdHMgXvMr84owcnz0W.E-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 03:56:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-G41rBBBE2uWLdHMgXvMr84owcnz0W.E-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT
42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:559
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMb5tAABhJ8d4QBg&gdpr=0&gdpr_consent=&_test=YMb5tAABhJ8d4QBg
1 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMb5tAABhJ8d4QBg&gdpr=0&gdpr_consent=&_test=YMb5tAABhJ8d4QBg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:553
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623652788.353289,VS0,VE0
x-served-by
cache-hhn4064-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMb5tAABhJ8d4QBg&gdpr=0&gdpr_consent=&_test=YMb5tAABhJ8d4QBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=ac1d81ff-871a-4c4d-bc64-065ac94db0e5&ssp=pubmatic&user_group=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b&gdpr=&gdpr_consent=&gdpr_pd=
1 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:497
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 14 Jun 2021 06:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2731647555875736110&gdpr=0&gdpr_consent=&us_privacy=
1 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2731647555875736110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:43 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:531
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2731647555875736110&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7B9E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d3f70248-b0e6-45ad-a70d-1d879eb727ef&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d3f70248-b0e6-45ad-a70d-1d879eb727ef&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:572
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d3f70248-b0e6-45ad-a70d-1d879eb727ef&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 7B9E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&gdpr=0&gdpr_consent=
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:563
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012105281634000/ Frame 952F 		191 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
169244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55221
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 07:39:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8af8bfef65693cad"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 07:39:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 952F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ca56b057322a8584"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:12:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 952F 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27321
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3f2374642481d921"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:12:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 952F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
155325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1522
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 11:30:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"514585efdf5d56f0"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 11:30:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 952F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
173705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13144
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 06:24:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"db4e8fd655d0c88e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:24:39 GMT
css
fonts.googleapis.com/ Frame 952F 		4 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 05:15:52 GMT
server
ESF
date
Mon, 14 Jun 2021 06:39:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Jun 2021 06:39:44 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/8411130913232943998/ Frame 952F 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8411130913232943998/downsize_200k_v1?w=400&h=209
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d49ca2ead03dd9310ff1873fd3f79aaed0432b266e9b78bdcdad3336429eb8c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 14:01:51 GMT
x-content-type-options
nosniff
age
146273
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33041
x-xss-protection
0
last-modified
Wed, 06 Jan 2021 17:26:19 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 14:01:51 GMT
truncated
/ Frame 952F 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 952F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7569924baa6376bcb136dc7e5b3c39cab9f2f47de01eaf2bdf26962828fd9296

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 952F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 07:43:32 GMT
x-content-type-options
nosniff
server
cafe
age
82572
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Mon, 14 Jun 2021 07:43:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 952F 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 19:15:27 GMT
x-content-type-options
nosniff
server
cafe
age
41057
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 14 Jun 2021 19:15:27 GMT
l
www.google.com/ads/measurement/ Frame 952F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoXhe6jjtgZTaktV_jn_rERvZLUbZD4OzGlOIFzX80C5k5ZzNDSBmYgjhG3SlHOiaBsqJXsUVmryVwGJ9FZikEEFw6Nw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 952F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu7fYsPnGYPmlEpu07_UPrL2sWI6TgfZgne7xgfAMntDIz-ABEAEgr9HbH2D1lc6B4ASgAdHZ8LkCyAEJqQLBb9eze62yPuACAKgDAcgDCqoE0QFP0HlTqfV4sZUIWbDRGqvW8vHLOCZr2AtQaAAwy6B7KotUWDiW73osbkhaOtslCLRpsoNiZoSZh-kH5g8N2QlomXaf4crbjXC-jFklhq_H5janEuAQucpj8s5HvXqiCZI6xt5iVe42vBB8f_iGMz8yH66mGeMXq_3uoCggIbYdTHZCNxC596Y5fxgFbVi8qCjj09oyL7JtrTXsxIWmKSOtIoUkKcWukJxpstwadB48ckimJExeOlbq3HOaibQ_yLVuvLqjjwE1hng7FYebHSJ3p8AEyo7znrsD4AQBkgUECAQYAZIFBAgFGASgBi6AB5emj8YBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELW2CtIIBwiAYRABGB2ACgPICwG4E4gn2BMNiBQC0BUBmBYBgBcBshcaChgIABIUcHViLTYxNjcyMzg3MTI3MjkwMzI&sigh=VIICt-2F3B0&template_id=5000
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 952F 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sanook.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 05:30:17 GMT
x-content-type-options
nosniff
age
176967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 05:30:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 952F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sanook.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 07:18:32 GMT
x-content-type-options
nosniff
age
170472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 07:18:32 GMT
sd
eu-u.openx.net/w/1.0/ Frame CCDB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=59f060c6-f9b1-4000-919c-a2d15c118453
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=59f060c6-f9b1-4000-919c-a2d15c118453
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 14 Jun 2021 06:39:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=59f060c6-f9b1-4000-919c-a2d15c118453
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 14 Jun 2021 06:39:36 GMT
sd
us-u.openx.net/w/1.0/ Frame CCDB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NSbDrGUvwqoudMOiNHSNqzVwk_gucsKoOy8K0pBL
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NSbDrGUvwqoudMOiNHSNqzVwk_gucsKoOy8K0pBL
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NSbDrGUvwqoudMOiNHSNqzVwk_gucsKoOy8K0pBL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame CCDB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1440206410165877309
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1440206410165877309
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1440206410165877309
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame CCDB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a5c21cb0-92a3-36e8-52e1-8d18fb449f9e&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame CCDB 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODlhZGNmN2EtNWJkNC02ODRjLTQ3MDEtZDdhMTMxYTY1MWZl
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CCDB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ch/adsid/ Frame 5842 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5842 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5842 		427 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2790933080886977&correlator=3625880195712766&output=ldjh&impl=fif&eid=31060783%2C31061278&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=21863666334%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D9a494aa8fa148b9e%3AT%3D1623652784%3AS%3DALNI_MYXSGegncd58BoOE1NXndCRY_l4sA&cdm=www.sanook.com&bc=31&abxe=1&lmt=1623652784&dt=1623652784759&dlt=1623652784353&idt=399&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1033481451&ucis=2l5wyu1bwwft&ifi=1&ifk=2895095238&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1786900154.1623652782&ga_sid=1623652785&ga_hid=28285131&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
beb858aef93d8989b27a2cbc384480d19436c824a65478bb1c17d467eedec66f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22548
x-xss-protection
0
google-lineitem-id
5546075965
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138331849821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1e73199f2f83d772c56fec2cf8254196.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5842 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1e73199f2f83d772c56fec2cf8254196.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sd
eu-u.openx.net/w/1.0/ Frame BA69
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=680260c6-f9b1-4000-bfe0-ec9d8e1be637
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=680260c6-f9b1-4000-bfe0-ec9d8e1be637
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 14 Jun 2021 06:39:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=680260c6-f9b1-4000-bfe0-ec9d8e1be637
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 14 Jun 2021 06:39:36 GMT
sd
us-u.openx.net/w/1.0/ Frame BA69
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Zmq5sjZjuLR9OLmzNGn35jU86eZ9YuuzNGka0t08
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Zmq5sjZjuLR9OLmzNGn35jU86eZ9YuuzNGka0t08
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=Zmq5sjZjuLR9OLmzNGn35jU86eZ9YuuzNGka0t08
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BA69
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=718171576702452188
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=718171576702452188
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=718171576702452188
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame BA69 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a5c21cb0-92a3-36e8-52e1-8d18fb449f9e&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BA69 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODlhZGNmN2EtNWJkNC02ODRjLTQ3MDEtZDdhMTMxYTY1MWZl
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BA69
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9115
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e63e60c6-f9b1-4c00-8395-d283e681b223
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e63e60c6-f9b1-4c00-8395-d283e681b223
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 14 Jun 2021 06:39:37 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e63e60c6-f9b1-4c00-8395-d283e681b223
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 14 Jun 2021 06:39:36 GMT
sd
us-u.openx.net/w/1.0/ Frame 9115
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3Y1bw42EWsXG31uW2oQVxIiLDc3G3l7Gid-eWMVQ
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3Y1bw42EWsXG31uW2oQVxIiLDc3G3l7Gid-eWMVQ
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=3Y1bw42EWsXG31uW2oQVxIiLDc3G3l7Gid-eWMVQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9115
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7734921317384708750
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7734921317384708750
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7734921317384708750
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 9115 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a5c21cb0-92a3-36e8-52e1-8d18fb449f9e&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9115 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODlhZGNmN2EtNWJkNC02ODRjLTQ3MDEtZDdhMTMxYTY1MWZl
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9115
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdjtKjgZ7WC_psXmHCrMvE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F587 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstR9JQFL3TBXdG0YIrXDTZlIILFAQBbvRcjfpCNmz1GZxpdJLKfTWnkGarxecQmh680rjB6fFL1h1nvXcxp4jizyY6oReEEhpBDhWUTrFX-gIDu3fxWapmFDd9C2uWSrJPlyJ0UG5Jc5kqZ-PHRkVSdKRMxlaRVtI-fhhLPHBKUFCoMmiGKzwLmcUYVdJt76tqALskwE5gI5qeSjoKfPeUEApxXQp0OIDD_4txyMyx8Lf1HDaRAgGALkBcT0av5Z74jjmd_iD7rjo-YV-VEqZknppeIHH2TeS_IhPVyq7T5bPIit6kCb-PIlltzfp0yWxcWED_2Cnpk_9r_&sig=Cg0ArKJSzEzRrbBpv5wkEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 14 Jun 2021 06:39:44 GMT
truncated
/ Frame F587 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b16e6066fed10dd53bec2f9ba95885ec2165b1a204c6b9914d74a7a8ca974e40

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame EE0A 		0
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.196:80
AN-X-Request-Uuid
489e95fc-e437-4d7c-83e8-12a2914b771f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4028 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.53:80
AN-X-Request-Uuid
6c30f589-7881-4dc4-8201-371f85962c77
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BF51 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
148bc028ee534eb78733531d75f5ef9f2a03ced6a5cda3c840344454e8d326d5

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMDD=AAjC5AE*; CMST=YMb5sGDG+bAB; CMID=YMb5sNxV6AU6UnECs.C0dQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|64|218|46|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1768
Expires
Mon, 14 Jun 2021 06:39:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YMb5sNxV6AU6UnECs.C0dQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 14 Jun 2022 06:39:44 GMT CMPS=3270;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Sep 2021 06:39:44 GMT CMPRO=1164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Sep 2021 06:39:44 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 06:39:44 GMT CMRUM3=2760c6f9b00b40&2e60c6f9b005a0&f160c6f9b005a0&4060c6f9b005a0&2d60c6f9b005a0&4960c6f9b005a0&e660c6f9b02760&da60c6f9b02760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 14 Jun 2022 06:39:44 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame BD20 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ca5c8e95d7cb074b5374663535422239057fcaeade2b25b64d767582c9b7abb4

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMDD=AAjC5AE*; CMST=YMb5sGDG+bAB; CMID=YMb5sNxV6AU6UnECs.C0dQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|152|13|196|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1832
Expires
Mon, 14 Jun 2021 06:39:45 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Connection
keep-alive
Set-Cookie
CMID=YMb5sNxV6AU6UnECs.C0dQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 14 Jun 2022 06:39:44 GMT CMPS=3270;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Sep 2021 06:39:44 GMT CMPRO=1164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Sep 2021 06:39:44 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 06:39:44 GMT CMRUM3=2d60c6f9b005a0&f160c6f9b005a0&c460c6f9b005a0&2760c6f9b00b40&0d60c6f9b005a0&9860c6f9b005a00&e660c6f9b02760&5860c6f9b005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 14 Jun 2022 06:39:44 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 9728 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
212189c5b357c5593b6ad3a92ea86d57a7a0e04742f506ba6cb017b7769cbdfa

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMDD=AAjC5AE*; CMST=YMb5sGDG+bAB; CMID=YMb5sNxV6AU6UnECs.C0dQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|230|45|90|51|4|47
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1700
Expires
Mon, 14 Jun 2021 06:39:45 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Connection
keep-alive
Set-Cookie
CMID=YMb5sNxV6AU6UnECs.C0dQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 14 Jun 2022 06:39:45 GMT CMPS=3270;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Sep 2021 06:39:45 GMT CMPRO=1164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 12 Sep 2021 06:39:45 GMT CMDD=AAjC5AE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 06:39:45 GMT CMRUM3=2760c6f9b10b40&5a60c6f9b105a0&3360c6f9b105a0&2f60c6f9b105a0&f160c6f9b105a0&2d60c6f9b105a0&0460c6f9b105a0&e660c6f9b12760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 14 Jun 2022 06:39:45 GMT CMST=YMb5sGDG+bEB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 15 Jun 2021 06:39:45 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 952F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 07:43:32 GMT
x-content-type-options
nosniff
server
cafe
age
82572
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Mon, 14 Jun 2021 07:43:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 952F 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 19:15:27 GMT
x-content-type-options
nosniff
server
cafe
age
41057
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 14 Jun 2021 19:15:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5842 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgeqAulZ57yAquwynN6B2FDB2QBKwzOxCsPvXGlbnYdda0VekqmyWWAfufVeF152LDemSpIQIWC8zRgTG2pp3SS29H2Qo6_SBsvb3OicOGtQcPak3vFOzDfMpxhN4748WSDYzJ-p1ldzqgA2SXfnA5911g6oTCGlcNKtjdn_tQ-y-qHyiccO14O1ys0Q_xQiec_2sLlYc0TnAQDg9150SJdH6OaazLwfK7b9PtKmJlbgVgntsIcrbhwBt-TOHeQD5YBVa2BwCZy3WrEA0tEcoru6bzVqwR8T-lRZ1JNwAf3oorO81annvWRH9erwSyc6c5jNEXxZFYYsUY7w&sig=Cg0ArKJSzPhDzRnLHJ1KEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 14 Jun 2021 06:39:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C9B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4R8svPhrQeREjakKlZZf7VtuGz00PDbhwadoQYoUQS5Jrz6omQObXwzRppSGUIIcUoSmh3piXQ0dIuMd6AR0cKVayB6ErNBwR263oRO5AX9qOn0yXHk-SyCK27FUk1NdxcoRFI7B47VI7zi2Z6INWeXPoX5XLNFr4QYjKP0Y4GN1iHuboovPPFh1WUVjaXqRutHQDqkQO90szrUePf1m9DsoIymDrhZzKCFgOFk5GNaTlqNVspMtta3lwB9vVWaze7v5I25pjY8-Gx9ihDHtnHdsc74JgjhlYr6oXKE9DQLAoseE&sig=Cg0ArKJSzFwfZw_edU1vEAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame C9B7 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:38:59 GMT
x-content-type-options
nosniff
age
45
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86927
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Jun 2022 06:38:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C9B7 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410775224219"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38028
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:44 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5842 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623410781212720"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28237
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5842 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f5b001f76b16c80d1b5178bd14102b851a8dd857278e72184057d1d5c3ea6dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7981
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012105281634000/ Frame 3641 		191 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
169244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55221
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 07:39:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8af8bfef65693cad"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 07:39:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 3641 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ca56b057322a8584"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:12:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 3641 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27321
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3f2374642481d921"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:12:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 3641 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
155325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1522
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 11:30:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"514585efdf5d56f0"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 11:30:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 3641 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
173705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13144
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 06:24:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"db4e8fd655d0c88e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:24:39 GMT
css
fonts.googleapis.com/ Frame 3641 		6 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 05:23:20 GMT
server
ESF
date
Mon, 14 Jun 2021 06:39:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Jun 2021 06:39:44 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3641 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 07:43:32 GMT
x-content-type-options
nosniff
server
cafe
age
82572
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Mon, 14 Jun 2021 07:43:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3641 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 19:15:27 GMT
x-content-type-options
nosniff
server
cafe
age
41057
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 14 Jun 2021 19:15:27 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1536292457286515134/ Frame 3641 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1536292457286515134/downsize_200k_v1?w=400&h=209
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8119f988043f5f63d08e8aeffbcf059e2b34e3a93ddeaba9fc89a4c109c95366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 12:54:57 GMT
x-content-type-options
nosniff
age
150287
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11853
x-xss-protection
0
last-modified
Wed, 09 Jun 2021 13:46:00 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 12:54:57 GMT
truncated
/ Frame 3641 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3641 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f7f9ce51d6fab28e7b648cca7f32912866732ce7c0b9fbdce68447aa2d10c25

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 3641 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJHuxa90k1FFOobWf5GJAtXhLW9UVkqOuYl0VkOa3uOClLrQj9uQxdI9wfYBz5dnsutLzSVBRqYSl9kVQwW3UvK-nMJw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3641 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSEXcsPnGYIv_HL-v7_UP5Oe7uATEs6SYY-TT5P3JDZaCzYWIFhABIK_R2x9g9ZXOgeAEoAGJifaNA8gBCakCfsYep6lQtD7gAgCoAwHIAwqqBNMBT9ANf2LWCk7GBoPt_00_TBJB8XzXFttRDNoYrSvsIBbaJxzJJAdsEQtzI2K0_zdW2fWWWZWRR7UfQFTA8y-lZzyHylkYLMXaDYWsvsDyhnrBAjI3IWFaFdbY5TnsC-8Czr1wSp_uhAKq7lsU1ok1QRyNYEx2nhxWYUg1c9eBnaHQa5EdqRUwTcRHniefVhV2GQOGuciPTzdv3pL_oAng2IaDa6f6iiAG7bHc-ySH1jLRYozxCiYMZUOxt9Up6qkwjQD14XH-b-4II0ynXvUjeP8ZdcAEjPS-uY0D4AQBkgUECAQYAZIFBAgFGASgBi6AB9_2iXKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQmZgV0ggHCIBhEAEYHYAKA8gLAbgTiCfYEw2IFAPQFQGYFgGAFwGyFxoKGAgAEhRwdWItNjE2NzIzODcxMjcyOTAzMg&sigh=R-vyuRaON9Y&template_id=5000
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5842 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C9B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnCDmv6tlu_cWeDp-WLXmGGFXl5M3UEGWAKk4vuUQYUD6SpnBXiVuXA9L0eCG1goFBC4jm0kMoklxgA9VuS0EtaKPpRouUdQ3qq_p3QrMC3s0xbE1lMidFnJzhWTWSYmHqIy1dxW51pVTnNZm2Y2ZQfLbnDHW8QE0LnxD7A8wX9jIsn9mUbYKjFbcxkWTcegNNrl5ItzLoaRBEP6I8vnBoCZP1iJDAujBjCPjKfzcTUBgDLXm6w8Mq2FzJdEHcHj5naot_FSAaCysazBiSpZrNjADdNaEUZDu2ZsN7LoOv2XzT8vC5hw&sig=Cg0ArKJSzBuIndGhTb-JEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 14 Jun 2021 06:39:45 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3641 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sanook.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 15:26:07 GMT
x-content-type-options
nosniff
age
141218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 15:26:07 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3641 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sanook.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 05:12:17 GMT
x-content-type-options
nosniff
age
178048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 05:12:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3641 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.sanook.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 17:35:42 GMT
x-content-type-options
nosniff
age
133443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 17:35:42 GMT
casale
match.adsrvr.org/track/cmf/ Frame BF51 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMb5sNxV6AU6UnECs.C0dQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame BF51
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BF51
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMb5sNxV6AU6UnECs.C0dQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BF51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BF51
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_i...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&expiration=1626244785
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&expiration=1626244785
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:46 GMT

Redirect headers

date
Mon, 14 Jun 2021 06:39:45 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348&expiration=1626244785
alt-svc
clear
content-length
0
demconf.jpg
dpm.demdex.net/ Frame BF51
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YMb5sNxV6AU6UnECs.C0dQAA%261164?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMb5sNxV6AU6UnECs.C0dQAA%261164
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMb5sNxV6AU6UnECs.C0dQAA%261164
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.129.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v008-01106029e.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
owHN36FGTeU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v008-0f01ebe89.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zmjMjXquT/M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMb5sNxV6AU6UnECs.C0dQAA%261164
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame BF51
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4238030769023193479
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4238030769023193479
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:46 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:46 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.144:80
AN-X-Request-Uuid
12cb6254-12c9-4e4b-9a37-c5c925c57171
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4238030769023193479
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BF51 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BF51 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YMb5sNxV6AU6UnECs.C0dQAA%261164
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 06:39:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1609
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 07:06:34 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3641 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 07:43:32 GMT
x-content-type-options
nosniff
server
cafe
age
82573
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Mon, 14 Jun 2021 07:43:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3641 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 19:15:27 GMT
x-content-type-options
nosniff
server
cafe
age
41058
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 14 Jun 2021 19:15:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 5181 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 14 Jun 2021 03:08:26 GMT
expires
Tue, 14 Jun 2022 03:08:26 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
12679
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2F46 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0127cac8cfdb7ae5b6b946ba0858e2ebd0b54ce2bd13c4b61bd0f5a932cfa475
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ByLAU21o58k4LX+J6lmi1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Mon, 14 Jun 2021 06:39:45 GMT
date
Mon, 14 Jun 2021 06:39:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ByLAU21o58k4LX+J6lmi1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dcm
s.amazon-adsystem.com/ Frame BD20
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BD20 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YMb5sNxV6AU6UnECs.C0dQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame BD20
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BD20
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMb5sNxV6AU6UnECs.C0dQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BD20
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=01e1ade7-6ca7-4136-8cbe-b262fe079f5e
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=01e1ade7-6ca7-4136-8cbe-b262fe079f5e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:48 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:48 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=01e1ade7-6ca7-4136-8cbe-b262fe079f5e
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BD20
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06592204006349aacc3ae352&expiration=[EXPIRATION]
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06592204006349aacc3ae352&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06592204006349aacc3ae352&expiration=[EXPIRATION]
Date
Mon, 14 Jun 2021 06:39:45 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
crum
dsum-sec.casalemedia.com/ Frame BD20
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_60c6f9b47ca5f&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60c6f9b47ca5f
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60c6f9b47ca5f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:48 GMT

Redirect headers

date
Mon, 14 Jun 2021 06:39:48 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_60c6f9b47ca5f
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
rum
dsum-sec.casalemedia.com/ Frame BD20
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YMb5tAABhKAd7wBg
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMb5tAABhKAd7wBg&_test=YMb5tAABhKAd7wBg
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMb5tAABhKAd7wBg&_test=YMb5tAABhKAd7wBg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623652788.356863,VS0,VE0
x-served-by
cache-hhn4064-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YMb5tAABhKAd7wBg&_test=YMb5tAABhKAd7wBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BD20 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YMb5sNxV6AU6UnECs.C0dQAA%261164
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 06:39:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1609
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 07:06:34 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9728 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMb5sNxV6AU6UnECs.C0dQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 9728
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9728
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMb5sNxV6AU6UnECs-C0dQAABIwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGxTmukaSTs4ptpR-0qC-ZM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9728
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMb5sNxV6AU6UnECs.C0dQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECigfC-Dnr-OnUuWI8gdG3Q&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9728
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E2DF79FBBC614B029EF6A431CA04A6F7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E2DF79FBBC614B029EF6A431CA04A6F7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:45 GMT

Redirect headers

date
Mon, 14 Jun 2021 06:39:45 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E2DF79FBBC614B029EF6A431CA04A6F7
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 13 Jun 2021 06:39:45 GMT
rum
dsum.casalemedia.com/ Frame 9728
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://x.bidswitch.net/ul_cb/sync?ssp=index
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9cfaef82-acf5-4995-bb60-1076cd0f2390&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b&C=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:52 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=b3018898-7b8c-49f8-8689-7e0c4fe3fd7b&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
295
Expires
Mon, 14 Jun 2021 06:39:52 GMT
rum
dsum-sec.casalemedia.com/ Frame 9728
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2731647555875736110
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2731647555875736110
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2731647555875736110
pragma
no-cache
date
Mon, 14 Jun 2021 06:39:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 9728
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=PvF8ziUu1LSGgb5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=PvF8ziUu1LSGgb5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 06:39:47 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:46 GMT
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-09aa64c92a07a6de3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=PvF8ziUu1LSGgb5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9728 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YMb5sNxV6AU6UnECs.C0dQAA%261164
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 06:39:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1609
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Jun 2021 07:06:34 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012105281634000/ Frame 3275 		191 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
169245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55221
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 07:39:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8af8bfef65693cad"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 07:39:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 3275 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149233
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ca56b057322a8584"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:12:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 3275 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149233
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27321
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 13:12:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3f2374642481d921"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 13:12:32 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 3275 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1ba766fc90938edcf83a09e20470fe15a9fd042b6c84054f435a3356cc5951
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
152658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16310
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 12:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"158bd8931ca66e3a"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 12:15:27 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 3275 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
155326
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1522
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 11:30:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"514585efdf5d56f0"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 11:30:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 3275 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
173706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13144
x-xss-protection
0
server
sffe
date
Sat, 12 Jun 2021 06:24:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"db4e8fd655d0c88e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 06:24:39 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3275 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 07:43:32 GMT
x-content-type-options
nosniff
server
cafe
age
82573
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Mon, 14 Jun 2021 07:43:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3275 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 13 Jun 2021 19:15:27 GMT
x-content-type-options
nosniff
server
cafe
age
41058
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 14 Jun 2021 19:15:27 GMT
truncated
/ Frame 3275 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
172504758412f109abca85cd5bc1b38caa0757af099eaa2d60650010d504b011

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 3275 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHCaJsPnGYOSIJeiU9u8Pz-qZmATJ6ZGwYpWM45HXC7_hHhABIK_R2x9g9ZXOgeAEoAG5vu7oAsgBCakCfsYep6lQtD7gAgCoAwHIAwiqBNQBT9AN2b6N4lHIDlUu4dd_yy6ytivZ7v0NkhFc2E5R6SIiQRWGO1NDBdlO9jxsZO5958jerUM5AZo9p-kff_DeEih8R7F9rbUt5nyIOYW-MHfJ-gPPXk_-7rBytEl2aWN3xhZ-K7RvH_e5N7vV5MsWbPkhnXoGzaP81r5k9xr4qRs-Bgrn9XvnZAf7aNjWlPa-XWGOXHBiPFPtniF0BDJ4TUcXVsmd2ab-L8cHq_ioScflPbuLzjo3j0SGmWmA8uVmTqx94yWcFZ2BFK0P9B-sI2_uGM7ABPnr4e-PA-AEAZIFBAgEGAGSBQQIBRgEoAYugAevwZGXAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCN8CnSCAcIgGEQARgdgAoDyAsB2BMN0BUBgBcBshcaChgIABIUcHViLTYxNjcyMzg3MTI3MjkwMzI&sigh=bDTT-dE3o7w&template_id=419
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
203501ba60b5eb7111028a47eaf58ea35da73fa17e024.png
tpc.googlesyndication.com/sadbundle/8828766417065926325/static/ Frame 3275 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8828766417065926325/static/203501ba60b5eb7111028a47eaf58ea35da73fa17e024.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9675c0929ddb4f82ce9a3b465a5a6e7b3174860485f4b039a38584f85fae9738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:00:17 GMT
x-content-type-options
nosniff
age
182368
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33996
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 07:41:53 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:00:17 GMT
96631993c8129c91bbcc6422252650335da73fa1a5041.png
tpc.googlesyndication.com/sadbundle/8828766417065926325/static/ Frame 3275 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8828766417065926325/static/96631993c8129c91bbcc6422252650335da73fa1a5041.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
344725aabe7fb186cba11aa89933fec8484e11a16327ace1c58692559061a0b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:08:59 GMT
x-content-type-options
nosniff
age
181846
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3018
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 07:41:53 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:08:59 GMT
5373372d7419dffedd67e891f5e348b95da73fa1b560a.png
tpc.googlesyndication.com/sadbundle/8828766417065926325/static/ Frame 3275 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8828766417065926325/static/5373372d7419dffedd67e891f5e348b95da73fa1b560a.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abbf25ca8051e1c2f7a6bb31935a853110ec6d4de643b03e140e23a6666a3114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:55:53 GMT
x-content-type-options
nosniff
age
179032
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1976
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 07:41:53 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:55:53 GMT
e2962fffe7f05a25c58a701f63153cb15da73fa1cb739.png
tpc.googlesyndication.com/sadbundle/8828766417065926325/static/ Frame 3275 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8828766417065926325/static/e2962fffe7f05a25c58a701f63153cb15da73fa1cb739.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e780a58dc066f9b9b08bc1efe0e865b32fa193bafb4b2b2b3b2565ed9e8d007a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:32:41 GMT
x-content-type-options
nosniff
age
180424
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23495
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 07:41:53 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:32:41 GMT
e8169ef9831ae4c330a457a66f52c79a5da73fa1dbdc4.png
tpc.googlesyndication.com/sadbundle/8828766417065926325/static/ Frame 3275 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8828766417065926325/static/e8169ef9831ae4c330a457a66f52c79a5da73fa1dbdc4.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
899183b4106d8e70f496f94786d9a348af85bb3490917383b8c6b58100b8e435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 12:20:07 GMT
x-content-type-options
nosniff
age
152378
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1572
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 07:41:53 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 12:20:07 GMT
4daa3b25a63912400a1a98ccaf4fb5605da73fa1e8c79.png
tpc.googlesyndication.com/sadbundle/8828766417065926325/static/ Frame 3275 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8828766417065926325/static/4daa3b25a63912400a1a98ccaf4fb5605da73fa1e8c79.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57e28e694c91696bf8bd286156d133688d57d58ebb91f1c9ba13b2272e7943bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:19:03 GMT
x-content-type-options
nosniff
age
181242
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2355
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 07:41:53 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:19:03 GMT
95f41bedad872398ad7621970ba854745da73fa2007e2.png
tpc.googlesyndication.com/sadbundle/8828766417065926325/static/ Frame 3275 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8828766417065926325/static/95f41bedad872398ad7621970ba854745da73fa2007e2.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa4c2e645269411c2461bf864e6cc7bc64cb1374bdefcbdf98f14e26d9ff0e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 04:06:01 GMT
x-content-type-options
nosniff
age
95624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2375
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 07:41:53 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 Jun 2022 04:06:01 GMT
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame 5181 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 06:35:25 GMT
disc.png
s.isanook.com/sr/0/images/joox-home/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/joox-home/disc.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5800186dfe1f045bf506a3981070d552a8d1da1d9ef16899e1987e57102e7092

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 09:16:52 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 09 Jun 2021 04:46:54 GMT
server
Lego Server
age
0
etag
"60c047be-2d12"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000
x-nws-log-uuid
15384314916486130104
accept-ranges
bytes
content-length
11538
expires
Fri, 09 Jul 2021 09:16:52 GMT
logo02.png
s.isanook.com/sr/0/images/joox-home/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/joox-home/logo02.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
db31eac7ad43142e03b969a74fa78be17892646ceed26e2554adcdc7983894ce

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 01:17:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"60bf5469-71d"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
533481996731274383
accept-ranges
bytes
content-length
1821
expires
Fri, 09 Jul 2021 01:17:53 GMT
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getJooxSidebarEntries&variables=%7B%22channel%22%3A%22music%22%2C%22categoryIds%22%3A%5B929%5D%2C%22limit%22%3A4%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a93e9d353550365d8fc4242253f46aef6a8c21a8%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Mon, 14 Jun 2021 06:39:45 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi9iLzYvM2M4NDk4MzU5MDljMDYzMWFjNDIxYmFjNmFjYmI2YjYuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi9iLzYvM2M4NDk4MzU5MDljMDYzMWFjNDIxYmFjNmFjYmI2YjYuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
64c7bc31e9e74ec9a07cf5c8aef00c5a6d276b9936331562385206f6b7dfae38

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 02:12:33 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
1876138835752639421
accept-ranges
bytes
content-length
51121
expires
Fri, 09 Jul 2021 02:12:33 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi80LzYvOGIwZDM2ZGMzOGI1Y2I4NWZlYTcxNWE5YTNjODQ5NDYuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi80LzYvOGIwZDM2ZGMzOGI1Y2I4NWZlYTcxNWE5YTNjODQ5NDYuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
fc10d7eea1377cfa037279bc552089af795c3520a72d7e701a0268b6a78bdf5e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 17:48:19 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
16732698552310681597
accept-ranges
bytes
content-length
35665
expires
Sat, 10 Jul 2021 17:48:19 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi9lLzEvZTVhN2I0ZmE2YWY4MjljOWE0ODg4MTEzNGJhOWQyZTEuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi9lLzEvZTVhN2I0ZmE2YWY4MjljOWE0ODg4MTEzNGJhOWQyZTEuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
03fa12fa32843f19fcffaa356e8b82cdf704911752768fa5aba13df48da80398

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 17:42:08 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2612590197874790330
accept-ranges
bytes
content-length
65792
expires
Sun, 11 Jul 2021 17:42:08 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi82L2YvODY1MWUyMTY2MGM4ZTAzODkwZDNkMGMzNjE2YjQ5NmYuanBn.jpg
s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w780h310/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvZm9jdXNfMTE4Mi82L2YvODY1MWUyMTY2MGM4ZTAzODkwZDNkMGMzNjE2YjQ5NmYuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
b48e56b529a96f591d55b3ae8df03ac43e00bb4117c56fb388efd59c0d375cc9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 05:23:34 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
1200258708625888079
accept-ranges
bytes
content-length
66621
expires
Sun, 11 Jul 2021 05:23:34 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOC85L2RkZDM3MGE2NTgwNmE2MTk3NjY0ZDhmYWQxYWRmMTg5LmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvOC85L2RkZDM3MGE2NTgwNmE2MTk3NjY0ZDhmYWQxYWRmMTg5LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
20e9dd5a44bfc6b252fc8aa780dd10f4f60eb0fa45fe3de96fcc81b963224b0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 13 Jun 2021 13:05:49 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
3440029024235231326
accept-ranges
bytes
content-length
9021
expires
Tue, 13 Jul 2021 13:05:49 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvZi83L2ZkZDY5NjlkMzZmOWMwZmNjYzFiYjcyODUyMjg3MmY3LmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvZi83L2ZkZDY5NjlkMzZmOWMwZmNjYzFiYjcyODUyMjg3MmY3LmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d352065a6aecc621e043f3832548fcf0444c52509b761885caf4f137a3b8443c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:39 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2263448590624639345
accept-ranges
bytes
content-length
12144
expires
Mon, 12 Jul 2021 10:03:39 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvNC9jLzEzMWM2ZjI3ZTllOWM0YjY4MmQxZGEyOGQ3ODIwODRjLmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvNC9jLzEzMWM2ZjI3ZTllOWM0YjY4MmQxZGEyOGQ3ODIwODRjLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
9c646db15d1f36f36695b14ef0655382c474d16b5f7d9e82d2502a71faa3927d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 05:18:34 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
11656789790632043276
accept-ranges
bytes
content-length
11266
expires
Sun, 11 Jul 2021 05:18:34 GMT
aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvMi8wLzZiNDJmNmQ2NzgxOTM0OTg1MmVjYmNmODY5MGYxMjIwLmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w165h165/ya0xa0m1w0/aHR0cDovL2ltZ2NhY2hlLmpvb3guY29tL211c2ljL2pvb3gvcGhvdG9fdGhfdGgvdG9wbGlzdF8zMDAvMi8wLzZiNDJmNmQ2NzgxOTM0OTg1MmVjYmNmODY5MGYxMjIwLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
21ac164dba19539c49858d505a242ee9dbc760dd024a77a767ae8d6d5c2892c3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 09:40:37 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
11988543219674982947
accept-ranges
bytes
content-length
10952
expires
Sat, 10 Jul 2021 09:40:37 GMT
/
graph.sanook.com/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getJooxSidebarEntries&variables=%7B%22channel%22%3A%22music%22%2C%22categoryIds%22%3A%5B929%5D%2C%22limit%22%3A4%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a93e9d353550365d8fc4242253f46aef6a8c21a8%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/9joexKmn7--S7VbqKoM34/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
0846e8a7f6f72652e8752abe4760606caf117bbf53b1644f11121b49d928f304
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

Date
Mon, 14 Jun 2021 06:39:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5842 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5842 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C9B7 		0
0
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:45 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1623652785.dop224.fr8.t,1623652785.cds268.fr8.hc,1623652785.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
activeview
pagead2.googlesyndication.com/pcs/ Frame 108D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCKEZh0A7L66hv6TfqRO-gWecKHnnTqgqDS4a12Z6sF28kHbxK7tC1qouC76GiaDeiA1iWwKD3bWZyNxUeDu-ZlMvTAK3FASzNiu0kxdc&sig=Cg0ArKJSzGu3wXAP8nmhEAE&id=lidar2&mcvt=1012&p=344,108,789,238&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2209700283&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623652784375&dlt=0&rpt=221&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F587 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwwMvcn6amNcVHSKJJSdrfyYSG42elKSFFvscF8Mhto6KDvTBAbQl10vZEugT3J25mhc6CbMoRnRMSHJOG-di796BnsU5M3chJMQTEW0I&sig=Cg0ArKJSzCkP2CrepsSGEAE&id=lidar2&mcvt=1027&p=75,255,325,1345&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2010139517&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623652784638&dlt=0&rpt=183&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EE0A 		0
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.151:80
AN-X-Request-Uuid
f454bb1f-387b-4b77-8518-2216471f3961
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4028 		0
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:45 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.143:80
AN-X-Request-Uuid
6fc3b077-11d4-4589-a577-4e2fcdf8865a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI0NzcvY2F0cy5qcGc=.jpg
s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI0NzcvY2F0cy5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
4617643e09d30a80c8275fa327f71910e316eb47806987c55ab36dc2ce29ce2f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:17:02 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
12743699770446588936
accept-ranges
bytes
content-length
9818
expires
Wed, 14 Jul 2021 06:17:02 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI0NzMvaW1hZ2UxLmpwZw==.jpg
s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/jo/0/rp/rc/w300h120/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2pvLzAvdWQvNDg2LzI0MzI0NzMvaW1hZ2UxLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
45bf8bf9ae0a54cba6caf8b3a38604c5a29c5bdd352b936120987d1ed820bc18

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 04:16:53 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
5160343303577839385
accept-ranges
bytes
content-length
5604
expires
Wed, 14 Jul 2021 04:16:53 GMT
query
global.cloud.netacuity.com/webservice/ 		535 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.7.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-7-243.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
24bb8195525e881e26e3b7cea3fda2681010204d5361e3fc784ae8e58973fe47

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Jun 2021 06:39:46 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
content-length
246
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
a.js
p.adlooxtracking.com/gpt/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
bed19ef32432a609feca36d2bc6b49255d34674724d5c03ec4b790c4d73d550c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 05:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 09 May 2021 19:55:21 GMT
server
nginx
age
2387
etag
W/"b83f21b3b86f8c5af4a60b50b2412f5f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=3600
timing-allow-origin
*
alt-svc
clear
content-length
2692
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3275 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrpDD4E0sKn4rbMjUNns813wxpT9lPkxeEGCR1mHyuHmr2_Wxn64o0gE9VXFSHhXGkZW1mu9Q7Wp8XR07vvsaRf4CjST314MHUUWzXp9NkXGESr0lb8TaWN5kWb459MxXLXaL-eGBWdze9isBdGw&sai=AMfl-YT-_UWW7BRmJijZoH3M0NbrFaxcEIlFR2MsVLBx8EqtWUIRP8_uJtwCFmRw7Tgf59G2hXD15U9BSS5AMRwRsD5bVVQRBpTOnn5hJ6DV45C0A1an1A9bki1idNk&sig=Cg0ArKJSzLf1md02DNjKEAE&cid=CAASFeRoa70DIMFf8SiudFDmYCrCxD-oqA&id=ampim&o=1045,924&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1033&mtos=0,0,1033,1033,1033&tos=0,0,1033,0,0&tfs=115&tls=1148&g=100&h=100&tt=1148&r=v&avms=ampa&adk=3191418387
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7B9E 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 03:56:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0B70 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; chkChromeAb67Sec=1; DPSync3=1624838400%3A219_201_197%7C1623715200%3A174; SyncRTB3=1624838400%3A161_54_71_81_220_3_22_166_55_21_56_7_8_13%7C1624924800%3A35%7C1626220800%3A203%7C1624233600%3A2_15_223%7C1624492800%3A63; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; PugT=1623652785; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=33158
expires
Mon, 14 Jun 2021 15:52:25 GMT
date
Mon, 14 Jun 2021 06:39:47 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 167D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; chkChromeAb67Sec=1; DPSync3=1624838400%3A219_201_197%7C1623715200%3A174; SyncRTB3=1624838400%3A161_54_71_81_220_3_22_166_55_21_56_7_8_13%7C1624924800%3A35%7C1626220800%3A203%7C1624233600%3A2_15_223%7C1624492800%3A63; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; PugT=1623652785; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=33158
expires
Mon, 14 Jun 2021 15:52:25 GMT
date
Mon, 14 Jun 2021 06:39:47 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0051 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; chkChromeAb67Sec=1; DPSync3=1624838400%3A219_201_197%7C1623715200%3A174; SyncRTB3=1624838400%3A161_54_71_81_220_3_22_166_55_21_56_7_8_13%7C1624924800%3A35%7C1626220800%3A203%7C1624233600%3A2_15_223%7C1624492800%3A63; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; PugT=1623652785; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=33158
expires
Mon, 14 Jun 2021 15:52:25 GMT
date
Mon, 14 Jun 2021 06:39:47 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 0B70 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3512997&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e554d7dc776a263519791a4c215b1e9131fda067d36fbdc836200c1355c16785

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:47 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame F48C
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1002512638
  • https://sync.1rx.io/usersync/tradedesk/3cbe2ceb-017c-4329-a88c-e8b3505c211e
  • https://sync.targeting.unrulymedia.com/csync/RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003
42 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5; KRTBCOOKIE_409=22966-aGRTeHpJYNm6LVbfz39JW-VP; KRTBCOOKIE_107=1471-uid:oY5VY1KW1LSGgb5; PugT=1623652786; KRTBCOOKIE_1074=22956-e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003&KRTB&17107-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:47 GMT; path=/ PugT=1623652787; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:47 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:47 GMT; path=/
x-lat
amspug013:0:383
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Mon, 14 Jun 2021 06:39:47 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003%22%7D; path=/; expires=Tue, 14 Jun 2022 06:39:47 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003
etag
RX9466ab1dba174ce88114e62b53b6ae56003
Pug
simage2.pubmatic.com/AdServer/ Frame C619
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; PugT=1623652785; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:45 GMT
content-type
text/html; charset=utf-8
x-lat
amspug007:2:375
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=2ca55e38-06a9-45c3-a3af-0dc6bc6c6dda; path=/; domain=csync.loopme.me; Expires=Wed, 14-Jul-2021 06:39:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Mon, 14 Jun 2021 06:39:47 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 17AD
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aGRTeHpJYNm6LVbfz39JW-VP
42 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aGRTeHpJYNm6LVbfz39JW-VP
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aGRTeHpJYNm6LVbfz39JW-VP
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; PugT=1623652785; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-aGRTeHpJYNm6LVbfz39JW-VP; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:47 GMT; path=/ PugT=1623652787; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:47 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:47 GMT; path=/
x-lat
lhrpug016:0:452
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 14 Jun 2021 06:39:47 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=aGRTeHpJYNm6LVbfz39JW-VP; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=aGRTeHpJYNm6LVbfz39JW-VP
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame EA0D 		42 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 14 Jun 2021 06:39:47 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0aaad87d590000537329abe000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65f190422a725373-FRA
bridge
cm.adgrx.com/ Frame CEB9 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 14 Jun 2021 06:39:48 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 639E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=agnoeUSkTsvAutoskaePD6UTxK3USDyECdgMqI7T
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 14 Jun 2021 06:39:47 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aqnseFmMZaE9DXqwmyCEI2xHrPuXTNd1WEiNoBZaNsIdV2U640sM3dZa2OfMuIB0qZaLfv3m7QyGNt4KjF7xKYQI; path=/; domain=.tribalfusion.com; expires=Sun, 12-Sep-2021 06:39:47 GMT; SameSite=None; Secure; ANON_ID_old=aqnseFmMZaE9DXqwmyCEI2xHrPuXTNd1WEiNoBZaNsIdV2U640sM3dZa2OfMuIB0qZaLfv3m7QyGNt4KjF7xKYQI; path=/; domain=.tribalfusion.com; expires=Sun, 12-Sep-2021 06:39:47 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0aaad87e0a00004e43a72cd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65f190433b134e43-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Mon, 14 Jun 2021 06:39:47 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
449
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=agnoeUSkTsvAutoskaePD6UTxK3USDyECdgMqI7T; path=/; domain=.tribalfusion.com; expires=Sun, 12-Sep-2021 06:39:47 GMT; SameSite=None; Secure; ANON_ID_old=agnoeUSkTsvAutoskaePD6UTxK3USDyECdgMqI7T; path=/; domain=.tribalfusion.com; expires=Sun, 12-Sep-2021 06:39:47 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0aaad87d5d00004e43c63c6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65f1904228994e43-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame BD7D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=otERy3TvvmEt&pid=557219
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=otERy3TvvmEt&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=otERy3TvvmEt&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5; KRTBCOOKIE_409=22966-aGRTeHpJYNm6LVbfz39JW-VP; KRTBCOOKIE_107=1471-uid:oY5VY1KW1LSGgb5; KRTBCOOKIE_1074=22956-e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6; KRTBCOOKIE_594=17105-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003&KRTB&17107-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003; PugT=1623652787
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:44 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:44 GMT; path=/
x-lat
amspug018:0:468
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-k8nvs
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=otERy3TvvmEt;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 09-Jun-2022 06:39:47 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=23ec355ba7b3fdcc; path=/; HttpOnly; Secure; SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=otERy3TvvmEt&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 34F3
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a136259-8f15-489e-9c45-1a50c0174b66-tuct7c07f33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a136259-8f15-489e-9c45-1a50c0174b66-tuct7c07f33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a136259-8f15-489e-9c45-1a50c0174b66-tuct7c07f33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=1a136259-8f15-489e-9c45-1a50c0174b66-tuct7c07f33
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 14 Jun 2021 06:39:47 GMT
via
1.1 varnish
x-served-by
cache-fra19169-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1623652788.671429,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=1a136259-8f15-489e-9c45-1a50c0174b66-tuct7c07f33;Version=1;Path=/;Domain=.taboola.com;Expires=Tue, 14-Jun-2022 06:39:47 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a136259-8f15-489e-9c45-1a50c0174b66-tuct7c07f33&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 14 Jun 2021 06:39:47 GMT
via
1.1 varnish
x-served-by
cache-fra19169-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1623652788.583824,VS0,VE68
x-vcl-time-ms
68
content-length
0
141
match.deepintent.com/usersync/ Frame 2A1E 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Mon, 14 Jun 2021 06:39:46 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame C0C6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pVLtIVl2RhJD6Ff7xoYLq1uEiIw
42 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pVLtIVl2RhJD6Ff7xoYLq1uEiIw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pVLtIVl2RhJD6Ff7xoYLq1uEiIw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5; KRTBCOOKIE_409=22966-aGRTeHpJYNm6LVbfz39JW-VP; KRTBCOOKIE_107=1471-uid:oY5VY1KW1LSGgb5; KRTBCOOKIE_1074=22956-e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6; KRTBCOOKIE_594=17105-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003&KRTB&17107-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003; PugT=1623652787
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-pVLtIVl2RhJD6Ff7xoYLq1uEiIw; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:46 GMT; path=/ PugT=1623652786; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:46 GMT; path=/
x-lat
amspug006:0:465
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 14 Jun 2021 06:39:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pVLtIVl2RhJD6Ff7xoYLq1uEiIw
Set-Cookie
sa-user-id=s%3A0-a552ed21-5976-4612-43e8-57fbc6860bab.vm0hIqcnS2KdR5tfrpvuiRM%2BA1AnbA4XEtzL%2BnWKULo; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-a552ed21-5976-4612-43e8-57fbc6860bab%24ip%2491.132.136.140.QqwXxK0rePFVqqubZudnhdhSdj8ogmECLhW%2BcQPtobg; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
receive
pixel.tapad.com/idsync/ex/ Frame 8FF2
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1623652785950; TapAd_DID=e996bab8-bcc4-4755-9824-038042ead241; TapAd_3WAY_SYNCS=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 14 Jun 2021 06:39:47 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

server
nginx
date
Mon, 14 Jun 2021 06:39:46 GMT
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:46 GMT; path=/
x-lat
amspug012:0:357
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
Pug
simage2.pubmatic.com/AdServer/ Frame D6D0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oY5VY1KW1LSGgb5&gdpr=0&gdpr_consent=
42 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oY5VY1KW1LSGgb5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oY5VY1KW1LSGgb5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5; KRTBCOOKIE_409=22966-aGRTeHpJYNm6LVbfz39JW-VP; PugT=1623652787
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:oY5VY1KW1LSGgb5; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:46 GMT; path=/ PugT=1623652786; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 06:39:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:46 GMT; path=/
x-lat
amspug016:0:380
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Mon, 14 Jun 2021 06:39:46 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:oY5VY1KW1LSGgb5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-09aa64c92a07a6de3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=oY5VY1KW1LSGgb5; Domain=.w55c.net; Expires=Thu, 14-Jul-2022 06:39:47 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Wed, 14-Jul-2021 06:39:47 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame B528
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2DF79FBBC614B029EF6A431CA04A6F7
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2DF79FBBC614B029EF6A431CA04A6F7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2DF79FBBC614B029EF6A431CA04A6F7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; PugT=1623652785; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; SPugT=1623642971; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 14 Jun 2021 06:39:46 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 12-Sep-2021 06:39:46 GMT; path=/
x-lat
amspug003:0:403
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Mon, 14 Jun 2021 06:39:47 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E2DF79FBBC614B029EF6A431CA04A6F7
expires
Sun, 13 Jun 2021 06:39:47 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
usersync
match.bnmla.com/ Frame 9101 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 14 Jun 2021 06:39:49 GMT
Content-Length
0
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame 0B70
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&addseg=31
7 B
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:48 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Mon, 14 Jun 2021 06:39:47 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
info2
uipglob.semasio.net/pubmatic/1/ Frame 0B70
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3BEB6B3E-EE66-479A-A113-AD156D2A8585&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3BEB6B3E-EE66-479A-A113-AD156D2A8585&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3BEB6B3E-EE66-479A-A113-AD156D2A8585&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
frontend-id
14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:46 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3BEB6B3E-EE66-479A-A113-AD156D2A8585&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0B70 		95 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3BEB6B3E-EE66-479A-A113-AD156D2A8585
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65f190423dc8dffb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0aaad87d600000dffba71ed000000001
/
loadm.exelator.com/load/ Frame 0B70
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Mon, 14 Jun 2021 06:39:47 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=3BEB6B3E-EE66-479A-A113-AD156D2A8585&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0B70
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4238030769023193479
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4238030769023193479
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:46 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:371
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 14 Jun 2021 06:39:47 GMT
X-Proxy-Origin
91.132.136.140; 91.132.136.140; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.150:80
AN-X-Request-Uuid
3d3a998b-34a3-4340-ac51-942847811994
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4238030769023193479
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0B70
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6
42 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:46 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:342
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6
date
Mon, 14 Jun 2021 06:39:47 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 0B70
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5022bd08-ccdb-11eb-8aef-4b13e082f862&gdpr=0&gdpr_consent=
1 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5022bd08-ccdb-11eb-8aef-4b13e082f862&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:47 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:311
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5022bd08-ccdb-11eb-8aef-4b13e082f862&gdpr=0&gdpr_consent=
Date
Mon, 14 Jun 2021 06:39:47 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
5022bd09-ccdb-11eb-8aef-4b13e082f862
SPug
simage4.pubmatic.com/AdServer/ Frame 0B70 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155976&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 167D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; repi=1; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5; KRTBCOOKIE_409=22966-aGRTeHpJYNm6LVbfz39JW-VP; KRTBCOOKIE_107=1471-uid:oY5VY1KW1LSGgb5; KRTBCOOKIE_1074=22956-e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6; KRTBCOOKIE_594=17105-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003&KRTB&17107-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003; KRTBCOOKIE_279=22890-5022bd08-ccdb-11eb-8aef-4b13e082f862&KRTB&23011-5022bd08-ccdb-11eb-8aef-4b13e082f862; KRTBCOOKIE_860=16335-pVLtIVl2RhJD6Ff7xoYLq1uEiIw; KRTBCOOKIE_218=22978-YMb5tAABhJ8d4QBg&KRTB&23194-YMb5tAABhJ8d4QBg&KRTB&23209-YMb5tAABhJ8d4QBg&KRTB&23244-YMb5tAABhJ8d4QBg; KRTBCOOKIE_699=22727-AAA__k7BjfMAADKabvqv2g; PugT=1623652789; SPugT=1623652788
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=33155
expires
Mon, 14 Jun 2021 15:52:25 GMT
date
Mon, 14 Jun 2021 06:39:50 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0051 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=3BEB6B3E-EE66-479A-A113-AD156D2A8585; KRTBCOOKIE_1101=23040-6973535607355472014; PUBMDCID=3; KRTBCOOKIE_377=6810-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&22918-3cbe2ceb-017c-4329-a88c-e8b3505c211e&KRTB&23031-3cbe2ceb-017c-4329-a88c-e8b3505c211e; KRTBCOOKIE_391=22924-1440206410165877309&KRTB&23263-1440206410165877309; KRTBCOOKIE_336=5844-8704743018942366899; KRTBCOOKIE_57=22776-4238030769023193479; KRTBCOOKIE_153=19420-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT&KRTB&22979-8sFc6aLIXe_pk1y89cgS7qfHCufpklnsppPqJ7DT; KRTBCOOKIE_22=14911-2731647555875736110; KRTBCOOKIE_188=3189-4cedb9eb-66aa-4c93-a7f1-76c6ba2448f5-60c6f9b1-4348; KRTBCOOKIE_80=22987-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&16514-CAESEAAKJvflXgLTtoxRKvRL5ZY&KRTB&23025-CAESEAAKJvflXgLTtoxRKvRL5ZY; KRTBCOOKIE_27=16735-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&16736-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23019-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901&KRTB&23114-uid:50dc60c6-f9b1-4700-b138-1a91c6b11901; repi=1; chkChromeAb67Sec=2; DPSync3=1624838400%3A201_197_221_226_227_232_219%7C1623715200%3A174; SyncRTB3=1626220800%3A203%7C1624233600%3A15_2_223_67%7C1624924800%3A35%7C1624492800%3A63%7C1628812800%3A69%7C1624838400%3A3_56_7_104_220_78_71_161_54_81_22_21_13_99_234_176_231_88_189_233_57_8_230_165_204_222_166_55_5; KRTBCOOKIE_409=22966-aGRTeHpJYNm6LVbfz39JW-VP; KRTBCOOKIE_107=1471-uid:oY5VY1KW1LSGgb5; KRTBCOOKIE_1074=22956-e_ed3e6a09-41d5-4d3c-8929-d0dca3a214e6; KRTBCOOKIE_594=17105-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003&KRTB&17107-RX-9466ab1d-ba17-4ce8-8114-e62b53b6ae56-003; KRTBCOOKIE_279=22890-5022bd08-ccdb-11eb-8aef-4b13e082f862&KRTB&23011-5022bd08-ccdb-11eb-8aef-4b13e082f862; KRTBCOOKIE_860=16335-pVLtIVl2RhJD6Ff7xoYLq1uEiIw; KRTBCOOKIE_218=22978-YMb5tAABhJ8d4QBg&KRTB&23194-YMb5tAABhJ8d4QBg&KRTB&23209-YMb5tAABhJ8d4QBg&KRTB&23244-YMb5tAABhJ8d4QBg; KRTBCOOKIE_699=22727-AAA__k7BjfMAADKabvqv2g; PugT=1623652789; SPugT=1623652788
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=33155
expires
Mon, 14 Jun 2021 15:52:25 GMT
date
Mon, 14 Jun 2021 06:39:50 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 167D 		182 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29771702&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e476834cb4fa4c40da64dad7e1991dd0c6b2a24af88d1c4361fc4935eb1baa57

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 167D
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3BEB6B3E-EE66-479A-A113-AD156D2A8585
  • https://a.audrte.com/p
68 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 14 Jun 2021 06:39:51 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 14 Jun 2021 06:39:50 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"a1a545c95f313a230157b47dca555c25"
x-amz-request-id
3548ZACB1TXT9DXN
x-cache
HIT
content-length
9086
x-amz-id-2
lrGmBav4aG1dTGH04U3IxpiEUDSi9hhjBt62+1G/UcnZetkS3RJjmy6S3k9R8oT3pWXMO4dG+rQ=
x-served-by
cache-hhn4031-HHN
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1623652792.343268,VS0,VE0
date
Mon, 14 Jun 2021 06:39:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
151
syncframe
gum.criteo.com/ Frame 6EF2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.sanook.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1520
set-cookie
uid=46170828-b8b1-4112-9042-91d0a87ad534; expires=Tue, 14 Jun 2022 06:39:51 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Mon, 14 Jun 2021 06:39:51 GMT
content-length
1129
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8be382542ed03a42a70bb9e788d78dd433b12ba794217e6867347263e36d344c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Jun 2021 06:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8510
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 14 Jun 2021 06:39:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 0BF5 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 14 Jun 2021 03:08:26 GMT
expires
Tue, 14 Jun 2022 03:08:26 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
12686
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame ED5C 		783 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7dbc4fec3a52f23897826c859ea44e9e0abb25baf03802b28badf9ed3492245f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DlEb2c7ZEWhOpnxAFE2OMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.sanook.com/

Response headers

expires
Mon, 14 Jun 2021 06:39:52 GMT
date
Mon, 14 Jun 2021 06:39:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-DlEb2c7ZEWhOpnxAFE2OMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame 0BF5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 06:35:25 GMT
8f062114d3
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=13583&ref=https://www.sanook.com/&be=3288&fe=13520&dc=3440&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1623652778775,%22n%22:0,%22f%22:982,%22dn%22:983,%22dne%22:983,%22c%22:983,%22s%22:993,%22ce%22:1613,%22rq%22:1613,%22rp%22:1822,%22rpe%22:2026,%22dl%22:1826,%22di%22:3439,%22ds%22:3440,%22de%22:3440,%22dc%22:13519,%22l%22:13519,%22le%22:13524%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=3628474863181208&bg=!3t2l3ZnNAAY6sG-_OrA7ACkAdvg8Wn6mIM6L-frYZt_y-GCS-4ny5olo6xiyU0Yc_jKsAME3rTyWHgIAAABuUgAAAA1oAQcKAGTAXoDzuh9WaGttXvp9_S7Wky5-rU4ZLSXdqIIUO8eA-V10p3JgFDmGkuIE0CEku7rzCAe1JmvSWNn588xoMz-fHx4uZ_lf6_VZNrgteNQ3rFOF9ToNx-He3tItLggpYw270pavmQJzRH16QDVoii1wviQXQLHrcw5ypPckYEjZSAIZ_xj8dzPMOyAbhrRybeL0hjFuJDeJVayR_j774ws0x-pxgXk37Foi2azv0kUuokAzfHx7S73ZGXFXzHT9xcsS4RlGkkBiY2Y1mqstUzcXKLvmDbKtS5sJ9T86STGOYLtu9S7UalUM41sSXhy9-hFwkueg3og2y2xyZYJkKABKtFuavlow3Blu_0A1h9CB4OXLrha3FbTdxTLW0REsrKUNTUOYd-cxb05n-ET422i8-OdLwF9xF3p9OjuhCr5RQi18TESNDe72WXJszTDsZV7bCMso0w2EPotbYv4N-Mfg8TaQBRzuJTtHTp0nY3Ckykbf7YGFrkjX8gRSz1Bo46SojA53nPCpWeQXvrNZvG2zCXkz0Tay9Gi3-y5zCLEvsUPb7pC7BVwm9WhPnLp1X74yojyOpY-STwo_7suuM04TMm4BwuOcpUpGPIN8TtViuIAtDWinMFcDg1v8D5A7R32QdnCv76pgP9dxpggswcd-cM3Uhop2jw7ZeAcK9IOkvSjuVNbIR61kXzA6C-DyP2HY56QQh0_v5dhmf4JaTJX91FCG7TZgVtc2rZawsTkWr6dC6Qbh0UaK3RhsDx9zOrc2COqztQCvG-9t_smE-kDuNWszH8tQHBDRwCLaRhXj3Dw1L4fA7UZ7U_V9jnkh8WUCVJN3ymo5iuz-JGXzzKvHSvHobOMcN--_LgzDIXS9g-sCUq9S6Wf757hsGeYT4is7c4LmwMHTZ6ddHfMKi6tnRCVeOSYWGZ7pZ3IztQGNKdfA-s3z2Ka-KS19h5iF-4IAdqyXNKMqg8Jt
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Jun 2021 06:39:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-1.8.3.min.js
s.isanook.com/sh/0/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/5c2ce1b90f5a5547af86098b9935ea82665f5fcb.d2cf53f0a65b4453ffa9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 10:03:40 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
93636
server
Lego Server
age
0
etag
W/"PSA-aj-0IhQ85x_cu"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2591997
x-nws-log-uuid
4975624820247977187
accept-ranges
bytes
content-length
33384
expires
Mon, 12 Jul 2021 10:03:38 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0MzcvdG9jLXBzZCg3KS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0MzcvdG9jLXBzZCg3KS5qcGc=.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
f2ed9241a440bc1b08f354d1a3c75d3eaa4974d4892819b44ea84c77a582ca15

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 05:12:13 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6840578917867720387
accept-ranges
bytes
content-length
46478
expires
Wed, 14 Jul 2021 05:12:13 GMT
sanook-notification.1.0.3.min.js
s.isanook.com/no/1/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/5c2ce1b90f5a5547af86098b9935ea82665f5fcb.d2cf53f0a65b4453ffa9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 05:30:27 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
2114
server
Lego Server
age
0
etag
"5d9c5150-842"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
9036023080758449111
accept-ranges
bytes
content-length
1054
expires
Fri, 09 Jul 2021 05:30:27 GMT
sanook-notification-v1.017b.css
s.isanook.com/sh/0/cs/ 		3 KB
1013 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/cs/sanook-notification-v1.017b.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 06:27:47 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
3433
server
Lego Server
age
154313
etag
"5d9c5105-d69"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
12897927455911766757
accept-ranges
bytes
content-length
825
expires
Wed, 07 Jul 2021 06:27:47 GMT
socket.io.min.1.0.js
s.isanook.com/no/1/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/socket.io.min.1.0.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 08:00:56 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Wed, 18 Sep 2013 05:33:33 GMT
server
Lego Server
age
0
etag
W/"52393b2d-a942"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
372065263668376814
accept-ranges
bytes
content-length
14046
expires
Fri, 09 Jul 2021 08:00:56 GMT
/
notification.sanook.com/socket.io/1/ 		71 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.sanook.com:9405/socket.io/1/?t=1623652799714
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
203.151.133.55 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
Software
/
Resource Hash
ada675e10605e1ab9b5e745ed8d69548009a8af1559359c590fe9accd58ef6bc

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Mon, 14 Jun 2021 06:40:00 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0NjUvNC5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzEyLzE1NjQ0NjUvNC5qcGc=.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.109.191.116 Bangkok, Thailand, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
094809cf88308bfba92761f591a1b8a902a46c330bde3a6af664aa7025e03f30

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 06:29:06 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14932867578088614479
accept-ranges
bytes
content-length
46991
expires
Wed, 14 Jul 2021 06:29:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p3.isanook.com
URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=2790933080886977&bg=!Tk2lTQnNAAY6sG-_OrA7ACkAdvg8WklpSuMloGQe7RH1l3ip7V3qSTsydFIu4clfjU4XsBh92Fz6LQIAAADQUgAAAA9oAQcKAH45jwgHM_Mb90jV7NmY3AFF3n8eCWB5CMyA54riQXPmvQvuSHOTo5sZqLo6a2tPHE7HLnGWcR755WhJk6f0mUdeFCpxamTLNnbKq8HZuFp_ulhJtn0slkfZnlhB5bVTohbyGpz64hV_0iySO9qwI-FXVTlNj-om6nEkye9c16iZAoO9WCukP-iEuQKIfGjndywpcf8FIV_V_dkr16g7XjoE67YEJlWEqh80h1z_Hik5zU5xaBR38uD29qdmBvuCl3l2CX-GVsKfMAvAp_ukN8pfby7kjruVRYtaRKnZ9J-Ok9WJAsMCIiYGYcP9LHB988SuFb55UKeE9WHf87UaMNPZw-UCMH5fEERy6rOwrBKwH2AXWwFetIBR4SfIwdrg05k1wG77Tu2kYYOS2pXf6pPKa2Y7Y1MStemt3loZW5eiwFbGPokvf4rNIaCyE-YT0SK64RlRslEbPbXnu72S550iGNeiHw2Qz-CONh-RZebMtlG0sWdMF3dKD736p7t1SeNsQ90s5KLGG-kktGOsfWCV7WdpZd7vrWDW8rIVQsl0YVzU-uObCrcLZm8CRgEBRDauTLnokRdlNVw395yeVCqf3cI2upsvJJM96W6yJpbCQUX2sKgE8P3IFvLcvBh-d4oaZkChDxO42eoypiNWL8ooaY3CzMmXbpyM2hvelCQ1KL1qC2pzgq0_bPE0nBYuQ2IDlzXMVvuSCz3REl0YiBfJmsP09PdX79mHGvkXD7XE3zzkr73gNoP7Qb533FOjOZnQm2jXlsOT_nhKcMLb_IYiRciD2QxgocGdcf5FazLRBm-VZdHGbbjMHH6XqrCYdH97jmHFJ-L9m5r4lZp1jQ0WpT63DigpIthlCby7pcO3w6JJIK6TgmdHI8gR3LW-uhFuxjEGcP7c8Qkng0TS3ha5zvFssSfHIPyj20Fk4IYe-ij-ZkCq0xywfNfka1vrzQh7e5h1tQ4Dz8JjgLZeg3iRRUbzeuol5yYmKUBhuSHQ93o1s3JHRDaIdCrJnA2h3vipJd9m
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiczLZDoF0CMucPobZlZr1TbohnIuSmSrZwAgIVES5nV_ESdOeqjdQ2T4DnAFxt6maCo7LUZShzuwj1Z7ZPsCTAuMUQmxc6Ja73K0CPgY&sig=Cg0ArKJSzF9HG-K6Wf7nEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=345054422&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=3&eosm=0&rst=1623652784358&dlt=0&rpt=406&isd=0&msd=0&esd=0&r=u
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTpSku7ys0IC6BlMZGCZhbehfo_6D7B7liMyb5soBflr7EnSQdZQUTkM5ktDZrS1grKSgjoh6goRERAtLxHwoicyWMXDOVv8c0LAY9sh4&sig=Cg0ArKJSzL3qYEkCZ9RVEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1033481451&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=3&eosm=0&rst=1623652784954&dlt=0&rpt=138&isd=0&msd=0&esd=0&r=u

Verdicts & Comments Add Verdict or Comment

490 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| objGTMInitialValue object| smiData boolean| GTMFirstLoad object| dataLayer function| getPage boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL object| m function| fbq function| _fbq object| NREUM object| newrelic function| __nr_require string| deviceOS object| _izq object| PWT object| googletag string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link object| criteo_pubtag object| criteo_pubtag_109 object| Criteo object| Criteo_109 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| google_optimize function| _UA-8147095-6_sendHitTask function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| webpackJsonp object| _comscore object| innityDataLayer function| udm_ object| ns_p object| COMSCORE object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq object| _innity_wtl object| _innityoq object| V object| _iampt number| dz boolean| bG5f47736a47e7049801000002 string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal object| regeneratorRuntime object| __NEXT_DATA__ function| __BUILD_MANIFEST_CB object| __NEXT_P object| next object| __BUILD_MANIFEST object| container undefined| _izAlt function| Izooto object| izConfig object| _izooto object| iframe function| __NEXT_PRELOADREADY boolean| isLottoContent object| __consolidated_events_handlers__ boolean| snBillboardPlaceholder object| _taboola string| DataCollectionObject function| datCol object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| scCGSHMRCache object| vttjs function| WebVTT object| Base64 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| billboardRefreshList object| msgData string| Ct string| At string| cd35 string| cd36 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| time_interval number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult function| calcTime undefined| width undefined| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter object| machine_rules function| isInteger number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy function| myTimer number| myVar function| isVisible number| randomval1 number| network1 number| network2 number| percent1 number| namemc function| bidadjust1 number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| pbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop function| andbeyonddisps function| addListenerMulti boolean| idleStates object| idleTimers string| pathurl12 number| geoindiablock function| callbackand0 function| $ function| jQuery object| adloox_pubint object| ignore number| refreshval number| number5 number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2 number| newflag number| diff number| flagnewone number| passivergptbillboard6 number| activergptbillboard6 number| time_refreshunitrgptbillboard6 number| nextnumberrgptbillboard6 number| passivergptSkyscraper3 number| activergptSkyscraper3 number| time_refreshunitrgptSkyscraper3 number| nextnumberrgptSkyscraper3 number| passivergptreca8 number| activergptreca8 number| time_refreshunitrgptreca8 number| nextnumberrgptreca8 number| passivergptrecb4 number| activergptrecb4 number| time_refreshunitrgptrecb4 number| nextnumberrgptrecb4 number| passivergptnative17 number| activergptnative17 number| time_refreshunitrgptnative17 number| nextnumberrgptnative17 number| passivergptthemead5 number| activergptthemead5 number| time_refreshunitrgptthemead5 number| nextnumberrgptthemead5 object| GoogleGcLKhOms object| google_image_requests object| SanookNotification object| io boolean| WEB_SOCKET_DISABLE_AUTO_INITIALIZATION

8 Cookies

Domain/Path Name / Value
.casalemedia.com/ Name: CMRUM3
Value: 3360c6f9b82760b3018898-7b8c-49f8-8689-7e0c4fe3fd7b
.casalemedia.com/ Name: CMST
Value: YMb5uGDG+bgA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-b3018898-7b8c-49f8-8689-7e0c4fe3fd7b
.casalemedia.com/ Name: CMPS
Value: 3270
.casalemedia.com/ Name: CMPRO
Value: 1195
.casalemedia.com/ Name: CMID
Value: YMb5uNdybr8t6QrAAzEDgwAA
.pubmatic.com/ Name: PugT
Value: 1623652790
.pubmatic.com/ Name: PUBMDCID
Value: 3

31 Console Messages

Source Level URL
Text
console-api warning URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api info URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17)
Message:
Powered by AMP ⚡ HTML – Version 2105281634000 https://www.sanook.com/
console-api info URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17)
Message:
Powered by AMP ⚡ HTML – Version 2105281634000 https://www.sanook.com/
console-api info URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17)
Message:
Powered by AMP ⚡ HTML – Version 2105281634000 https://www.sanook.com/
console-api log (Line 17979)
Message:
Country1CH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e73199f2f83d772c56fec2cf8254196.safeframe.googlesyndication.com
4b0dd50bdb0c7453493cce46dc16ab2b.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.ch
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.u1sf.com
aud.pubmatic.com
avd.innity.com
avd.innity.net
bam.nr-data.net
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cdn.izooto.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csync.loopme.me
d5p.de17a.com
dc.sanook.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
global.cloud.netacuity.com
googleads.g.doubleclick.net
graph.sanook.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img-as.fsanook.com
js-agent.newrelic.com
js-sec.indexww.com
loadm.exelator.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
notification.sanook.com
p.adlooxtracking.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod.perf-serving.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb-eu.andbeyond.media
rtb.gumgum.com
s.amazon-adsystem.com
s.isanook.com
s.tribalfusion.com
sal.isanook.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.pubmatic.com
tencentth-d.openx.net
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
p3.isanook.com
pagead2.googlesyndication.com
101.33.11.110
101.33.11.48
104.111.224.62
119.81.192.134
142.250.186.162
142.250.186.98
143.204.98.87
150.109.191.116
150.109.206.145
151.101.114.110
151.101.114.49
151.101.13.108
151.101.13.44
159.253.128.188
159.65.197.210
162.247.242.18
162.55.6.212
169.197.150.8
172.217.23.98
178.250.0.163
178.250.2.131
178.250.2.146
18.159.17.140
18.198.126.47
185.183.112.155
185.29.133.58
185.64.189.110
185.64.189.112
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.64.190.82
185.86.137.132
198.148.27.140
2.18.232.7
2.18.233.180
2.18.234.21
2.21.111.28
2001:4de0:ac18::1:a:2b
2001:678:cb4:bbbb::11
203.151.130.71
203.151.133.55
213.155.156.182
213.19.147.45
2606:4700:10::ac43:db6
2606:4700:20::681a:bd1
2606:4700::6812:c05
2606:4700::6812:d841
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::2008
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c04::9d
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.56.137
3.127.166.11
3.221.146.169
3.66.135.160
34.107.231.31
34.204.22.100
34.251.129.229
34.251.130.56
34.98.107.212
35.201.96.126
35.227.248.159
35.244.159.8
37.157.5.142
37.252.172.250
37.252.172.37
38.27.122.101
51.178.20.139
51.210.112.63
52.19.7.243
52.58.102.227
54.175.176.13
54.205.198.81
54.239.17.112
54.246.13.173
54.36.109.48
54.77.19.59
61.91.93.188
61.91.94.132
61.91.94.198
66.155.71.149
72.251.241.206
76.223.111.131
77.243.60.138
77.245.57.78
85.114.159.118
94.23.171.206
0127cac8cfdb7ae5b6b946ba0858e2ebd0b54ce2bd13c4b61bd0f5a932cfa475
03fa12fa32843f19fcffaa356e8b82cdf704911752768fa5aba13df48da80398
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
07aed17dc2f45a983f81b275c168d11b3fe762d356516f1bf571f1495225a7fa
0846e8a7f6f72652e8752abe4760606caf117bbf53b1644f11121b49d928f304
094809cf88308bfba92761f591a1b8a902a46c330bde3a6af664aa7025e03f30
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be44fe931e5afb75e5ea88fc0177f7a33d328265342cd67860cb89b5bae8dca
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112622e9973f370ad52d62bebb929e22e961f23fe6a1f55f99579d25fa24f79f
129aebf4097c510af9cf9234851278c2f663fd37b7cbd325bc4a9f87548d627c
13701a9edcbf0de7608478665d67de5afe837af2ffc4afcf4de8e5a4e420bbc6
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b
148bc028ee534eb78733531d75f5ef9f2a03ced6a5cda3c840344454e8d326d5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16b12197fe58095998769413b6fff5a1870807dcd93cff2fe1cb9aafc16ca3cb
172504758412f109abca85cd5bc1b38caa0757af099eaa2d60650010d504b011
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1c829c9313915d46081658224cf9eac0f339c0bde3ebd5849f170808c9724124
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78
20e9dd5a44bfc6b252fc8aa780dd10f4f60eb0fa45fe3de96fcc81b963224b0c
212189c5b357c5593b6ad3a92ea86d57a7a0e04742f506ba6cb017b7769cbdfa
21ac164dba19539c49858d505a242ee9dbc760dd024a77a767ae8d6d5c2892c3
2295fbd4eed6fa5b0d775a17048a0f73e85c3a347bb384be7b427418cd453d23
24bb8195525e881e26e3b7cea3fda2681010204d5361e3fc784ae8e58973fe47
2605f455c564da350e89e78c1671e36180559e717367457a623253a9ac6172cd
28c9dee7d73d99d6c8060ffec9466505dfa7c20780a0b4351aa21d95c775d3bb
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f395f4fba1edd1dd7579e71e3b76a37b92062ed5d0fe3215edbb09a7f4c7ff9
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
344725aabe7fb186cba11aa89933fec8484e11a16327ace1c58692559061a0b9
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
392be8fc24902e49c54400eda11d69bb116c680d89df6c379197a1145eb1abad
3aa4c2e645269411c2461bf864e6cc7bc64cb1374bdefcbdf98f14e26d9ff0e0
3ac71c3ae051581f7cf3ecefdb030e36b15501920e0584c10a84167d516540ea
3c0f4bd24f819c687386793a6461563adcca1e5dbe158da308a1b7971fa63aca
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5b001f76b16c80d1b5178bd14102b851a8dd857278e72184057d1d5c3ea6dd
40baa072e8d2fda318d7997982fd82f709bc517e6ccded90d510f5cf0d694c74
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
45bf8bf9ae0a54cba6caf8b3a38604c5a29c5bdd352b936120987d1ed820bc18
4617643e09d30a80c8275fa327f71910e316eb47806987c55ab36dc2ce29ce2f
47e3fce67e64855fd3ac642f05d9ae116000277749f4ffea0f657132aa5bd293
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4937f429deda4a15ffebd97aa3490c62df9cc023a46a734a8021402b77cfa407
4996a083825c331e56e13372d3eb0660679a2c19b84032b9bcc6eb1e0792f569
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54b3f603da213bad02bc922242b5f3fb8395d4c82a67efdc0cd5ee69998d3b02
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
56bf6c003da89bf70ce77f111c997190c8b1e660913d2f30418c3e8a73287288
56e6ed5bbbb9077c8bfdda4d8ca32afff6c7368bb1ade4a6f57ecf3a26df870c
57e28e694c91696bf8bd286156d133688d57d58ebb91f1c9ba13b2272e7943bb
5800186dfe1f045bf506a3981070d552a8d1da1d9ef16899e1987e57102e7092
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5b43d9136d2689ffdaa1aa4468624e6316027ac849d8392c02b7e33d56ba7583
5d49b7f3daa361234989dbf43745360f9424f7583998a847bde5a5398345efa3
5d9477366cf7148b4daf6b0eb2b6332bd1400eaee6fce91e24d349831ea6d8af
5f7f9ce51d6fab28e7b648cca7f32912866732ce7c0b9fbdce68447aa2d10c25
60fad079dc91b61a311881988011fcfee25a6f5e9899a937e6e7294c5bd0c442
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
64c7bc31e9e74ec9a07cf5c8aef00c5a6d276b9936331562385206f6b7dfae38
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
6641fbba44321ca6bbc3b7869ffb57abc001b66dd0d7cd57a265caf4ab1b1399
69ae381fc583e2b20139579ce777b6ebf7340f291485a59d8e5c89a87d4d86d8
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6f449cb6e903f8e3ceaa9a6b7a0302dd23fec5db708e29c8035df6e008d00894
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
7569924baa6376bcb136dc7e5b3c39cab9f2f47de01eaf2bdf26962828fd9296
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7cc29533c25b61c96e2d461594788fbc15192bf0fc276f62a1e8cf3189441513
7cd9887504bab2d8ff316f4deace2c22bff76646a1f7d53600e97cb52aaa21a8
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c
7dbc4fec3a52f23897826c859ea44e9e0abb25baf03802b28badf9ed3492245f
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f90dcd0fba90d90c2bb4b845ecacdfb21873fef07fc57d931fce0a5a43f4a40
808f3c02d6505b24bf51b011d778f5bff0293dbae9cd5629de180a9953033a98
80f32c724a3ad590cf7f4de8f379d1fd1e86d80bff928ff53ff77820617c048e
8106dcefdfc1dbf59c6ddb74ee59bdeeb3f7f82301bce352969088ce4a5270ea
8119f988043f5f63d08e8aeffbcf059e2b34e3a93ddeaba9fc89a4c109c95366
8254d406442f130ae4253d400abb50c2a7083b737757abd530d78480a69075d2
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840af75bc8b3a5fbc16c4871c3f1a15c95fa59abd76f2a6fbed17718e2c29884
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88098bfcf6d26f4e9a3d9bbfcd845907013e74d9bb6feda2e2eba998848c6f97
88f2cbc38757dd025f854f6045eb74647a12e8c1f7ab5d08f603adc3e4878701
899183b4106d8e70f496f94786d9a348af85bb3490917383b8c6b58100b8e435
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8bdc3a26b47deb625f4e0017f21daa2e5760ab2f8599c8f1e14ee1295bd0286b
8be382542ed03a42a70bb9e788d78dd433b12ba794217e6867347263e36d344c
8cf1d62280dd96d147f46d59f387e171a673769005a8923350dca6309d9f7e5e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
8f95d222e7d69ea62172fa291feb6c08c6842a3dd5ce2ad874d07e2499fed799
91126bd23024bcc95cf11e76e6536b93ac1d1ef6f2307bc611f97a0c929c1378
92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89
949b55a6243955874bb11a7ec835b30d1dc68ddc67a9282a12b5bc87eab0d0c8
95441ab1d14f5ff3b83ed2f068960a5cefb92f0c808b3464af0ca4a4b86ddd93
9675c0929ddb4f82ce9a3b465a5a6e7b3174860485f4b039a38584f85fae9738
969d47b6c2ce2bed1d31c26cf06b0d0855d265bce00899682a51afbd4358e253
98c05e23d14f3e41457323395f7527121c7a520233fc770ab0041d93ee6104b5
99b55458db648927887e86a12c2345c021fc20eab9dacaaa6ceab24e8e25b2c9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c361370e5b93024f75c586ec20a5692f4a4e7dbe2ef15905b75cd47d74dfceb
9c646db15d1f36f36695b14ef0655382c474d16b5f7d9e82d2502a71faa3927d
9eab4bc0eec58056c3b00a50a62561731b2620c59302f501f34ba4de6421aa31
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad
a531b434701d61f81d8c01d369d309f34e49be29156ef432f0f4ff3e066a51ed
a87d98db8d2e625fb5c5a63b289373847b0729882d9f3b1efdfb0852dd8a7aa9
abbf25ca8051e1c2f7a6bb31935a853110ec6d4de643b03e140e23a6666a3114
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
ada675e10605e1ab9b5e745ed8d69548009a8af1559359c590fe9accd58ef6bc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e6066fed10dd53bec2f9ba95885ec2165b1a204c6b9914d74a7a8ca974e40
b1eb6aaa7bf55df75bdcd750d41cbd945bd03691ece48655fb6a0a24c01574b4
b48e56b529a96f591d55b3ae8df03ac43e00bb4117c56fb388efd59c0d375cc9
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71
b73c6549f2066359e6be3ca77d90aa87d00522d6b4f31565b2541fa3a799703b
b7a52f3cb46e6fd7bc077e1ead202fa0df11bb8feed26db926a9dd17c55fdfbc
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc0fa65e660d3375e5c30ba37ba5e7c12284662ea62607a3ccd9bdeda332272b
bd6c3fb45b3ab487787672f998d74fa8c849149538e2aaa54a4c981bb42fd321
beb858aef93d8989b27a2cbc384480d19436c824a65478bb1c17d467eedec66f
bed19ef32432a609feca36d2bc6b49255d34674724d5c03ec4b790c4d73d550c
bf693376bfcfc1b85adad412d8ca798a23092967b57fa68f6109443572f15342
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c1f228b938fb722eb0ca1755ade87e3bf24147e0355643bf51145412f8e7d2dd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ca5c8e95d7cb074b5374663535422239057fcaeade2b25b64d767582c9b7abb4
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cbb7f2eb63570173079762753e2a4a729ba18771d195dace43c73e39efdd02b9
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd
d352065a6aecc621e043f3832548fcf0444c52509b761885caf4f137a3b8443c
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d49ca2ead03dd9310ff1873fd3f79aaed0432b266e9b78bdcdad3336429eb8c4
d50126f40941fdf368ad2735ddcca8de9736054b64452c8e167068d9ff3f7966
d5737c3b78bc7e3e590bd9955a0dde2d76b0ace243d312e53326bc2f9974a055
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da864b4fb1600ad5ae6491b5e72adcf63432e8543bea02beb7266aa479771bb4
db31eac7ad43142e03b969a74fa78be17892646ceed26e2554adcdc7983894ce
dc8acdb75d8e5a18b6c02d03a842bf4383df926b7a4aad907614a037e5eaa277
dca1f4e2612b116221b7c2544644cf400809ec7a2e5c4d5f1b6569536eceba87
de018589e83964192bc0b93f0e5845f1b8522ba38e0b32f32eec0059fee05671
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df89dd8124d1fb8287620db7097cd5102c2a7c6a6c8e009c98300cd2f2de6086
e1dedc7a0bc38ce43c6c4eb58a9df2423ca7d1559987723c9bf3d552dfcda8f3
e23f696040c52a9654736ab6ae1be2e4c44359077c98268cbff6603646e6f40d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e476834cb4fa4c40da64dad7e1991dd0c6b2a24af88d1c4361fc4935eb1baa57
e498a2ebbfff35477db91350665710aa901d16336483a5cb9c2823e73b7e5394
e554d7dc776a263519791a4c215b1e9131fda067d36fbdc836200c1355c16785
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e74fa15fd75b8ab2088c6bd8ca2f26fc89722d61aa2839a24b4fda3a41ae8d0f
e780a58dc066f9b9b08bc1efe0e865b32fa193bafb4b2b2b3b2565ed9e8d007a
e8436467b72c413f99991d3952ef646b2c963da409bd728f83f86a479a0cbe74
eb62a61163d0dac1fbf6fa43e340ed872eca9ab1377ed4b15d4804de4a74086f
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69
ed1ba766fc90938edcf83a09e20470fe15a9fd042b6c84054f435a3356cc5951
ed40cd22625566ae2d59c2da002984922abc97f011ef058cfdb2a5e490b47723
ee08002d27020b166087a8214f6c79bc4637ef6b0a68d3ca3da2fad05a094046
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4e71e9a2ab98f6494be890955e6426a21459dd86f030cce59f05e61b9b5016
f0b002f3bbd864cec1fe3869c5add1468504ef19e6593bb5fb5c3a498c3edb9e
f2ed9241a440bc1b08f354d1a3c75d3eaa4974d4892819b44ea84c77a582ca15
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fad56732483348972eac113ba0633bb61bd78b87d1e44105728c8b836cd8ac47
fc10d7eea1377cfa037279bc552089af795c3520a72d7e701a0268b6a78bdf5e
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e
fe29c9328f906cd83f83f9079defa30819e9bcab8557d519f66d050f9499b39b
fec554dc67cf85228a5b76981f07b368a75d285eddd3d67f2537eb61fd6d9f10