urlscan.io logo urlscan.io
SecurityTrails logo

www.sanook.com Open in urlscan Pro
61.91.93.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sanook.com/
Effective URL: https://www.sanook.com/
Submission: On August 31 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 13 countries across 77 domains to perform 453 HTTP transactions. The main IP is 61.91.93.188, located in Thailand and belongs to TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH. The main domain is www.sanook.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 27th 2021. Valid for: a year.
This is the only time www.sanook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 61.91.93.188 7470 (TRUEINTER...)
75 61.91.221.32 38082 (IIT-TIG-A...)
3 2a02:2638:1::3 44788 (ASN-CRITE...)
4 150.109.91.55 132203 (TENCENT-N...)
1 2a00:1450:400... 15169 (GOOGLE)
2 101.33.11.45 132203 (TENCENT-N...)
3 203.151.133.6 4618 (INET-TH-A...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
9 142.250.185.226 15169 (GOOGLE)
5 104.108.144.214 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
7 142.250.185.66 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
5 9 142.250.184.194 15169 (GOOGLE)
17 142.250.185.130 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 3 13.224.93.76 16509 (AMAZON-02)
3 104.103.92.43 16625 (AKAMAI-AS)
1 203.151.133.5 4618 (INET-TH-A...)
6 185.64.189.112 62713 (AS-PUBMATIC)
6 178.250.2.131 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 11 185.33.220.244 29990 (ASN-APPNEX)
3 213.19.162.61 3356 (LEVEL3)
2 21 34.98.64.218 15169 (GOOGLE)
3 77.245.57.78 36057 (WEBAIR-IN...)
3 92.122.26.214 16625 (AKAMAI-AS)
3 23.209.68.8 16625 (AKAMAI-AS)
26 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 101.33.11.88 132203 (TENCENT-N...)
4 119.81.216.16 36351 (SOFTLAYER)
1 185.64.189.115 62713 (AS-PUBMATIC)
2 2a00:1450:400... 15169 (GOOGLE)
2 88.221.7.65 16625 (AKAMAI-AS)
9 37 104.108.145.8 16625 (AKAMAI-AS)
2 104.108.144.200 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.106.253.167 59253 (LEASEWEB-...)
11 12 37.157.3.29 198622 (ADFORM)
2 2 213.155.156.167 1299 (TELIANET ...)
14 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
4 4 85.114.159.93 24961 (MYLOC-AS ...)
5 5 52.30.92.119 16509 (AMAZON-02)
17 40 172.217.16.130 15169 (GOOGLE)
1 1 185.86.137.131 201081 (SMARTADSE...)
1 1 198.148.27.140 19189 (PULSEPOINT)
7 7 185.29.134.244 30419 (MEDIAMATH...)
2 185.64.189.114 62713 (AS-PUBMATIC)
3 3 51.79.83.225 16276 (OVH)
2 11 76.223.111.131 16509 (AMAZON-02)
2 2 52.30.14.23 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 169.50.137.190 36351 (SOFTLAYER)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
4 4 91.228.74.133 16509 (AMAZON-02)
3 3 35.157.53.20 16509 (AMAZON-02)
2 2 18.156.68.186 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (TURN)
3 3 151.101.14.49 54113 (FASTLY)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 5 66.155.71.25 13768 (COGECO-PEER1)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 51.75.146.200 16276 (OVH)
1 52.209.129.133 16509 (AMAZON-02)
1 203.151.130.71 4618 (INET-TH-A...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
6 6 3.125.99.7 16509 (AMAZON-02)
2 34.96.105.8 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 64.202.112.31 22075 (AS-OUTBRAIN)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
6 185.64.189.226 62713 (AS-PUBMATIC)
1 34.249.175.116 16509 (AMAZON-02)
1 34.107.231.31 15169 (GOOGLE)
3 6 52.46.130.91 16509 (AMAZON-02)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 2 54.171.219.200 16509 (AMAZON-02)
1 2 18.233.75.25 14618 (AMAZON-AES)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 54.209.33.59 14618 (AMAZON-AES)
1 1 34.193.59.132 14618 (AMAZON-AES)
1 1 52.86.210.192 14618 (AMAZON-AES)
4 5 69.173.144.139 26667 (RUBICONPR...)
3 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 151.101.13.27 54113 (FASTLY)
1 162.247.242.21 23467 (NEWRELIC-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 203.151.133.54 4618 (INET-TH-A...)
453 88
4    61.91.93.188 (Thailand)

ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH)
PTR: 61-91-93-188.static.asianet.co.th
www.sanook.com
graph.sanook.com
75    61.91.221.32 (Bangkok, Thailand)

ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH)
PTR: 61-91-221-32.static.asianet.co.th
s.isanook.com
3    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    150.109.91.55 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
p3.isanook.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    101.33.11.45 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
lvs2.truehits.in.th
3    203.151.133.6 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 6.134.151.203.sta.inet.co.th
sal.isanook.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
securepubads.g.doubleclick.net
ade.googlesyndication.com
5    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
googleads4.g.doubleclick.net
4    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ch
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
9    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googletagservices.com
cm.g.doubleclick.net
17    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    13.224.93.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-76.zrh50.r.cloudfront.net
sb.scorecardresearch.com
3    104.103.92.43 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-92-43.deploy.static.akamaitechnologies.com
avd.innity.net
1    203.151.133.5 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 5.134.151.203.sta.inet.co.th
api.u1sf.com
6    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
11    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
21    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
3    77.245.57.78 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
rtb-eu.andbeyond.media
3    92.122.26.214 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-26-214.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    23.209.68.8 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-68-8.deploy.static.akamaitechnologies.com
a.teads.tv
26    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    101.33.11.88 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
img-as.fsanook.com
4    119.81.216.16 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 10.d8.5177.ip4.static.sl-reverse.com
avd.innity.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    88.221.7.65 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-7-65.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
37    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    104.108.144.200 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-200.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
8e3da99a142afa20fbecdd994de0358e.safeframe.googlesyndication.com
2    23.106.253.167 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
code.nytive.com
st.yengo.com
12    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.167 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com
d5p.de17a.com
14    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    52.30.92.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-92-119.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
40    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
7    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh
pixel.onaudience.com
11    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    35.157.53.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    18.156.68.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
3    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
5    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    51.75.146.200 (France)

ASN16276 (OVH, FR)
PTR: p11.id5-sync.com
id5-sync.com
1    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    203.151.130.71 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 71.130.151.203.sta.inet.co.th
dc.sanook.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
34    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-99-7.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
6    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
1    34.249.175.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-175-116.eu-west-1.compute.amazonaws.com
global.cloud.netacuity.com
1    34.107.231.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
6    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
2    54.171.219.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-219-200.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    18.233.75.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-75-25.compute-1.amazonaws.com
um2.eqads.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    54.209.33.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
1    34.193.59.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
1    52.86.210.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
5    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    203.151.133.54 (Bangkok, Thailand)

ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH)
PTR: 54.134.151.203.sta.inet.co.th
notification.sanook.com
Apex Domain
Subdomains		 Transfer
82 isanook.com
s.isanook.com
p3.isanook.com
sal.isanook.com
1 MB
80 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
444 KB
53 googlesyndication.com
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
pagead2.googlesyndication.com
8e3da99a142afa20fbecdd994de0358e.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
240 KB
34 2mdn.net
s0.2mdn.net
383 KB
34 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
35 KB
34 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
t.pubmatic.com
280 KB
21 openx.net
tencentth-d.openx.net
eu-u.openx.net
us-u.openx.net
5 KB
14 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
9 KB
13 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
20 KB
13 adnxs.com
ib.adnxs.com
acdn.adnxs.com
43 KB
12 adform.net
c1.adform.net
6 KB
12 google.com
www.google.com
adservice.google.com
2 KB
11 adsrvr.org
match.adsrvr.org
4 KB
10 googletagservices.com
www.googletagservices.com
338 KB
7 mathtag.com
sync.mathtag.com
4 KB
6 amazon-adsystem.com
s.amazon-adsystem.com
5 KB
6 w55c.net
pm.w55c.net
5 KB
6 cloudflare.com
cdnjs.cloudflare.com
123 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 sanook.com
www.sanook.com
graph.sanook.com
dc.sanook.com
notification.sanook.com
48 KB
5 sitescout.com
pixel-sync.sitescout.com
2 KB
5 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
4 KB
5 bidr.io
match.prod.bidr.io
2 KB
4 quantserve.com
pixel.quantserve.com
2 KB
4 adition.com
dsp.adfarm1.adition.com
2 KB
4 innity.com
avd.innity.com
2 KB
4 google-analytics.com
www.google-analytics.com
59 KB
3 everesttech.net
sync-tm.everesttech.net
969 B
3 bidswitch.net
x.bidswitch.net
1 KB
3 crwdcntrl.net
sync.crwdcntrl.net
id.crwdcntrl.net
2 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 teads.tv
a.teads.tv
1 KB
3 andbeyond.media
rtb-eu.andbeyond.media
832 B
3 google.ch
adservice.google.ch
409 B
3 innity.net
avd.innity.net
13 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 google.de
www.google.de
235 B
3 criteo.net
static.criteo.net
39 KB
2 eqads.com
um2.eqads.com
563 B
2 demdex.net
dpm.demdex.net
2 KB
2 zemanta.com
b1sync.zemanta.com
1 KB
2 blismedia.com
tr.blismedia.com
250 B
2 dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
285 B
2 turn.com
ad.turn.com
943 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
892 B
2 de17a.com
d5p.de17a.com
637 B
2 facebook.com
www.facebook.com
165 B
2 googleadservices.com
www.googleadservices.com
15 KB
2 facebook.net
connect.facebook.net
113 KB
2 truehits.in.th
lvs2.truehits.in.th
4 KB
2 googletagmanager.com
www.googletagmanager.com
97 KB
1 nr-data.net
bam.nr-data.net
278 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 rlcdn.com
id.rlcdn.com
66 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
383 B
1 advangelists.com
nep.advangelists.com
233 B
1 extend.tv
sync.extend.tv
546 B
1 bttrack.com
bttrack.com
380 B
1 adgrx.com
cm.adgrx.com
408 B
1 adlooxtracking.com
p.adlooxtracking.com
4 KB
1 netacuity.com
global.cloud.netacuity.com
437 B
1 jquery.com
code.jquery.com
30 KB
1 rfihub.com
a.rfihub.com
1 KB
1 e-volution.ai
rtb2-useast.e-volution.ai
233 B
1 travelaudience.com
ads.travelaudience.com
519 B
1 yengo.com
st.yengo.com
6 KB
1 googleapis.com
ajax.googleapis.com
30 KB
1 id5-sync.com
id5-sync.com
532 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 contextweb.com
bh.contextweb.com
815 B
1 smartadserver.com
rtb-csync.smartadserver.com
762 B
1 nytive.com
code.nytive.com
5 KB
1 fsanook.com
img-as.fsanook.com
56 KB
1 u1sf.com
api.u1sf.com
430 B
0 wbtrk.net Failed
um.wbtrk.net Failed
453 77
Domain Requested by
75 s.isanook.com www.sanook.com
s.isanook.com
46 cm.g.doubleclick.net 22 redirects eu-u.openx.net
googleads.g.doubleclick.net
www.sanook.com
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
34 s0.2mdn.net www.sanook.com
s0.2mdn.net
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
26 pagead2.googlesyndication.com securepubads.g.doubleclick.net
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.sanook.com
24 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
19 securepubads.g.doubleclick.net www.googletagservices.com
www.sanook.com
securepubads.g.doubleclick.net
16 tpc.googlesyndication.com 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
12 c1.adform.net 11 redirects ads.pubmatic.com
11 match.adsrvr.org 2 redirects ads.pubmatic.com
eu-u.openx.net
www.sanook.com
ssum-sec.casalemedia.com
11 ib.adnxs.com 4 redirects www.sanook.com
acdn.adnxs.com
googleads.g.doubleclick.net
10 eu-u.openx.net 1 redirects ads.pubmatic.com
eu-u.openx.net
10 www.googletagservices.com s.isanook.com
securepubads.g.doubleclick.net
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
9 www.google.com 1 redirects www.sanook.com
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 us-u.openx.net 1 redirects eu-u.openx.net
googleads.g.doubleclick.net
8 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
www.sanook.com
7 sync.mathtag.com 7 redirects
7 simage2.pubmatic.com ads.pubmatic.com
7 image2.pubmatic.com ads.pubmatic.com
6 ade.googlesyndication.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 t.pubmatic.com www.sanook.com
6 pm.w55c.net 6 redirects
6 cdnjs.cloudflare.com s0.2mdn.net
6 googleads4.g.doubleclick.net www.sanook.com
6 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
6 js-sec.indexww.com ads.pubmatic.com
ssum-sec.casalemedia.com
6 bidder.criteo.com www.sanook.com
static.criteo.net
6 hbopenbid.pubmatic.com www.sanook.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 pixel-sync.sitescout.com 5 redirects
5 match.prod.bidr.io 5 redirects
5 ads.pubmatic.com s.isanook.com
ads.pubmatic.com
4 pixel.quantserve.com 4 redirects
4 dsp.adfarm1.adition.com 4 redirects
4 avd.innity.com avd.innity.net
www.sanook.com
4 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 gum.criteo.com 2 redirects static.criteo.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.sanook.com
4 p3.isanook.com www.sanook.com
s.isanook.com
p3.isanook.com
3 pixel.rubiconproject.com www.sanook.com
3 sync-tm.everesttech.net 3 redirects
3 x.bidswitch.net 3 redirects
3 pixel.onaudience.com 3 redirects
3 a.teads.tv www.sanook.com
3 htlb.casalemedia.com www.sanook.com
3 rtb-eu.andbeyond.media www.sanook.com
3 tencentth-d.openx.net www.sanook.com
3 fastlane.rubiconproject.com www.sanook.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.ch securepubads.g.doubleclick.net
3 avd.innity.net p3.isanook.com
avd.innity.net
www.sanook.com
3 sb.scorecardresearch.com 1 redirects p3.isanook.com
www.sanook.com
3 mug.criteo.com www.sanook.com
3 www.google.de www.sanook.com
3 sal.isanook.com www.sanook.com
3 static.criteo.net www.sanook.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 b1sync.zemanta.com 2 redirects
2 tr.blismedia.com 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 acdn.adnxs.com ads.pubmatic.com
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 graph.sanook.com s.isanook.com
2 www.facebook.com www.sanook.com
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 connect.facebook.net www.sanook.com
connect.facebook.net
2 lvs2.truehits.in.th www.sanook.com
2 www.googletagmanager.com www.sanook.com
www.googletagmanager.com
2 www.sanook.com 1 redirects
1 notification.sanook.com www.sanook.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.sanook.com
1 id.rlcdn.com www.sanook.com
1 ads.yahoo.com www.sanook.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 nep.advangelists.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync.extend.tv 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 p.adlooxtracking.com www.sanook.com
1 global.cloud.netacuity.com www.sanook.com
1 code.jquery.com www.sanook.com
1 a.rfihub.com 1 redirects
1 rtb2-useast.e-volution.ai 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 st.yengo.com code.nytive.com
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 dc.sanook.com www.sanook.com
1 id.crwdcntrl.net www.sanook.com
1 id5-sync.com www.sanook.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 code.nytive.com www.sanook.com
1 8e3da99a142afa20fbecdd994de0358e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 image6.pubmatic.com ads.pubmatic.com
1 img-as.fsanook.com www.sanook.com
1 api.u1sf.com s.isanook.com
1 stats.g.doubleclick.net www.sanook.com
0 um.wbtrk.net Failed 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
453 114
Subject Issuer Validity Valid
*.sanook.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-27 -
2022-06-27		 a year crt.sh
*.isanook.com
DigiCert SHA2 Secure Server CA		 2020-09-14 -
2021-10-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
lvs2.truehits.in.th
Sectigo RSA Domain Validation Secure Server CA		 2021-02-12 -
2022-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-06-10 -
2021-09-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
*.u1sf.com
DigiCert SHA2 Secure Server CA		 2020-01-21 -
2022-03-16		 2 years crt.sh
*.google.ch
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2021-02-22 -
2022-03-26		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.fsanook.com
DigiCert SHA2 Secure Server CA		 2019-09-19 -
2021-12-22		 2 years crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-11 -
2021-12-12		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
nytive.com
R3		 2021-08-21 -
2021-11-19		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
yengo.com
R3		 2021-08-21 -
2021-11-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-08-26 -
2021-11-24		 3 months crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-09-14 -
2021-09-14		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.cloud.netacuity.com
Amazon		 2021-04-11 -
2022-05-10		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2021-08-25 -
2021-11-23		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-16 -
2021-10-06		 2 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-05 -
2022-06-06		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 49 frames:

Primary Page: https://www.sanook.com/
Frame ID: BAA0078C323B19174D38FA6FA62AE887
Requests: 184 HTTP requests in this frame

Frame: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Frame ID: 487F4427C12AD6F8C9A2FDA261FF893C
Requests: 2 HTTP requests in this frame

Frame: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6698F1CD6DDAB64E3373EB09C4FAAB9D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1209A2E3F007EB8D08B8E174028C3AB9
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 21999B9ADD88300FDEC63B34814DA8BC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 71CC49BE4C409243D596E584F6852890
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyqgJ_ew830jpaVOHJMEMvzh8et_TiywryNkbpmSgy9uuyp5-oUZ4OuIGXtYiqyF3DgGbO2ZDGa5VyNslkyCKXHfJKl16_N8oMOayI95YUhuSTmziTJakvvw1HsY0syCNtC3wZ-AQwyfT1GGMxnVjhlE-_EOb1Esn1bthfazQUZWX1R77t1fQ3xyyNT68itwX7iM4wy1YCuTYNMzFSJgsYFyEOhay7XWl_JGz_Gt78YRmjLOfBnSKUp-jdKPhLARB4y18uqmcZPV9GPvz70Z9bX_MZtwa9qK95pdHqQbbZXu1-UztruOJ0FkFp-lnDD8eEQlBgBWzRUkxYB5OcGmGsmUNv-r0n&sig=Cg0ArKJSzDV01B2A7dc8EAE&urlfix=1&adurl=
Frame ID: CF80EF5F9F4AB471F292DB06141C6D62
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIVgT0RcQ6Ob6VdM7UhIgp1rnyjXi-o4EfID-0NIj_41iKQnDUdKPZmSin11340V99piZaThxw4tLub-Oeh_RuKwAYG7RIb0e6DXUcbURCHRtM-alXlQSDGeeKvaqNcfWIGwLvdGka-_mh1qGTNr1p3Uc3Y-PTOjHs3nnqzJ-lgN-pKxlOikyfUzxLDPDjFZG2DYOCuvXWcsPtFQsVFtOo9bzNR51w1Nm1zo-LGQyip6ACQgdjFNu7zke4OiXwMd4HPP3HSJsbI07bAC1XTLR-SQVMtx1qhHcQNEJ7dFqKf2dbeEF9WWa665sN4IxXff9oDUxssi6RYCK590axj6KH2hFd&sig=Cg0ArKJSzD4-Dw3V2i28EAE&urlfix=1&adurl=
Frame ID: DCE169BFC5B77E52FC7D56CB9570BCE2
Requests: 12 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 3DE3CBBF203D984564178B6A5FD71A75
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4C7233811D383966D79BAF0367EDDE76
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A5A2B2BB3E6EA9DFED6BDCC6AD5F8D6F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 080FECCADB17E7C2E2DDB09402853E60
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: 661B713C3617D7F957AF166B2D9955F5
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Frame ID: FA9241DB0DD97DE15A378411CD9F9A48
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 81659A7AB26DCE99F74C18B54A42A693
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 62D98A9A43ED9281436B3E0D8CC891C9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E8F9DD43A1AB9690D413C4962D805688
Requests: 3 HTTP requests in this frame

Frame: https://8e3da99a142afa20fbecdd994de0358e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9D8CBD6D5931ABF348D6992410BE8870
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHuVC_HU6rrBJr79AKQlSUCiNomFiKG58JSXjO7FoZyCqlWLqwILIyEswJXt8xMT0BXtC9O0v7x6gCrYO2O3h4ksAHAPs-Zk34u9Wcni0E0s71MDeiZaN0zd0Brwu9mFg2B4zGi_Kp83DqYepBfkVoTzDLthW4G4H66HLA8oGgvRRKx7EssoqNp12gQ51yl5eRjrIFlQ0uy1N1p_W0UmXob3osTZWnCoa-3ozRdvQ7sE4LTpiJZZagAeXCn_2KPaIj8JG1_cFbcb1hGLaSuP2R25VpI3TlJkpaknj3ybB8HYhIf826punj7SpE03XqtXAkLKw0AfIS3oOhU72sw2px&sig=Cg0ArKJSzEoabkbFGwiBEAE&urlfix=1&adurl=
Frame ID: A2272E5309276D2EE14D7868E01C352D
Requests: 6 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=79968A7D-5DEF-4C78-857F-772F74FDDBD2
Frame ID: C340DD5AF8BD3712B8A2A3C60F7F1967
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2599667307121001504
Frame ID: 2E87A8B98753D23A446A5656F116F0CA
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 46A281BF235A02B7F141471EB13B6B14
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423050569578648
Frame ID: EB77583EF16D2FD65577F4CAFD6016B3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEB507CWzUAAB_2135GJw
Frame ID: E9ABC240B22E33C1330B98931D633045
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 93E3256B22EBCA97C25A9941CD8F3D23
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CEC58511C16A1815DA7717B873436347
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 80DF2C7CF476BBBE0C7F61385DD7253C
Requests: 10 HTTP requests in this frame

Frame: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 598EF1005FACE3840298137A9B27B1EB
Requests: 17 HTTP requests in this frame

Frame: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 204E38C020E31C427F77DF792A68FFAA
Requests: 16 HTTP requests in this frame

Frame: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C1010AD4B6E98EC9667C8078DB148982
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste0omaaYhq1hJzQD4eGyKFuCcfmfl3AyDskYCG4QjSWMkoZITRXIGX00I28ZBiOiYvA5qN2r0pzbWbJykv_nkAs4uyLYNp5LZRPkrJX19uNRc_fGcfODogtPFrPsb2ydzm0ce-mlrgTbsB3A464Di8xJUovbQsTkJeBEG24qO6GNYOQC5zVwD9j85Cx-_N4_wQIWuU0TcW7kTui9UjI1AWyUJZ0mOyDJM3UB3nCOcEejcH269y-67Dtr_Nk5hSRD_nZ8zkf27yH55jygfXkSYPzDdulgIq7gMF07h6o-QacHyEZcE3df0ZKjiBhiY7&sig=Cg0ArKJSzALxmUod6f70EAE&urlfix=1&adurl=
Frame ID: 275802704A450E4E2C56C21FFB4E2D4C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYyZKKrgEwAQ&v=APEucNVd8BL6XHI6WYFxz01wxbHxq21ieoNvj5wSjcxfIs1q7aQDBdSOWu1F0yZnCjEEr__c9kJEE4jTs7ayBG9DJI4hKZdh5w
Frame ID: 036E0C2873E64361D6BCD82B20D1F7FC
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYrKSKrgEwAQ&v=APEucNXFBVl8IeImmnIFCLLBGvRgVX7jY01YDXmYDrzbjCwodS0srXqyqpU5pdDdmMAMlPsCwiqAMnoLpDdQELeCjcmKxK5oGw
Frame ID: 4C426EA3FDF7AF56A7460380E299A43B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYq6SKrgEwAQ&v=APEucNV8UA19XlTucqWjR1p5BmJuOL1NIP2rTeEouV_5d-XA7Xxh-Y_HQOWFbUKa4Z1ceaSlXQE2nfrGP2tHegwScKvguWE5LQ
Frame ID: 4A569A21618DF1C4E3255A326E405732
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/index.html
Frame ID: D9971B89DE1B20E1267077E6CF9E1FFD
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Frame ID: BBCCB26E1BBE881539B15A2D1FDE0FFB
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 809C17176D2BA1C19DB4B08D97D84E65
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/index.html
Frame ID: 84386A84EE51DFC3CC09A2D9FFE425B2
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: CB5FCA0F6A4768C17F73579AD0577E03
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E2A17B90A88F7D0AE65726EB10E1D8FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B32905632026FB31C401CD5F92BCA8E2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88C82613EF4B81A7B8E2AF7ECB631E1D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE00770CB2DA6FAB047A35DA252AC537
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED2E686D443DF862757AF3B9E3685630
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F2FCDCCCDE3285010791EC2EFEA9D1F
Requests: 3 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 9E5CFD5FD49F2471929C2E8D19610D40
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Frame ID: 6003A372588C7DE4FE24A11BCE05A0CE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 228988B770E872971679DB8FDC193D13
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8442F337E057977859B38DA13525BF9F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

sanook.com รวมข่าว ดูดวง หวย ผลบอล เพลง Joox เกม

Page URL History Show full URLs

  1. http://www.sanook.com/ HTTP 302
    https://www.sanook.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

453
Requests

99 %
HTTPS

30 %
IPv6

77
Domains

114
Subdomains

88
IPs

13
Countries

3919 kB
Transfer

12903 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sanook.com/ HTTP 302
    https://www.sanook.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=421208072&cv=9&fst=1630378664261&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=290474165.1630378664&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=qJotYfmdDp3-gAfY3bXQDw&sscte=1&crd=&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgejqn-w3dcngieArq3NwdF0hgnVrNn7ZRs HTTP 302
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=421208072&cv=9&fst=1630378664261&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=290474165.1630378664&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qJotYfmdDp3-gAfY3bXQDw&cid=CAQSKQCNIrLMuSiI2cFhMqVQ2_zuW04Ij25FjEC9Zszbo638LSGhMsrUtykT&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgeFS-HABM0z3-QXlezf7j_Oj8xyn7gHKBM&random=4172765724&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=421208072&cv=9&fst=1630378664261&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=290474165.1630378664&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qJotYfmdDp3-gAfY3bXQDw&cid=CAQSKQCNIrLMuSiI2cFhMqVQ2_zuW04Ij25FjEC9Zszbo638LSGhMsrUtykT&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgeFS-HABM0z3-QXlezf7j_Oj8xyn7gHKBM&random=4172765724&resp=GooglemKTybQhCsO&ipr=y
Request Chain 78
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=rHjwYHw1YURFeC80QjEvOHMzUUJGVmxHdVRrNFZkVGpCWjdRc2Vid3VnZ0lTbXdPVStnY216Zk9PcFhTenBDR3p3Yk9PVEhXVllGa2E2Q1ZpZGJlMDFBRWhUcW8wdkZhQVhDUmw3bkhqK1p6TU43RFZrbjZTSjdNMitRb1FndnQyOGE5WVVhaEsrTFdyZXJJN3F3OGttQ1NjOFN6YVgrZE80amlYaDVIRXh1aGF0c1ViSmdqWEhJSENnQzdSa2ZhTmIrQXZIckVUdUZWMjFBVzZHc3ZiVkRTUjRkRFlDRVZTRVNrUGE4OTZUWHFKcndRPXw&cppv=2
Request Chain 87
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1630378665204&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630378665204&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
Request Chain 189
  • https://c1.adform.net/serving/cookie/match?party=14&cid=79968A7D-5DEF-4C78-857F-772F74FDDBD2 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=79968A7D-5DEF-4C78-857F-772F74FDDBD2
Request Chain 190
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2599667307121001504
Request Chain 192
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423050569578648
Request Chain 193
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFQjUwN0NXelVBQUJfMjEzNUdKdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFQjUwN0NXelVBQUJfMjEzNUdKdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEB507CWzUAAB_2135GJw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3789399836749246788 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEB507CWzUAAB_2135GJw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3789399836749246788%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=3789399836749246788&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEB507CWzUAAB_2135GJw&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEB507CWzUAAB_2135GJw
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eZaKfV3vTHiFf3cvdP3b0g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 195
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9af6612d-9aaa-4c00-8e24-3ecdc7594c9e
Request Chain 196
  • https://pixel.onaudience.com/?partner=214&mapped=79968A7D-5DEF-4C78-857F-772F74FDDBD2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=9663856f-13be-48e5-beb8-cdcfb4d2aed2&icm HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=bb209183e0376a40857f0575835bae58 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=2b89ad34cf5319e4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c7b2d33b-af6d-4e04-7926-45109a67d244&reqId=5c235c31-eb3b-463b-7a00-42c28b0ed5ea&zcluid=2b89ad34cf5319e4&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN2Vcm78pn-mItrkXLhhEGI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c7b2d33b-af6d-4e04-7926-45109a67d244&reqId=5c235c31-eb3b-463b-7a00-42c28b0ed5ea&zcluid=2b89ad34cf5319e4&zdid=1332
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzk5NjhBN0QtNURFRi00Qzc4LTg1N0YtNzcyRjc0RkREQkQy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGn0YHfCJPJecDfp-Ap6yqs&google_cver=1
Request Chain 200
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4931868668745641719
Request Chain 201
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2405612d-9aaa-4800-8c42-afe043b205d9&gdpr=0&gdpr_consent=
Request Chain 202
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 203
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4906231371083910880&gdpr=0&gdpr_consent=
Request Chain 204
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=79968A7D-5DEF-4C78-857F-772F74FDDBD2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=79968A7D-5DEF-4C78-857F-772F74FDDBD2&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mCP4yxZE2uW2DOr0BxpQ6.nHPBXRUPg-~A&gdpr=0&gdpr_consent=
Request Chain 206
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BqAoYgnwe2QdoS1kBfU3P1SgKjUdqSpkU6Xn0UWg
Request Chain 207
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=38d2ac4e-f67e-4e24-90db-79b4590d5930 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=38d2ac4e-f67e-4e24-90db-79b4590d5930 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=3a26446b-14bf-4eee-99be-e6f59761b41e&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=38d2ac4e-f67e-4e24-90db-79b4590d5930&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 208
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2587956745768064457&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 209
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YS2aqgAET9oobQA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS2aqgAET9oobQA4&gdpr=0&gdpr_consent=&_test=YS2aqgAET9oobQA4
Request Chain 211
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=7106cd6f-7823-4339-a7b3-fe61ab32d230-612d9aab-4348&gdpr=0&gdpr_consent=
Request Chain 212
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b068359d-d711-46a6-9409-e547ba507215&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ab59612d-9aaa-4000-b780-7d364beb06b4 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=ab59612d-9aaa-4000-b780-7d364beb06b4
Request Chain 214
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HI_z5xPfoOEHjvbhHojstU-IorsHiaThH4lKCw4k
Request Chain 215
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
Request Chain 220
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c7bf612d-9aaa-4800-a572-e622d7ff8605
Request Chain 221
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EYGx_R7R4vsKgLT6EoGuqxeEtP0K0uaoF9EG0gAR
Request Chain 222
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
Request Chain 226
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
Request Chain 227
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=MBqXnT9KxJsrG5KbM0iInT8cl5grHpWcYE2_-h0s
Request Chain 228
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
Request Chain 271
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1630378666857 HTTP 302
  • https://avd.innity.com/sync/?partner=appnexus&token=4906231371083910880&type=cookie&itmcb=1630378666857
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&C=1
Request Chain 276
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS2aqxPKzNt4XtY-WrqH5wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&C=1
Request Chain 279
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS2aqxPKzNt4XtY-WrqH6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPB4OAyjFmeUUnZlk-3xGWY&google_cver=1
Request Chain 281
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNjIzMTM3MTA4MzkxMDg4MA%3D%3D
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqf59H9AvDAlbb9T2Ycobo&google_cver=1
Request Chain 283
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDczM2Y2NjMtMzNlZC0yMGE2LWZhNzMtOWUzZWU1YzVlM2Ji
Request Chain 328
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPLTy3Q1JbVWblWe0UXji7LStNCMpNuFD3vnTTx2w0O_fx0lDYepga7VrLUXQfLXs_q68NiHjqbfehEau6rhH3Lvg4UxzjUw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPLTy3Q1JbVWblWe0UXji7LStNCMpNuFD3vnTTx2w0O_fx0lDYepga7VrLUXQfLXs_q68NiHjqbfehEau6rhH3Lvg4UxzjUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R3h5WUJ3bW4xTWtUWWE1&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPLTy3Q1JbVWblWe0UXji7LStNCMpNuFD3vnTTx2w0O_fx0lDYepga7VrLUXQfLXs_q68NiHjqbfehEau6rhH3Lvg4UxzjUw
Request Chain 329
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECztDr9Gkk4UJwoIoCMOzC8&google_cver=1&google_push=AYg5qPLqWeXnEXHubZaBH8TsLxa02M6v3iqBIFMs5HQaw02gcY3b7x2peDqxFUur7nBQdPaVMBmK0Vb3rpOfSqvCVdzcgSwdaJRO HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESECztDr9Gkk4UJwoIoCMOzC8&google_cver=1&google_push=AYg5qPLqWeXnEXHubZaBH8TsLxa02M6v3iqBIFMs5HQaw02gcY3b7x2peDqxFUur7nBQdPaVMBmK0Vb3rpOfSqvCVdzcgSwdaJRO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=cQbNb3gjQzmns_5hqzLSMGEtmqs
Request Chain 331
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPdlnz1SUO0YXgfEydVMkK0&google_cver=1&google_push=AYg5qPJSuX3_tKhMeTNFv7xwXimImhBCrkHw530uFlSIcvpScMNbhOPcB9lJP0fCxM2AsRgqcLcdtVuHXzlON2UEbEMTdBhLXBVv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc0OTU3ODkwNA%3D%3D&google_push=AYg5qPJSuX3_tKhMeTNFv7xwXimImhBCrkHw530uFlSIcvpScMNbhOPcB9lJP0fCxM2AsRgqcLcdtVuHXzlON2UEbEMTdBhLXBVv
Request Chain 332
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECq7EKB8qdZHpJtD4ZXvpgI&google_cver=1&google_push=AYg5qPKHzpm-urM_S39I4X6XQTuRRhvhPAt4MWGblK2egDn-39ulFvff2oQbt7ojIua8MmkFlNcJY2-5YS4lF2PqKWP3rURpWUYf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMTg2ODY2ODc0NTY0MTcxOQ&google_push=AYg5qPKHzpm-urM_S39I4X6XQTuRRhvhPAt4MWGblK2egDn-39ulFvff2oQbt7ojIua8MmkFlNcJY2-5YS4lF2PqKWP3rURpWUYf
Request Chain 358
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPdlnz1SUO0YXgfEydVMkK0&google_cver=1&google_push=AYg5qPIFH5dNapEpOLwjgYsWUbOp1NJML2cmkGfK7i2u5CqKgQPDXyRcQ_V5r2epCvZX5N2ERsvi_P8lslhrfIDMxDmhSGchgV0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc0OTc3NTUxMg%3D%3D&google_push=AYg5qPIFH5dNapEpOLwjgYsWUbOp1NJML2cmkGfK7i2u5CqKgQPDXyRcQ_V5r2epCvZX5N2ERsvi_P8lslhrfIDMxDmhSGchgV0
Request Chain 359
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAgyAa_S0BarNFXOFc-7vCw&google_cver=1&google_push=AYg5qPKCkCOQcLeRiNNDfmzQQMpyOIOYvaQ7YwvxK4c_bIcz42sGDch59QLApys4jB-SmBNg_W2x_6AO7ignOdXp_b48wbheondd HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o1i2eV10TPmvaPRT0QJIkQ2&google_push=AYg5qPKCkCOQcLeRiNNDfmzQQMpyOIOYvaQ7YwvxK4c_bIcz42sGDch59QLApys4jB-SmBNg_W2x_6AO7ignOdXp_b48wbheondd
Request Chain 361
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAbO20S_E3sTL5sr7ixQ07k&google_cver=1&google_push=AYg5qPIku98cvJLevtfkMJBYnB5bSQejfGXUa0p-jALct7QhWBVM0AbOHe8fKxixhRM7nf3PT2q5aAKmPcKHSoYTuwum8HudeKI HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAbO20S_E3sTL5sr7ixQ07k&google_push=AYg5qPIku98cvJLevtfkMJBYnB5bSQejfGXUa0p-jALct7QhWBVM0AbOHe8fKxixhRM7nf3PT2q5aAKmPcKHSoYTuwum8HudeKI&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIku98cvJLevtfkMJBYnB5bSQejfGXUa0p-jALct7QhWBVM0AbOHe8fKxixhRM7nf3PT2q5aAKmPcKHSoYTuwum8HudeKI&google_hm=UU5iaVQxY19ERG0xa2hDT1RHQnE=
Request Chain 363
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEMKfFtEGbJsqSM3313u_SPk&google_cver=1&google_push=AYg5qPLh9-EnVwuWh4xbfkEYsUeXmXnjM0yFvFThP-Y3E5wmUAIV1twcPH9MVeq0VATkLStzGbjE3a2whAi4JQucfK3k5vcIj0A60w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLh9-EnVwuWh4xbfkEYsUeXmXnjM0yFvFThP-Y3E5wmUAIV1twcPH9MVeq0VATkLStzGbjE3a2whAi4JQucfK3k5vcIj0A60w&google_hm=MzE4MDA2NTA0NDE2NDUyNDQzNA== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLh9-EnVwuWh4xbfkEYsUeXmXnjM0yFvFThP-Y3E5wmUAIV1twcPH9MVeq0VATkLStzGbjE3a2whAi4JQucfK3k5vcIj0A60w&google_hm=MzE4MDA2NTA0NDE2NDUyNDQzNA==&google_tc=
Request Chain 370
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPJiUaRfAlV3PGi29ET_Pmaw5KW0lEBGMxxd21cFL_PGM7SPHd35mT78mJ0UgC3wgcJ8VgXiBjQ8QMrp-dm2joQIQfmXmTk HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPJiUaRfAlV3PGi29ET_Pmaw5KW0lEBGMxxd21cFL_PGM7SPHd35mT78mJ0UgC3wgcJ8VgXiBjQ8QMrp-dm2joQIQfmXmTk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REdFeHk5d2QxTWtUWWE1&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPJiUaRfAlV3PGi29ET_Pmaw5KW0lEBGMxxd21cFL_PGM7SPHd35mT78mJ0UgC3wgcJ8VgXiBjQ8QMrp-dm2joQIQfmXmTk
Request Chain 371
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECztDr9Gkk4UJwoIoCMOzC8&google_cver=1&google_push=AYg5qPLdwc2N8H9KOTCG9NDoONE9_ryCnKeJC8S4Cq017sY75g63dOCV1xpDDXudIaHKFGKd4NCFVhQhptSEahUZP05tE2f8Two HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=cQbNb3gjQzmns_5hqzLSMGEtmqs
Request Chain 373
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPdlnz1SUO0YXgfEydVMkK0&google_cver=1&google_push=AYg5qPK5TxH8w7JNd1NY0MV5OeDnuUOyScCeOnNYLT1gKLH_7JKWAmcYHhuc9cTNOgE4jQpf_O9cABZH34B_OgtIvqZb0nkSq80 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc1MDAzNzY1Ng%3D%3D&google_push=AYg5qPK5TxH8w7JNd1NY0MV5OeDnuUOyScCeOnNYLT1gKLH_7JKWAmcYHhuc9cTNOgE4jQpf_O9cABZH34B_OgtIvqZb0nkSq80
Request Chain 374
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECq7EKB8qdZHpJtD4ZXvpgI&google_cver=1&google_push=AYg5qPKz6JyfYJ0XW_7KdemE9S7FxS3BfMp9gp2Qtr0i9mh0JPrqUUatC0GzCYVSIyceKEK3h4h9qhRiPECxA1Nvl_EUQVxVlA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMTg2ODY2ODc0NTY0MTcxOQ&google_push=AYg5qPKz6JyfYJ0XW_7KdemE9S7FxS3BfMp9gp2Qtr0i9mh0JPrqUUatC0GzCYVSIyceKEK3h4h9qhRiPECxA1Nvl_EUQVxVlA
Request Chain 397
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2aqZW4.eyrdVARZEnt.gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
Request Chain 399
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
Request Chain 402
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=91A54A2B89424F30981705A958B2AEE8
Request Chain 403
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YS2aqZW4.eyrdVARZEnt.gAA%261175?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YS2aqZW4.eyrdVARZEnt.gAA%261175
Request Chain 405
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 406
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2aqZW4.eyrdVARZEnt.gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
Request Chain 407
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
Request Chain 411
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5fb2c16d-6c85-485c-a083-95d397741119
Request Chain 412
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630465068
Request Chain 413
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
Request Chain 416
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2aqZW4.eyrdVARZEnt.gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
Request Chain 417
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
Request Chain 419
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=yNKIHfZX1MkTYa5
Request Chain 420
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2587956745768064457
Request Chain 421
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7b9c9670-6125-4a7a-adb7-66f9c64b1623
Request Chain 422
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=35ec8677-3483-4bcc-83f7-5a4a7bc52d5a&expiration=1661914669
Request Chain 426
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
Request Chain 427
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaSEQ0TkstVC04SzhT
Request Chain 428
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zA0Uj8XYtaxqwVI_CFuwWw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2283188919631550807
Request Chain 429
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTYzOTk0MWVhZmI3M2M1OGQzZGNkNzQyMzkzZDU1MDA5OGJlMWY5OQ
Request Chain 430
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZHD4NK-T-8K8S&sigv=1&esig=2~e85bf5e2ea0aa3acd09eaa2b5c4db80fbec56e0b
Request Chain 432
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YS2aqgAET9oobQA4
Request Chain 439
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=h7eo93xIaXZ6Ui8xd0p0MGY5cTV2MzIwTFp5Nk82U29SU3c0SHZGZm9UMGhyYjRKTG95eG5BaGtyL2VsaklCRTJiNmk5Z2VydXdjRVl6dWJOZndQV0RZdjdCVk8wZHhSRWh5OEt3d3FUV0x2bXVNVkpHdHNhVU9LSkoxRWcxQkgzSXc1Uk5YMjBMSEtTQmpGVDFnT3VHTmtEUTZzZ0Zxc0VRN3FwL05uellraUNXSWVmd2V5UFEybTl1YlNieHNQcmUyS3dyenppYStKMzY2eU5Xb1hiWTdnWGswTTVNR2lSS1MwdkpidjZRQTBSdUxqcEZIcU5MWWUrdmNBM1BMRkVoZytOdkU2aG0vMEFjTHRKU2lhMHRGWFBQUT09fA&cppv=2

453 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sanook.com/
Redirect Chain
  • http://www.sanook.com/
  • https://www.sanook.com/
637 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
683919f7aaba7013ff0166ff39a21ccc1eb71ee0b85a3b449ead469bfe2b0eb8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Host
www.sanook.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
nginx
Date
Tue, 31 Aug 2021 02:57:42 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
SN-Cache-Status
HIT
X-Ua-Device
desktop
X-Ua-Type
human
X-Ua-Key
cover_display
X-Ua-Exp
notset
X-Ua-isExpReadpage
0
X-Ua-shouldPass
0
Content-Encoding
gzip
Strict-Transport-Security
max-age=15724800; includeSubDomains;

Redirect headers

Server
nginx
Date
Tue, 31 Aug 2021 02:57:42 GMT
Content-Type
text/html
Content-Length
151
Connection
keep-alive
Location
https://www.sanook.com/
Strict-Transport-Security
max-age=15724800; includeSubDomains;
styles.4af493dc.chunk.css
s.isanook.com/sr/0/_next/static/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/styles.4af493dc.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 07:57:52 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
35704
server
Lego Server
age
0
etag
W/"6127737e-8b78"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
12341050615372653304
accept-ranges
bytes
content-length
7388
expires
Mon, 27 Sep 2021 07:57:52 GMT
category.js.b1d1731c.chunk.css
s.isanook.com/sr/0/_next/static/css/static/San4Xsdy9aLUgv4S5czLl/pages/common/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/css/static/San4Xsdy9aLUgv4S5czLl/pages/common/category.js.b1d1731c.chunk.css
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:04:07 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
7115
server
Lego Server
age
0
etag
W/"6127737e-1bcb"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
12987570674931014206
accept-ranges
bytes
content-length
1665
expires
Sat, 25 Sep 2021 11:04:07 GMT
pubmatic_desktop.1.0.0.js
s.isanook.com/sh/0/js/ 		1 KB
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 20:51:59 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 16 May 2018 08:30:09 GMT
server
Lego Server
age
0
etag
W/"5afbec11-43f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5713919558987743926
accept-ranges
bytes
content-length
550
expires
Mon, 27 Sep 2021 20:51:59 GMT
publishertag.js
static.criteo.net/js/ld/ 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:43 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:03 GMT
server
nginx
etag
W/"6115450b-1d808"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 01 Sep 2021 02:57:43 GMT
beacon.v1.js
p3.isanook.com/sh/0/js/ 		375 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/beacon.v1.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.91.55 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Nov 2013 06:56:15 GMT
server
Lego Server
etag
"5296e90f-177"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5277098712757459946
accept-ranges
bytes
content-length
266
spacer.gif
p3.isanook.com/sh/0/di/ac/vl/ 		0
0
FloatingIcon.png
s.isanook.com/sr/0/images/sport/events/paralympics2020/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/sport/events/paralympics2020/FloatingIcon.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
8ca84095025b024952aee1f4000a3ffa5dd0321987688526f57d926d90d179ba

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 07:22:58 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
"61277389-c868"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
x-nws-log-uuid
15739532262069081394
accept-ranges
bytes
content-length
51304
expires
Tue, 28 Sep 2021 07:22:58 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE5MDkvbXZhYy5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE5MDkvbXZhYy5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
9c72aa303d5b14f0eb7289690ebe463b67448d7e61538a442d425e5a11de492b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:12:02 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-krD63TGTHe"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3320880552939148609
accept-ranges
bytes
content-length
38575
expires
Thu, 30 Sep 2021 02:12:02 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE5MTMvbG9oZ2guanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE5MTMvbG9oZ2guanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
8f3c9fae9b303fb34d7fc193dc9a2307b50dcd43afb767094604a5c48534af41

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:58:45 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
3526204561711802000
accept-ranges
bytes
content-length
7754
expires
Thu, 30 Sep 2021 01:58:45 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE4MTMvY29vay5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE4MTMvY29vay5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
652c658744ae19c5d339857c6f5c63171790ffebd88e004304420de09bf859aa

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:09:58 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10498294732054125548
accept-ranges
bytes
content-length
6353
expires
Thu, 30 Sep 2021 01:09:58 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE2OTcvbWFuLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE2OTcvbWFuLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
a3f3aaff98cef996a5a71b9f0de8750194f863f78c75371eeb6f88b9c4773d24

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:07:52 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-DNDF0RhJSX"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6792993103796567035
accept-ranges
bytes
content-length
6919
expires
Thu, 30 Sep 2021 01:07:52 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE3MjUvaHlqbWguanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE3MjUvaHlqbWguanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
019ed424bb2625ab248108e111db35fa2da95fcb6835d22ced14c76d8bc46009

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:07:52 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-KxqlNw1QXM"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12090615849801840094
accept-ranges
bytes
content-length
7992
expires
Thu, 30 Sep 2021 01:07:52 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE1MDkvcHAuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE1MDkvcHAuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
5c504972d88eab944e441a523cc7be0b4971c917e062c2945b7985e32a40d330

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:09:58 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12547245026883505120
accept-ranges
bytes
content-length
5602
expires
Thu, 30 Sep 2021 01:09:58 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE3ODUvZ29vZC5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE3ODUvZ29vZC5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
02fa27e8e6261363e94334173b181f28171a7a408cb675bb6afbdcc4171d2769

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:09:58 GMT
x-cache-lookup
Cache Hit
x-original-content-length
7278
server
Lego Server
age
0
etag
W/"PSA-aj-2oZePouDNZ"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591873
x-nws-log-uuid
10977511189528922583
accept-ranges
bytes
content-length
6218
expires
Thu, 30 Sep 2021 01:07:52 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE5MTcvbGFzdC5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE5MTcvbGFzdC5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
546540b404881d7294e0a9e09c2804240136aaf660471a80b9d6ad9eba4a86ef

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:14:04 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7624587202254500697
accept-ranges
bytes
content-length
4547
expires
Thu, 30 Sep 2021 02:14:04 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE4NjkvdmFjY2luZXMtMi5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE4NjkvdmFjY2luZXMtMi5qcGc=.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
a1a9de5eac74e095af7e42b62dffd46475355dce7394be19aabdb25bec786087

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:09:58 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
3916
server
Lego Server
age
0
etag
W/"PSA-aj-fqJHPn06Bi"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591873
x-nws-log-uuid
6225578465792618826
accept-ranges
bytes
content-length
3292
expires
Thu, 30 Sep 2021 01:07:52 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE3MTMvMTUuanBn.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE3MTMvMTUuanBn.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
c557b75e0f45a56d474eb1d879ffd3793ab94423f54b1dc7ca93f8187bdb0fda

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:35:30 GMT
x-cache-lookup
Cache Hit
server
Lego Server
age
0
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14154148094324074489
accept-ranges
bytes
content-length
3924
expires
Thu, 30 Sep 2021 02:35:30 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE4MDUvcHM1KDEpLmpwZw==.jpg
s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w165h99/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE4MDUvcHM1KDEpLmpwZw==.jpg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
4ed603a10ee80d79ada66fddaa5fa8eff203e3000608353de6c8497ceb3e7631

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:09:58 GMT
x-cache-lookup
Cache Hit
x-original-content-length
4283
server
Lego Server
age
0
etag
W/"PSA-aj-Uic-t4-daJ"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2591873
x-nws-log-uuid
17303263329017746365
accept-ranges
bytes
content-length
3600
expires
Thu, 30 Sep 2021 01:07:52 GMT
category.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/ 		683 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/category.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e85c484f6c89adb2fa384c6a37acb03f6f9f50bd512cf2701c11922de364aef9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 12:51:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:01 GMT
server
Lego Server
age
0
etag
W/"6127737d-aaa96"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
1258228035066308141
accept-ranges
bytes
content-length
152217
expires
Mon, 27 Sep 2021 12:51:11 GMT
_app.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/ 		333 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/_app.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
add959e269a4562dd13010ed646398d5a6156e11db1886292b5eee313b4fb373

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
341208
server
Lego Server
age
0
etag
W/"6127737e-534d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4238247651946055637
accept-ranges
bytes
content-length
67792
expires
Sat, 25 Sep 2021 11:00:53 GMT
webpack-bf727a6e86cd493ae7aa.js
s.isanook.com/sr/0/_next/static/runtime/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
d8405abefbd33ff333e343802dcc12751bd42a8f1b6524846420d09176d348ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
6817
server
Lego Server
age
336
etag
W/"6127737f-1aa1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1876519478504003523
accept-ranges
bytes
content-length
3010
expires
Sat, 25 Sep 2021 11:00:53 GMT
framework.a8c446334694403b7af5.js
s.isanook.com/sr/0/_next/static/chunks/ 		136 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/framework.a8c446334694403b7af5.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:06:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
139444
server
Lego Server
age
0
etag
W/"6127737e-220b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10134451293944810893
accept-ranges
bytes
content-length
44575
expires
Sun, 26 Sep 2021 11:06:29 GMT
5e47f296327e8a1a9906ba09f75097b1698d8d51.6ee61761ec68b3509c52.js
s.isanook.com/sr/0/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5e47f296327e8a1a9906ba09f75097b1698d8d51.6ee61761ec68b3509c52.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
6549
server
Lego Server
age
210
etag
W/"6127737e-1995"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3667643810823699506
accept-ranges
bytes
content-length
2437
expires
Sat, 25 Sep 2021 11:00:53 GMT
40a6c1b6bb6a3d42f91661f0560a3fe503d632ec.3b72f283b635eb4eacd3.js
s.isanook.com/sr/0/_next/static/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/40a6c1b6bb6a3d42f91661f0560a3fe503d632ec.3b72f283b635eb4eacd3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
7663
server
Lego Server
age
0
etag
W/"6127737e-1def"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3624592844929278451
accept-ranges
bytes
content-length
2492
expires
Sat, 25 Sep 2021 11:00:53 GMT
5a620b34399a1c67dbc88ce988e37ec431282bc2.f848520e63915f6f252c.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5a620b34399a1c67dbc88ce988e37ec431282bc2.f848520e63915f6f252c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
12810
server
Lego Server
age
310
etag
W/"6127737e-320a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8649014446087913110
accept-ranges
bytes
content-length
4700
expires
Sat, 25 Sep 2021 11:00:53 GMT
1daddbe518133c024802cb6086a3af5f8dc433d0.b7595c8340c8fcd5e360.js
s.isanook.com/sr/0/_next/static/chunks/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/1daddbe518133c024802cb6086a3af5f8dc433d0.b7595c8340c8fcd5e360.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 22:09:36 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-bdf4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
14655460402640989014
accept-ranges
bytes
content-length
17763
expires
Sun, 26 Sep 2021 22:09:36 GMT
5a06b70ae33e96b53e8232bd260bc1b13eff74ad.03303b89d1895002b2ec.js
s.isanook.com/sr/0/_next/static/chunks/ 		151 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5a06b70ae33e96b53e8232bd260bc1b13eff74ad.03303b89d1895002b2ec.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
f7499ace47711e1d551810c1f8125288e98509a74f22065442f9c901ca8b18d5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
154398
server
Lego Server
age
0
etag
W/"6127737e-25b1e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
43229800186751214
accept-ranges
bytes
content-length
44360
expires
Sat, 25 Sep 2021 11:00:53 GMT
f984ce8743817d99155f468bc01d17674342c98a.7a1a2b2083b0c66bf6e7.js
s.isanook.com/sr/0/_next/static/chunks/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/f984ce8743817d99155f468bc01d17674342c98a.7a1a2b2083b0c66bf6e7.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
40871
server
Lego Server
age
0
etag
W/"6127737e-9fa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
7060254992693323798
accept-ranges
bytes
content-length
14025
expires
Sat, 25 Sep 2021 11:00:53 GMT
ae84cd41c73f67182b5244d1f0779236d441a25d.80991efe8bb1a9543cba.js
s.isanook.com/sr/0/_next/static/chunks/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ae84cd41c73f67182b5244d1f0779236d441a25d.80991efe8bb1a9543cba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
635664c62c16fe2ab1476757c43e3018ca1a14e8f83dbad2ca843c08a0ec8898

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
519
etag
W/"6127737e-9d9c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15531507187788548378
accept-ranges
bytes
content-length
12704
expires
Sat, 25 Sep 2021 11:00:53 GMT
f4870a16efa30f974ce772dc1cfd77d71e6f712b.313df431fe256f08a617.js
s.isanook.com/sr/0/_next/static/chunks/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/f4870a16efa30f974ce772dc1cfd77d71e6f712b.313df431fe256f08a617.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
fc5d359705d84854b9d91a3e590b31e8202b5930684d90cf46316c996055c947

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
63750
server
Lego Server
age
0
etag
W/"6127737e-f906"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9792739777264833994
accept-ranges
bytes
content-length
18882
expires
Sat, 25 Sep 2021 11:00:53 GMT
4a63ff3961ef6ae7bf4751d874a3909b599c6c33.f2ede5c6c7d27e1d37cf.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/4a63ff3961ef6ae7bf4751d874a3909b599c6c33.f2ede5c6c7d27e1d37cf.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
7c97733cfcb2cf9c407d64412fa84f3204bd2f7148b0c9dac79153e00e0d808f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:12:02 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-49e1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
13285622015873022038
accept-ranges
bytes
content-length
5941
expires
Sun, 26 Sep 2021 13:12:02 GMT
abfcd4e2fbe88066bb74ae719336e4784bea213f.06b2d8d4bdefedc62910.js
s.isanook.com/sr/0/_next/static/chunks/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/abfcd4e2fbe88066bb74ae719336e4784bea213f.06b2d8d4bdefedc62910.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
556b54759c6cef79505607ce76cb1b45c1ea663582f337599d7c602b46e70a0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
19676
server
Lego Server
age
330
etag
W/"6127737e-4cdc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4116422559226923518
accept-ranges
bytes
content-length
6652
expires
Sat, 25 Sep 2021 11:00:53 GMT
5f9919215684809646a61de8f847b80ea40bf13f.25b32f2bf3ce9d3af029.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/5f9919215684809646a61de8f847b80ea40bf13f.25b32f2bf3ce9d3af029.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
11793
server
Lego Server
age
330
etag
W/"6127737e-2e11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2896404196085969604
accept-ranges
bytes
content-length
3364
expires
Sat, 25 Sep 2021 11:00:53 GMT
296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
s.isanook.com/sr/0/_next/static/chunks/ 		281 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
7039a31cabdf37972bc95cdd885b69560a1a9353d063d1372d7c8407e846452d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:12:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-463f8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12786294504555390908
accept-ranges
bytes
content-length
51615
expires
Sun, 26 Sep 2021 13:12:01 GMT
059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e9a7f88990e25e0fd3d4cc931050b9e17f4ac792808d3fcb35babb4a41a9275d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
17987
server
Lego Server
age
0
etag
W/"6127737e-4643"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
4337852328104701737
accept-ranges
bytes
content-length
5387
expires
Sat, 25 Sep 2021 11:00:53 GMT
styles.e56987f829e6da55bdfa.js
s.isanook.com/sr/0/_next/static/chunks/ 		107 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/styles.e56987f829e6da55bdfa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:32:55 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
"6127737e-6b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9561799128964473098
accept-ranges
bytes
content-length
107
expires
Wed, 29 Sep 2021 03:32:55 GMT
main-c4548a6c5259798ceb68.js
s.isanook.com/sr/0/_next/static/runtime/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
70c43dce4a0660213c91932e6b1b2c2a4370402bdbf51206a877d0b8d92312e2

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 14:12:00 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:03 GMT
server
Lego Server
age
39363
etag
W/"6127737f-344f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
9984461584808463447
accept-ranges
bytes
content-length
4980
expires
Sun, 26 Sep 2021 14:12:00 GMT
dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
s.isanook.com/sr/0/_next/static/chunks/ 		251 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
a4dd6d1a338ee6666d4479f8a436bca06fb273c809c21e94f1da92cc0ca4ce06

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
256628
server
Lego Server
age
0
etag
W/"6127737e-3ea74"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
13111436172735557842
accept-ranges
bytes
content-length
19861
expires
Sat, 25 Sep 2021 11:00:53 GMT
ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
519
etag
W/"6127737e-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15969184379518042200
accept-ranges
bytes
content-length
5447
expires
Sat, 25 Sep 2021 11:00:53 GMT
fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
180425af28d98940d88774e896fe688dcb33b41df94ac547989b4d41d6925f5c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 08:03:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
13459
server
Lego Server
age
47641
etag
W/"6127737e-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
10221076174075609859
accept-ranges
bytes
content-length
4584
expires
Sun, 26 Sep 2021 08:03:14 GMT
36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
11819
server
Lego Server
age
0
etag
W/"6127737e-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14144287074245809667
accept-ranges
bytes
content-length
3870
expires
Sat, 25 Sep 2021 11:00:53 GMT
8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
s.isanook.com/sr/0/_next/static/chunks/ 		205 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
c09778e8a6f52094885727d8c19f5ebad50b297fe9bc09431f2b04505b6c47b3

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
210380
server
Lego Server
age
0
etag
W/"6127737e-335cc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
16476495292775151288
accept-ranges
bytes
content-length
44835
expires
Sat, 25 Sep 2021 11:00:53 GMT
0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
s.isanook.com/sr/0/_next/static/chunks/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
ab7a9e1dd7e6c7d5e3fa41ef5ff9c1fd12e0067c2b2875e6eb79a7bc6433658b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:09:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
210
etag
W/"6127737e-4114"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
8162117491363162058
accept-ranges
bytes
content-length
4143
expires
Sat, 25 Sep 2021 11:06:03 GMT
e5d67cc7fb9e57ec1a94d9d0e91d8f7dad6820d6.373763efdd431ed68264.js
s.isanook.com/sr/0/_next/static/chunks/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/e5d67cc7fb9e57ec1a94d9d0e91d8f7dad6820d6.373763efdd431ed68264.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
34596
server
Lego Server
age
0
etag
W/"6127737e-8724"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6136396058507227710
accept-ranges
bytes
content-length
8098
expires
Sat, 25 Sep 2021 11:00:53 GMT
ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
5823
server
Lego Server
age
335
etag
W/"6127737e-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8885767508653664550
accept-ranges
bytes
content-length
2659
expires
Sat, 25 Sep 2021 11:00:53 GMT
62494f545b0f5660c288bc7465bf323452d22e96.99c2898dcbff2a789c9c.js
s.isanook.com/sr/0/_next/static/chunks/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/62494f545b0f5660c288bc7465bf323452d22e96.99c2898dcbff2a789c9c.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:09:35 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-72c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17372346481538653344
accept-ranges
bytes
content-length
5530
expires
Sat, 25 Sep 2021 11:09:35 GMT
13a412d4f6bd19a220ad2c4dc17e4a3895606f9f.9198c675175b2807bbec.js
s.isanook.com/sr/0/_next/static/chunks/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/13a412d4f6bd19a220ad2c4dc17e4a3895606f9f.9198c675175b2807bbec.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
2c5306a77509c297d3639e90a840f4fa8cb467c628aed90870545690a2cd081d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 19:14:11 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-3374"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5949480358061237938
accept-ranges
bytes
content-length
3216
expires
Sun, 26 Sep 2021 19:14:11 GMT
_buildManifest.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/_buildManifest.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
0464387ee82b37e9d2fe2be926c1e42e5a05acf1bf319cbed950509071f16e8f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
6852
server
Lego Server
age
336
etag
W/"6127737d-1ac4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3989124143396428524
accept-ranges
bytes
content-length
1920
expires
Sat, 25 Sep 2021 11:00:53 GMT
oppa.js
p3.isanook.com/sh/0/js/ 		537 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/sh/0/js/oppa.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.91.55 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 17 May 2017 08:37:40 GMT
server
Lego Server
etag
"591c0bd4-219"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8441356887785076096
accept-ranges
bytes
content-length
363
db04b7e80825ebbe7211052ca9638d056f74acc8-1.10.0.js
s.isanook.com/sr/0/js/izooto/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/js/izooto/db04b7e80825ebbe7211052ca9638d056f74acc8-1.10.0.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
f76ba127a1d68a303774ec473e346f2c66b932b3c884f403e784658ed9f4978b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:34:23 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:17 GMT
server
Lego Server
age
0
etag
W/"6127738d-2b236"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
12853207419442659456
accept-ranges
bytes
content-length
48177
expires
Mon, 27 Sep 2021 08:34:23 GMT
gtm.js
www.googletagmanager.com/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60e0721a3cdf94041a9615341592e4bbf44a51c075e1b14b0d1fe90613f15777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47321
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Aug 2021 02:57:44 GMT
d0004449.js
lvs2.truehits.in.th/dataa/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lvs2.truehits.in.th/dataa/d0004449.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.45 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
9b1871a52c377b6ff44b2c86e0e0a7620654212ee38f10bbd1364b80a7ed34b7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:44 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
Last-Modified
Thu, 26 Aug 2021 07:02:00 GMT
Server
NWS_Oversea_AP
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
max-age=604800
X-Daa-Tunnel
hop_count=1
X-NWS-LOG-UUID
adb7c6e3-4327-4de5-8c34-69649eff3546
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
2944
Expires
Tue, 07 Sep 2021 02:57:43 GMT
a102.js
sal.isanook.com/js/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/js/a102.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:45 GMT
Last-Modified
Mon, 10 Aug 2020 09:23:14 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24035
Expires
Thu, 30 Sep 2021 02:57:45 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25996
x-xss-protection
0
pragma
public
x-fb-debug
mWsp+FKCwkOvxB0KEpktYpFxqC0O/VIZRuGrhET5sq/tTAeF2zQdNMDGle38MdkEdMD/tuk6SmwFnep7ShxPqg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 31 Aug 2021 02:57:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo-sanook.svg
s.isanook.com/sr/0/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/logo-sanook.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 01:48:42 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:17 GMT
server
Lego Server
age
0
etag
W/"6127738d-1633"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
12284270076883398628
accept-ranges
bytes
content-length
5683
expires
Tue, 28 Sep 2021 01:48:42 GMT
wetv-g.svg
s.isanook.com/sr/0/images/homewetv/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/homewetv/wetv-g.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 12:06:44 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:08 GMT
server
Lego Server
age
5770
etag
W/"61277384-113a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
6058546746342911161
accept-ranges
bytes
content-length
4410
expires
Sun, 26 Sep 2021 12:06:44 GMT
covid-bg.png
s.isanook.com/sr/0/images/events/2020/covid2019/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/events/2020/covid2019/covid-bg.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
7f90dcd0fba90d90c2bb4b845ecacdfb21873fef07fc57d931fce0a5a43f4a40

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 09:14:09 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:06 GMT
server
Lego Server
age
0
etag
"61277382-c8d"
content-type
image/png
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
18233760357360654672
accept-ranges
bytes
content-length
3213
expires
Wed, 29 Sep 2021 09:14:09 GMT
base-icon-v1.0.33.woff2
s.isanook.com/sr/0/fonts/icon/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/icon/base-icon-v1.0.33.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 08:49:24 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:05 GMT
server
Lego Server
age
0
etag
"61277381-886c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
4258469163096089255
accept-ranges
bytes
content-length
34924
expires
Wed, 29 Sep 2021 08:49:24 GMT
SukhumvitReg.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitReg.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 03:43:56 GMT
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:05 GMT
server
Lego Server
age
0
etag
"61277381-7a90"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
7327485326473445716
accept-ranges
bytes
content-length
31376
expires
Tue, 28 Sep 2021 03:43:56 GMT
SukhumvitBold.woff2
s.isanook.com/sr/0/fonts/sukhumvit/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/fonts/sukhumvit/SukhumvitBold.woff2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f

Request headers

Origin
https://www.sanook.com
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:41:39 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:05 GMT
server
Lego Server
age
13916
etag
"61277381-7df4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
17554785492488111730
accept-ranges
bytes
content-length
32244
expires
Wed, 29 Sep 2021 03:41:39 GMT
goggen.php
lvs2.truehits.in.th/ 		91 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lvs2.truehits.in.th/goggen.php?hc=d0004449&bv=0&rf=bookmark&web=RVcOPx1%2bs4uCUeHU8%2bSudQ%3D%3D&bn=Netscape&ss=1600*1200&sc=24&sv=1.3&ck=y&ja=n&vt=1175CB4F.1&fp=d&fv=-&truehitspage=sanook.www.index&truehitsurl=https%3a//www.sanook.com/&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.45 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:44 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
P3P
CP=NOI DSP COR NID ADMa OUR IND NAV; policyref="/w3c/p3p.xml"
Cache-Control
no-cache
X-Daa-Tunnel
hop_count=2
X-NWS-LOG-UUID
fe47a424-7418-4d4f-b517-833b174ee8c4
Connection
keep-alive
Content-Type
image/jpeg
js
www.googletagmanager.com/gtag/ 		128 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7897bc9a4066b2205e3c1ded3a9abebeccdceac176a7caccf3ca3655a3a65a4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51718
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:44 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5125
date
Tue, 31 Aug 2021 01:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 31 Aug 2021 03:32:19 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNXLXRS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
02729899e910c0a0a5fe129ddf1906312da5be7e415b1b2272d216385759b0a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14057
x-xss-protection
0
server
cafe
etag
2037397246640056080
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Aug 2021 02:57:44 GMT
js
www.google-analytics.com/gtm/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NBRLWV4&t=gtm4&cid=663412386.1630378664
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad0f0dd6d6e29b33f279524d57d46471b63cf0bfd85001b585afe6b6eefc642b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40514
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:44 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155976/781/ 		2 MB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
86128b9ba700cc30d262ef818d0b1abbf894cac03dc67b1cd5b191363ba9c265

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
last-modified
Fri, 27 Aug 2021 04:49:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a0a4a-1d8e4b-5ca833535cea3"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=148664
accept-ranges
bytes
content-type
text/javascript
content-length
217378
expires
Wed, 01 Sep 2021 20:15:28 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=79632273&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=597465182&gjid=1632116403&cid=663412386.1630378664&tid=UA-8147095-6&_gid=1800834835.1630378664&_r=1&gtm=2wg8p0PNXLXRS&cd4=0&cd12=1630378664241.q4cahuix&cd22=firstpage&cd23=indexpage&z=1830296365
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/408516141/?random=1630378664258&cv=9&fst=1630378664258&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d407de092cd008466c2e659bc2bf89e54af2a1dd47f22e6f58b281233e9bd317
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1059
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1007499765/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/1007499765/?random=1630378664261&cv=9&fst=1630378664261&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=290474165.1630378664&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
83fafd02baa879d317f079c9d42e75653fd4966f3851732ff2785a75c3d30715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/privacysandbox/conversion/1007499765/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/privacysandbox/conversion/1007499765/?random=1630378664261&cv=9&fst=1630378664261&num=1&fmt=3&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=290474165.1630378664&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-8147095-6&cid=663412386.1630378664&jid=597465182&gjid=1632116403&_gid=1800834835.1630378664&_u=aGDAAEACQAAAAC~&z=1608906810
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 31 Aug 2021 02:57:44 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/408516141/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/408516141/?random=1630378664258&cv=9&fst=1630375200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&async=1&fmt=3&is_vtc=1&random=1313814067&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/408516141/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/408516141/?random=1630378664258&cv=9&fst=1630375200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&async=1&fmt=3&is_vtc=1&random=1313814067&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/1007499765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007499765/?random=421208072&cv=9&fst=1630378664261&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
  • https://www.google.com/pagead/1p-conversion/1007499765/?random=421208072&cv=9&fst=1630378664261&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
  • https://www.google.de/pagead/1p-conversion/1007499765/?random=421208072&cv=9&fst=1630378664261&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1007499765/?random=421208072&cv=9&fst=1630378664261&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=290474165.1630378664&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qJotYfmdDp3-gAfY3bXQDw&cid=CAQSKQCNIrLMuSiI2cFhMqVQ2_zuW04Ij25FjEC9Zszbo638LSGhMsrUtykT&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgeFS-HABM0z3-QXlezf7j_Oj8xyn7gHKBM&random=4172765724&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1007499765/?random=421208072&cv=9&fst=1630378664261&num=1&value=0&label=JxFSCKqXqfMBEPXztOAD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sanook.com%2F&tiba=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20&auid=290474165.1630378664&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=qJotYfmdDp3-gAfY3bXQDw&cid=CAQSKQCNIrLMuSiI2cFhMqVQ2_zuW04Ij25FjEC9Zszbo638LSGhMsrUtykT&eitems=ChEI8IOyiQYQiJqDxIm85_7aARIdAGVqYgeFS-HABM0z3-QXlezf7j_Oj8xyn7gHKBM&random=4172765724&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1489944661112333
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1489944661112333?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8c555832866fc44c6671f90cf1b7789d180cece706459e225fd64036124ebe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89312
x-xss-protection
0
pragma
public
x-fb-debug
ldKCjdNDdhjqVDI5V4BnIi36qxUjO6KcpQCkH/Tb6Sj32+duK3u2mmvy1K0iif24FmcPvCu9jj+t0Ii9sftrUg==
x-frame-options
DENY
date
Tue, 31 Aug 2021 02:57:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-8147095-6&cid=663412386.1630378664&jid=597465182&_u=aGDAAEACQAAAAC~&z=775621153
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-8147095-6&cid=663412386.1630378664&jid=597465182&_u=aGDAAEACQAAAAC~&z=775621153
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.sanook.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1608
date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sanook.com%2F&domain=www.sanook.com&cw=1&pbt=1
  • https://mug.criteo.com/sid?cpp=rHjwYHw1YURFeC80QjEvOHMzUUJGVmxHdVRrNFZkVGpCWjdRc2Vid3VnZ0lTbXdPVStnY216Zk9PcFhTenBDR3p3Yk9PVEhXVllGa2E2Q1ZpZGJlMDFBRWhUcW8wdkZhQVhDUmw3bkhqK1p6TU43RFZrbjZTSjdNMitRb1...
352 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rHjwYHw1YURFeC80QjEvOHMzUUJGVmxHdVRrNFZkVGpCWjdRc2Vid3VnZ0lTbXdPVStnY216Zk9PcFhTenBDR3p3Yk9PVEhXVllGa2E2Q1ZpZGJlMDFBRWhUcW8wdkZhQVhDUmw3bkhqK1p6TU43RFZrbjZTSjdNMitRb1FndnQyOGE5WVVhaEsrTFdyZXJJN3F3OGttQ1NjOFN6YVgrZE80amlYaDVIRXh1aGF0c1ViSmdqWEhJSENnQzdSa2ZhTmIrQXZIckVUdUZWMjFBVzZHc3ZiVkRTUjRkRFlDRVZTRVNrUGE4OTZUWHFKcndRPXw&cppv=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4fae7771c6196aa9af014cafb8b988bac37eaf12e6b50780bcfe3923a7be6f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 31 Aug 2021 02:57:44 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2368
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 31 Aug 2021 02:57:44 GMT
location
https://mug.criteo.com/sid?cpp=rHjwYHw1YURFeC80QjEvOHMzUUJGVmxHdVRrNFZkVGpCWjdRc2Vid3VnZ0lTbXdPVStnY216Zk9PcFhTenBDR3p3Yk9PVEhXVllGa2E2Q1ZpZGJlMDFBRWhUcW8wdkZhQVhDUmw3bkhqK1p6TU43RFZrbjZTSjdNMitRb1FndnQyOGE5WVVhaEsrTFdyZXJJN3F3OGttQ1NjOFN6YVgrZE80amlYaDVIRXh1aGF0c1ViSmdqWEhJSENnQzdSa2ZhTmIrQXZIckVUdUZWMjFBVzZHc3ZiVkRTUjRkRFlDRVZTRVNrUGE4OTZUWHFKcndRPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1674
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/pubmatic_desktop.1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
8f24bc39b121cdd2004a305481b02eee62f616f8ba1bdcd354e0147560c47311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"974 / 332 of 1000 / last-modified: 1630361820"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25577
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:44 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-M0RYDTKBFK&gtm=2oe8p0&_p=79632273&sr=1600x1200&ul=en-us&cid=663412386.1630378664&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sid=1630378664&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0RYDTKBFK&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021082701.js
securepubads.g.doubleclick.net/gpt/ 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Aug 2021 15:07:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119397
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		561 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sanook.com
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4b9e2d9cb3a553b04a4f89fa2b40485c31e04dcc0516589f7c1fb9f87a3435c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
209
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:44 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rHjwYHw1YURFeC80QjEvOHMzUUJGVmxHdVRrNFZkVGpCWjdRc2Vid3VnZ0lTbXdPVStnY216Zk9PcFhTenBDR3p3Yk9PVEhXVllGa2E2Q1ZpZGJlMDFBRWhUcW8wdkZhQVhDUmw3bkhqK1p6TU43RFZrbjZTSjdNMitRb1FndnQyOGE5WVVhaEsrTFdyZXJJN3F3OGttQ1NjOFN6YVgrZE80amlYaDVIRXh1aGF0c1ViSmdqWEhJSENnQzdSa2ZhTmIrQXZIckVUdUZWMjFBVzZHc3ZiVkRTUjRkRFlDRVZTRVNrUGE4OTZUWHFKcndRPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1411
date
Tue, 31 Aug 2021 02:57:43 GMT
content-encoding
gzip
vary
Accept-Encoding
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1489944661112333&ev=PageView&dl=https%3A%2F%2Fwww.sanook.com%2F&rl=&if=false&ts=1630378664728&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630378664727.1375978717&it=1630378664369&coo=false&exp=p1&rqm=GET
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 31 Aug 2021 02:57:44 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/beacon.v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-76.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 30 Aug 2021 13:22:42 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
48903
etag
W/"1827f116c73f319409b97f10b8a58ade"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
wjUPyN7-QD7XBSdh1pw2o9RrFlTMbUiVg_QjJdxp4oS8v0_igTKa-w==
container_57b51f2f1c51b15b6d1e8553.js
avd.innity.net/225/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/sh/0/js/oppa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.92.43 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-92-43.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Aug 2020 08:27:45 GMT
Server
nginx/1.18.0
ETag
"5f48c001-20eb-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=432573
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3217
Expires
Sun, 05 Sep 2021 03:07:18 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=14617386&ns__t=1630378665204&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630378665204&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8...
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630378665204&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-76.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
fyD9Gl721pVhZQk37AFphi54i6FYZdw8OKUIWDIsPB1UYDq69xS4yQ==

Redirect headers

date
Tue, 31 Aug 2021 02:57:45 GMT
via
1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=14617386&ns__t=1630378665204&ns_c=UTF-8&cv=3.5&c8=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&c7=https%3A%2F%2Fwww.sanook.com%2F&c9=
content-length
433
x-amz-cf-id
UBr0jpr-dfGvCOeMPlxIE2waLchrNZqe1S51NoARBv7Tf7tpo76IxA==
/
www.facebook.com/tr/ 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryuzfHVArGetCIzBmI

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 31 Aug 2021 02:57:45 GMT
content-type
text/plain
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
123e19f2.8e7e22347c3c27645b2d.js
s.isanook.com/sr/0/_next/static/chunks/ 		282 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/123e19f2.8e7e22347c3c27645b2d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
9d91412f3838ae54c49111850d6eba640acc2cc438202cf1ee73bce728600ad0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 09:55:38 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-5e0f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10991013808952501188
accept-ranges
bytes
content-length
77966
expires
Mon, 27 Sep 2021 09:55:38 GMT
a7e7d9dd.55546d0227557c116e7d.js
s.isanook.com/sr/0/_next/static/chunks/ 		276 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/a7e7d9dd.55546d0227557c116e7d.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 09:31:13 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
283103
server
Lego Server
age
0
etag
W/"6127737e-451df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2690025434770559361
accept-ranges
bytes
content-length
65434
expires
Wed, 29 Sep 2021 09:31:13 GMT
JooxPlayer.562c6a7a7301e93ec96a.js
s.isanook.com/sr/0/_next/static/chunks/ 		259 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/JooxPlayer.562c6a7a7301e93ec96a.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
5a44bb0da76356746f2a4720dbdcb4c385e865b5a009f76fb252960532ccad17

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 16:37:29 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-40bc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16592772299602496973
accept-ranges
bytes
content-length
90369
expires
Sat, 25 Sep 2021 16:37:29 GMT
hub.html
p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/ Frame 487F 		236 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.91.55 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c

Request headers

:method
GET
:authority
p3.isanook.com
:scheme
https
:path
/jo/0/mu/evt/_cross_storage/ex/hub.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

content-type
text/html
vary
Accept-Encoding
date
Tue, 31 Aug 2021 02:52:53 GMT
x-page-speed
1.13.35.2-0
age
292
accept-ranges
bytes
server
Lego Server
x-cache-lookup
Cache Miss Hit From Inner Cluster
content-encoding
gzip
cache-control
no-cache, max-age=0
content-length
186
x-nws-log-uuid
7417006991456516781
/
api.u1sf.com/geoip2/code/ 		160 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.u1sf.com/geoip2/code/?callback=jsonp_1630378665552_90922
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/059f517648083c4cc99dfdde6159ac5517e5e50d.80c231de7f2569350341.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.5 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
5.134.151.203.sta.inet.co.th
Software
/
Resource Hash
d56eab97646b7f1c11ee1e5d79be8e1aeacfa2807dc38ca7d37c28bbd4bc2780

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
public
Date
Tue, 31 Aug 2021 02:57:47 GMT
Age
0
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
public, max-age=900, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
160
31a159c4fa6f8938f35ee94a1a774cf4a0b4a748.16b36636532f43f22aec.js
s.isanook.com/sr/0/_next/static/chunks/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/31a159c4fa6f8938f35ee94a1a774cf4a0b4a748.16b36636532f43f22aec.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e43457f2ee97cc1168c20dac84650b80b94d1ab7e464acfd07e602ac05c9d24d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 01:18:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
0
etag
W/"6127737e-140c5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
15527375667586657381
accept-ranges
bytes
content-length
26099
expires
Wed, 29 Sep 2021 01:18:01 GMT
120.c55e6fcb72b6b47d2281.js
s.isanook.com/sr/0/_next/static/chunks/ 		220 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/120.c55e6fcb72b6b47d2281.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/webpack-bf727a6e86cd493ae7aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
3750dc9190c5f0f2190e1982999c45a5a64f76be5281139538e2a370a9344b6f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 07:31:26 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Mon, 23 Aug 2021 07:29:07 GMT
server
Lego Server
age
0
etag
"61234e43-3717a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8609027255549701118
accept-ranges
bytes
content-length
67879
expires
Wed, 22 Sep 2021 07:31:26 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads.json
s.isanook.com/sh/0/ad/ 		142 B
354 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/ad/ads.json?v=13586488
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:44:09 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 02 Nov 2020 03:55:07 GMT
server
Lego Server
age
0
etag
"5f9f831b-8e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17704229219813348425
accept-ranges
bytes
content-length
142
expires
Thu, 30 Sep 2021 02:44:09 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=3830888092
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:45 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=80643584232
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:44 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
latest.json
s.isanook.com/an/0/covid-19/static/data/thailand/daily/ 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/an/0/covid-19/static/data/thailand/daily/latest.json?1630378665553
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
f699d58ae53f35ebeaae462110a4f97bb5430753a9b0df8f766aa13db30b398e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
x-cache-lookup
Cache Miss, Hit From Inner Cluster
last-modified
Tue, 31 Aug 2021 02:45:00 GMT
server
Lego Server
age
0
etag
"612d97ac-74"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
10671979789174526481
accept-ranges
bytes
content-length
116
expires
Thu, 30 Sep 2021 02:57:45 GMT
ico-policy-2.svg
s.isanook.com/sr/0/images/icon/ 		994 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/sr/0/images/icon/ico-policy-2.svg
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:42:52 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:08 GMT
server
Lego Server
age
0
etag
"61277384-3e2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-nws-log-uuid
4847512448413616295
accept-ranges
bytes
content-length
994
expires
Sun, 26 Sep 2021 13:42:52 GMT
/
graph.sanook.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getHomeHilightEntries&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%2C%22poll%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A15%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%226a056dc7f08c6d2e00ee86da7454619643df4a58%22%7D%7D
Protocol
HTTP/1.1
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sanook.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 31 Aug 2021 02:57:46 GMT
Connection
keep-alive
Access-Control-Max-Age
300
X-Cache
BYPASS
Vary
Origin
Access-Control-Allow-Origin
https://www.sanook.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
Strict-Transport-Security
max-age=15724800; includeSubDomains;
/
graph.sanook.com/ 		17 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graph.sanook.com/?operationName=getHomeHilightEntries&variables=%7B%22channels%22%3A%5B%22firstpage%22%5D%2C%22types%22%3A%5B%22content%22%2C%22poll%22%5D%2C%22categoryIds%22%3A%5B%7B%22channel%22%3A%22firstpage%22%2C%22ids%22%3A%5B794%5D%7D%5D%2C%22orderBy%22%3A%7B%22direction%22%3A%22DESC%22%2C%22field%22%3A%22STICKY%22%7D%2C%22first%22%3A15%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%226a056dc7f08c6d2e00ee86da7454619643df4a58%22%7D%7D
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/_app.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
61.91.93.188 , Thailand, ASN7470 (TRUEINTERNET-AS-AP TRUE INTERNET Co.,Ltd., TH),
Reverse DNS
61-91-93-188.static.asianet.co.th
Software
nginx /
Resource Hash
78279f887bda9593fd3bafa8f13c41f381804ff9a9a739001564a6c000da2f26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept
*/*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 31 Aug 2021 02:57:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
x-newrelic-app-data
PxQDWFFXAAATUVFSBAgEV1MTGhE1AwE2QgNWEVlbQFtcCxYkSRFBBxdFXRJJJH1nH0tDTgcdB0hVBgQLVFNSVgJOGlMPAQQBEUkbVwVUUVBWBFIFAFoBAwBGTQRWXUQDOQ==
Server
nginx
Strict-Transport-Security
max-age=15724800; includeSubDomains;
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://www.sanook.com
Transfer-Encoding
chunked
X-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,XPURGE,Authorization
dc-script-v2.min.js
sal.isanook.com/dc/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sal.isanook.com/dc/dc-script-v2.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:45 GMT
Last-Modified
Mon, 16 Nov 2020 11:46:30 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25278
Expires
Thu, 30 Sep 2021 02:57:45 GMT
cdb
bidder.criteo.com/ 		144 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=85660047399
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bbf7e93fd90794c3f5b38f89efdcea6cca757326c79d3f3853f82388729f3f26

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
149
integrator.js
adservice.google.ch/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1819461917466331&correlator=2415088692586221&output=ldjh&impl=fif&eid=31062434%2C44749396%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cuniversalb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630378665&dt=1630378665811&dlt=1630378663103&idt=1521&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=345054422&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=663412386.1630378664&ga_sid=1630378666&ga_hid=79632273&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c6b893e809ad60307bde80e3aefa1731f6fb631552fb0cd5cfb15737fe4a297e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7709
x-xss-protection
0
google-lineitem-id
5582840632
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138336206208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6698 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 02:57:45 GMT
expires
Wed, 31 Aug 2022 02:57:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1819461917466331&correlator=2339924452893275&output=ldjh&impl=fif&eid=31062434%2C44749396%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2CSkyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=130x445&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630378665&dt=1630378665823&dlt=1630378663103&idt=1521&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2209700283&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=663412386.1630378664&ga_sid=1630378666&ga_hid=79632273&ga_fc=false&fws=132&ohw=130&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2ce8d485a178a8068cce921e915cbd68e389b2caa4453a6dd3c7bf401fd0df57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8336
x-xss-protection
0
google-lineitem-id
5774075937
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138361456060
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:45 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a8c64f81-df6c-4810-8248-d4de840acfeb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		376 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&rf=https%3A%2F%2Fwww.sanook.com%2F&tg_i.dfp_ad_unit_code=4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Frecb&tg_i.pbadslot=4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Frecb&tk_flint=pbjs_lite_v4.33.0&x_source.tid=a128eb10-3378-4171-a82f-f4b32ad89b99&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9888623393455998
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
59744294205dbaa28a352be3d981d01fad1ffbb0541619f790f5c2325513e13d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
376
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
tencentth-d.openx.net/w/1.0/ 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a128eb10-3378-4171-a82f-f4b32ad89b99&nocache=1630378665836&aus=300x250&divIds=rgpt-recb-4&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
6981b6361b8b1e8f328b56a811a4f21fc0faef7fd9a1fd1de7f7d735712577bb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
rtb-eu.andbeyond.media/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:46 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
cygnus
htlb.casalemedia.com/ 		25 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22176cc49c19928dc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221895d423c788e07%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f97c54cff7247704dab47f5b2cd44b9111d63985f590432f6d3f9bafa690826c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 02:57:45 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-68-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 02:57:45 GMT
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:45 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 26 Aug 2022 02:57:45 GMT
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 26 Aug 2022 02:57:45 GMT
bid-request
a.teads.tv/hb/ 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-68-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 02:57:45 GMT
cygnus
htlb.casalemedia.com/ 		25 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575405&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22251c2bc3a2f471d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226fe02a1850b44f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221130x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1130%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2227aa8b1e91441b3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221090x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1090%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2228b60107c511257%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2229f42a67d140e1d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575405%22%2C%22sid%22%3A%221x1%22%7D%2C%22banner%22%3A%7B%22w%22%3A1%2C%22h%22%3A1%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1ee95fab5b193f1aefa0f7c0fa8bb2778c90e1935389c5a9cfef8927497e77b1

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 02:57:45 GMT
arj
tencentth-d.openx.net/w/1.0/ 		173 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=97d39734-092c-4f52-ae89-e733f5c2e684&nocache=1630378665862&aus=1130x250%2C1090x250%2C970x250%2C1x1&divIds=rgpt-billboard-5&auid=542511408
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
a5903995800a43b2a2677fd1c38adfa9578d5b93a97dc7f8f0cb730e9e5b1cf9

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
rtb-eu.andbeyond.media/ 		32 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136923&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:46 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
32
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		386 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=57&alt_size_ids=221&rf=https%3A%2F%2Fwww.sanook.com%2F&tg_i.dfp_ad_unit_code=4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Fbillboard&tg_i.pbadslot=4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Fbillboard&tk_flint=pbjs_lite_v4.33.0&x_source.tid=97d39734-092c-4f52-ae89-e733f5c2e684&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8084696882836908
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f4f18b9c60d7c7fd6bd906a77def5f79450922b924c3de127922428e28efed7d

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
386
Expires
Wed, 17 Sep 1975 21:32:10 GMT
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:45 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
entry.js
s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/San4Xsdy9aLUgv4S5czLl/pages/common/entry.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:13:34 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
59071
server
Lego Server
age
568
etag
W/"6127737d-e6bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
162574196395788352
accept-ranges
bytes
content-length
12437
expires
Sat, 25 Sep 2021 11:00:55 GMT
dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/dc9a8663c1eefa251dd550396c9e16229a3b5fba.827f1a69452106b0f878.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
256628
server
Lego Server
age
0
etag
W/"6127737e-3ea74"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
8803726073867515510
accept-ranges
bytes
content-length
19861
expires
Sat, 25 Sep 2021 11:00:53 GMT
ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ab3892aacfceb4ef2a725033e958c965fa67f28e.02e73207f7dab7fbde40.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
519
etag
W/"6127737e-47b2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5218848438032120997
accept-ranges
bytes
content-length
5447
expires
Sat, 25 Sep 2021 11:00:53 GMT
fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/fb98b1ff8c843897229594d0871fe7639edf6d86.fe5608beb7219774760b.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 08:03:14 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
13459
server
Lego Server
age
47641
etag
W/"6127737e-3493"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1970994378739718848
accept-ranges
bytes
content-length
4584
expires
Sun, 26 Sep 2021 08:03:14 GMT
36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/36f18939174bdec1174e6e4232aca37f2ac87597.8c7201dca81875cd9bba.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
11819
server
Lego Server
age
0
etag
W/"6127737e-2e2b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
2088058128214722960
accept-ranges
bytes
content-length
3870
expires
Sat, 25 Sep 2021 11:00:53 GMT
8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
44 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/8ab386d58aa3a665f05cabdf9944d29ddc817c3f.0dad4ce0315027f9003e.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
210380
server
Lego Server
age
0
etag
W/"6127737e-335cc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
6226731662703822022
accept-ranges
bytes
content-length
44835
expires
Sat, 25 Sep 2021 11:00:53 GMT
0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/0015fcc910c18fad36b943eeeb66e44dbf6e9ef9.e873317aa70e511fdce3.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:09:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Thu, 26 Aug 2021 10:57:02 GMT
server
Lego Server
age
210
etag
W/"6127737e-4114"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
15974510730383142028
accept-ranges
bytes
content-length
4143
expires
Sat, 25 Sep 2021 11:06:03 GMT
ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
s.isanook.com/sr/0/_next/static/chunks/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sr/0/_next/static/chunks/ed625dc825875053e87b8bdde60bbaaa766bbef4.1c26ec41cba2d9195163.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/runtime/main-c4548a6c5259798ceb68.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 11:00:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-original-content-length
5823
server
Lego Server
age
335
etag
W/"6127737e-16bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
1541215107825427002
accept-ranges
bytes
content-length
2659
expires
Sat, 25 Sep 2021 11:00:53 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1819461917466331&correlator=1532438510449641&output=ldjh&impl=fif&eid=31062434%2C44749396%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cnative1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=257x240&prev_scp=category%3Dall&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630378665&dt=1630378665880&dlt=1630378663103&idt=1521&frm=20&biw=1600&bih=1200&oid=2&adxs=1088&adys=1797&adks=2915779359&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=257x0&msz=257x0&ga_vid=663412386.1630378664&ga_sid=1630378666&ga_hid=79632273&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4250a5d715c7b1d241076b9ca29f66d5fed35c68395d1c7f0be6662437eef3fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7954
x-xss-protection
0
google-lineitem-id
4748223303
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138239996151
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1209 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=70706
expires
Tue, 31 Aug 2021 22:36:11 GMT
date
Tue, 31 Aug 2021 02:57:45 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2199 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=70706
expires
Tue, 31 Aug 2021 22:36:11 GMT
date
Tue, 31 Aug 2021 02:57:45 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 71CC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=70706
expires
Tue, 31 Aug 2021 22:36:11 GMT
date
Tue, 31 Aug 2021 02:57:45 GMT
vary
Accept-Encoding
arj
tencentth-d.openx.net/w/1.0/ 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tencentth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.sanook.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=55d63054-9667-46c9-b9c0-8cb3e8dea808&nocache=1630378665893&aus=300x250%2C257x240%2C300x125&divIds=rgpt-reca-7&auid=542511420
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
ba6c7f9cfb8c2fe4d00038491b53c40fe52d17e59910c936779a23fa713d5d61

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.sanook.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:45 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7b6bdc3d-d68e-4275-97e7-eee8d75b9ef7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		376 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17864&site_id=385176&zone_id=2142876&size_id=15&rf=https%3A%2F%2Fwww.sanook.com%2F&tg_i.dfp_ad_unit_code=4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tg_i.pbadslot=4899711%2Fwww.sanook%2Fdesktop%2Fall%2Findexpage%2Freca&tk_flint=pbjs_lite_v4.33.0&x_source.tid=55d63054-9667-46c9-b9c0-8cb3e8dea808&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.22587588629476407
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5983d8d70fef3d5b1bd8f959351ee514557d58caf587777af8db3bc8844fc6c8

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:46 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
376
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.68.8 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-68-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sanook.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 31 Aug 2021 02:57:45 GMT
cygnus
htlb.casalemedia.com/ 		25 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=575406&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225230e9fa6407bf5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sanook.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.33.0%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2253627209bf4896a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22543693acc810ec8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22257x240%22%7D%2C%22banner%22%3A%7B%22w%22%3A257%2C%22h%22%3A240%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22551d6b04c672d28%22%2C%22ext%22%3A%7B%22siteID%22%3A%22575406%22%2C%22sid%22%3A%22300x125%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A125%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f0dbb7ca43641688ff6f07eb498ba9f69e6722a01b789fa2f33d9a5249618efb

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.sanook.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 02:57:45 GMT
hb
rtb-eu.andbeyond.media/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-eu.andbeyond.media/hb?zone=136922&v=1.5
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.78 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:46 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://www.sanook.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
events
bidder.criteo.com/csm/ 		0
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sanook.com
date
Tue, 31 Aug 2021 02:57:45 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
dc.js
avd.innity.net/lib/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/lib/dc.js
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/225/container_57b51f2f1c51b15b6d1e8553.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.92.43 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-92-43.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 01:29:24 GMT
Server
nginx/1.18.0
ETag
"5fa203f4-51a4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=712414
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6437
Expires
Wed, 08 Sep 2021 08:51:19 GMT
container_5f47736a47e7049801000002.js
avd.innity.net/261/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.net/261/container_5f47736a47e7049801000002.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.92.43 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-92-43.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 01:58:26 GMT
Server
nginx/1.18.0
ETag
"5f73e642-1eac-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=2244263
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2875
Expires
Sun, 26 Sep 2021 02:22:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=sanook.com&host=www.sanook.com&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CF80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyqgJ_ew830jpaVOHJMEMvzh8et_TiywryNkbpmSgy9uuyp5-oUZ4OuIGXtYiqyF3DgGbO2ZDGa5VyNslkyCKXHfJKl16_N8oMOayI95YUhuSTmziTJakvvw1HsY0syCNtC3wZ-AQwyfT1GGMxnVjhlE-_EOb1Esn1bthfazQUZWX1R77t1fQ3xyyNT68itwX7iM4wy1YCuTYNMzFSJgsYFyEOhay7XWl_JGz_Gt78YRmjLOfBnSKUp-jdKPhLARB4y18uqmcZPV9GPvz70Z9bX_MZtwa9qK95pdHqQbbZXu1-UztruOJ0FkFp-lnDD8eEQlBgBWzRUkxYB5OcGmGsmUNv-r0n&sig=Cg0ArKJSzDV01B2A7dc8EAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CF80 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:45 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322975956640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27566
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DCE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIVgT0RcQ6Ob6VdM7UhIgp1rnyjXi-o4EfID-0NIj_41iKQnDUdKPZmSin11340V99piZaThxw4tLub-Oeh_RuKwAYG7RIb0e6DXUcbURCHRtM-alXlQSDGeeKvaqNcfWIGwLvdGka-_mh1qGTNr1p3Uc3Y-PTOjHs3nnqzJ-lgN-pKxlOikyfUzxLDPDjFZG2DYOCuvXWcsPtFQsVFtOo9bzNR51w1Nm1zo-LGQyip6ACQgdjFNu7zke4OiXwMd4HPP3HSJsbI07bAC1XTLR-SQVMtx1qhHcQNEJ7dFqKf2dbeEF9WWa665sN4IxXff9oDUxssi6RYCK590axj6KH2hFd&sig=Cg0ArKJSzD4-Dw3V2i28EAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DCE1 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
899716bfc400834bce5f3eb44c40592045258adb4e2e2007ca29db21a9d3391e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"974 / 865 of 1000 / last-modified: 1630361820"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25577
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DCE1 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:45 GMT
o_1feb6638319uled95a81uu1e9cb.png
img-as.fsanook.com/files/uploads/ads/dfp/20210830/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-as.fsanook.com/files/uploads/ads/dfp/20210830/o_1feb6638319uled95a81uu1e9cb.png
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
10b0fce30e085e2132b1450112e66746b7910bf04d62908e3927d00f4953077b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
x-cache-lookup
Hit From Disktank3, Hit From Inner Cluster
last-modified
Mon, 30 Aug 2021 09:28:00 GMT
server
NWS_Oversea_AP
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
7de246a4-3a35-4707-8904-7a6a20adee92
accept-ranges
bytes
content-length
57363
expires
Thu, 30 Sep 2021 02:57:45 GMT
c
sal.isanook.com/sa/ 		35 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sal.isanook.com/sa/c?v=1&_v=j41&a=1595731818&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QAAAAAABC~&cid=1845398451.1630378666&tid=SA-8147095-6&cd4=0&cd8=b&z=1356936415
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.133.6 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
6.134.151.203.sta.inet.co.th
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:46 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35
Expires
Thu, 01 Jan 1970 00:00:01 GMT
2021-08-31.json
s.isanook.com/an/0/covid-19/static/data/thailand/daily/ 		40 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/an/0/covid-19/static/data/thailand/daily/2021-08-31.json?1630378665553
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
e60ac48927d19cd0d094b0cf8975002e16ff724daa8c4911d14e722a6cf61c1b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss
last-modified
Tue, 31 Aug 2021 02:45:00 GMT
server
Lego Server
age
0
etag
"612d97ac-a0e9"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
2687006054213004967
accept-ranges
bytes
expires
Thu, 30 Sep 2021 02:57:46 GMT
/
avd.innity.com/dc/cb/ 		59 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/dc/cb/?mt=_iampt._cbUC
Requested by
Host: avd.innity.net
URL: https://avd.innity.net/lib/dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
26bd871d831ffb51a378bc72b7d060f1097fa1cb699ad58e84f4f1e31e8c465e

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 02:57:46 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
application/javascript
Content-Length
79
Expires
Wed, 04 Aug 1985 12:59:00 GMT
hub.js
p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/ Frame 487F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/lib/hub.js
Requested by
Host: p3.isanook.com
URL: https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.91.55 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Lego Server /
Resource Hash
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e

Request headers

Referer
https://p3.isanook.com/jo/0/mu/evt/_cross_storage/ex/hub.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 18 Nov 2016 04:14:33 GMT
server
Lego Server
etag
"582e8029-1e6a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
7734057999258138369
accept-ranges
bytes
content-length
2483
pubads_impl_2021082701.js
securepubads.g.doubleclick.net/gpt/ Frame DCE1 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Aug 2021 15:07:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119397
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:45 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1209 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47436043&p=155976&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e80226245d66e241b8313f64e1aa60ed6cd0b224142e626d9afbbde80758b044

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:44 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
integrator.js
adservice.google.ch/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1819461917466331&correlator=2000907278749162&output=ldjh&impl=fif&eid=31062434%2C44749396%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Crecb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&prev_scp=category%3Dall&eri=1&cookie=ID%3D984c6d57bbf83d94%3AT%3D1630378665%3AS%3DALNI_Mb--uifLKFi__HZGYCmkE-kJZr_tw&bc=31&abxe=1&lmt=1630378666&dt=1630378666099&dlt=1630378663103&idt=1521&frm=20&biw=1600&bih=1200&oid=2&adxs=1045&adys=1463&adks=3963815495&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H-PgAKRsn7l_f6EbR3HYFiKPt72VF2OMCghQup03O_MR-2RttXA0qKVUw8asVrdXJ3BOzqPebqefIM75qhrXadAkuTYWNnCGZKuYCM6szwpogVXMaYrhw0%2CAGkb-H_IEqQdnOpyY5dk9TOGuPOt7bWZiwwhpjsrZDvCChdUEJwNxUfszmaCbegbZQ1h3mM1dIENa8I06V-_RXytax5VU4cYjyJSuKnIBJoW1CQ&ga_vid=663412386.1630378664&ga_sid=1630378666&ga_hid=79632273&ga_fc=false&fws=4&ohw=300&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d2f6fa607839754794318ead9b1a6680c0eb6904008a1eca281700aafe09c229
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8266
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1819461917466331&correlator=1782012823530582&output=ldjh&impl=fif&eid=31062434%2C44749396%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1130x250%7C1090x250%7C970x250%7C1x1&prev_scp=category%3Dall&eri=1&cookie=ID%3D984c6d57bbf83d94%3AT%3D1630378665%3AS%3DALNI_Mb--uifLKFi__HZGYCmkE-kJZr_tw&bc=31&abxe=1&lmt=1630378666&dt=1630378666109&dlt=1630378663103&idt=1521&frm=20&biw=1600&bih=1200&oid=2&adxs=255&adys=75&adks=397997913&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1090x-1&msz=1090x-1&psts=AGkb-H-PgAKRsn7l_f6EbR3HYFiKPt72VF2OMCghQup03O_MR-2RttXA0qKVUw8asVrdXJ3BOzqPebqefIM75qhrXadAkuTYWNnCGZKuYCM6szwpogVXMaYrhw0%2CAGkb-H_IEqQdnOpyY5dk9TOGuPOt7bWZiwwhpjsrZDvCChdUEJwNxUfszmaCbegbZQ1h3mM1dIENa8I06V-_RXytax5VU4cYjyJSuKnIBJoW1CQ&ga_vid=663412386.1630378664&ga_sid=1630378666&ga_hid=79632273&ga_fc=false&fws=4&ohw=1090&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d8f33d6c740d94ec1551930b3c80a059580e9187f8f34cbd400af64e8a3e7c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8272
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame 3DE3 		668 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
28bed26bca6f7b3086dbb2fa4de9654411a039ce2e7b163da3e3211e9b4d3651

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=116f5fb6-ad76-009b-21a6-d2495c216f3b|1630378665
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=116f5fb6-ad76-009b-21a6-d2495c216f3b|1630378665; Version=1; Expires=Wed, 31-Aug-2022 02:57:46 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630378666|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 02:57:46 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 02:57:46 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.html
eus.rubiconproject.com/ Frame 4C72 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.7.65 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-7-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhKa2thTZRUZWfOA1wr4D5O2rhQaqTCqCJieGkTxzCtT3GWjvGeUmnD2WgFA74oVwAuQddukl9VZaREB9KpwX7VvQxPcX9; ses57=; vis57=385176^1; ses15=; vis15=385176^1; khaos=KSZHD1XR-1V-63CY; audit=1|naVuGyos1qpE5E9Zt7xKWHp4/TMPY9Xw7TI8f3IMDXeS9DimUgOWq1nZjrHq0R7Zcpj76PKZXj/hk5WIOeCMzHFfTQMKoUsP
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Aug 2021 02:57:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A5A2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 02:57:46 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 080F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 01 Sep 2021 02:57:48 GMT
Date
Tue, 31 Aug 2021 02:57:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 661B 		668 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
28bed26bca6f7b3086dbb2fa4de9654411a039ce2e7b163da3e3211e9b4d3651

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=116f5fb6-ad76-009b-21a6-d2495c216f3b|1630378665
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=116f5fb6-ad76-009b-21a6-d2495c216f3b|1630378665; Version=1; Expires=Wed, 31-Aug-2022 02:57:46 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630378666|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 02:57:46 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 02:57:46 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pd
eu-u.openx.net/w/1.0/ Frame FA92 		668 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
28bed26bca6f7b3086dbb2fa4de9654411a039ce2e7b163da3e3211e9b4d3651

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=116f5fb6-ad76-009b-21a6-d2495c216f3b|1630378665
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=116f5fb6-ad76-009b-21a6-d2495c216f3b|1630378665; Version=1; Expires=Wed, 31-Aug-2022 02:57:46 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630378666|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 02:57:46 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 02:57:46 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ixmatch.html
js-sec.indexww.com/um/ Frame 8165 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 02:57:46 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 62D9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 02:57:46 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame E8F9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sanook.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 01 Sep 2021 02:57:48 GMT
Date
Tue, 31 Aug 2021 02:57:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
integrator.js
adservice.google.ch/adsid/ Frame DCE1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DCE1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sanook.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DCE1 		651 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4075307508800346&correlator=833756578578439&output=ldjh&impl=fif&eid=31062433%2C31062351%2C31062297%2C31062094&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=21863666334%2C55034_Sanook_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D984c6d57bbf83d94%3AT%3D1630378665%3AS%3DALNI_Mb--uifLKFi__HZGYCmkE-kJZr_tw&cdm=www.sanook.com&bc=31&abxe=1&lmt=1630378666&dt=1630378666161&dlt=1630378665931&idt=205&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1033481451&ucis=ukm3h7keapyv&ifi=1&ifk=2895095238&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&flash=0&nhd=1&url=https%3A%2F%2Fwww.sanook.com%2F&top=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=663412386.1630378664&ga_sid=1630378666&ga_hid=601946507&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2e584655c42356a89cf3ec1059cdd6ce82362711d2c016315e7ee86ddea8c672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45496
x-xss-protection
0
google-lineitem-id
5546075965
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138331849821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8e3da99a142afa20fbecdd994de0358e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9D8C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8e3da99a142afa20fbecdd994de0358e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8e3da99a142afa20fbecdd994de0358e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 02:57:46 GMT
expires
Wed, 31 Aug 2022 02:57:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame A227 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHuVC_HU6rrBJr79AKQlSUCiNomFiKG58JSXjO7FoZyCqlWLqwILIyEswJXt8xMT0BXtC9O0v7x6gCrYO2O3h4ksAHAPs-Zk34u9Wcni0E0s71MDeiZaN0zd0Brwu9mFg2B4zGi_Kp83DqYepBfkVoTzDLthW4G4H66HLA8oGgvRRKx7EssoqNp12gQ51yl5eRjrIFlQ0uy1N1p_W0UmXob3osTZWnCoa-3ozRdvQ7sE4LTpiJZZagAeXCn_2KPaIj8JG1_cFbcb1hGLaSuP2R25VpI3TlJkpaknj3ybB8HYhIf826punj7SpE03XqtXAkLKw0AfIS3oOhU72sw2px&sig=Cg0ArKJSzEoabkbFGwiBEAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A227 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:46 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1819461917466331&correlator=2687005711405947&output=ldjh&impl=fif&eid=31062434%2C44749396%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=4899711%2Cwww.sanook%2Cdesktop%2Call%2Cindexpage%2Creca&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C257x240%7C300x125&prev_scp=category%3Dall&eri=1&cookie=ID%3D496273f4843922a9%3AT%3D1630378665%3AS%3DALNI_MauOhjxV-Z9hJR174OVQvWt3BGByg&bc=31&abxe=1&lmt=1630378666&dt=1630378666194&dlt=1630378663103&idt=1521&frm=20&biw=1600&bih=1200&oid=2&adxs=1045&adys=924&adks=2300844004&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.sanook.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H-PgAKRsn7l_f6EbR3HYFiKPt72VF2OMCghQup03O_MR-2RttXA0qKVUw8asVrdXJ3BOzqPebqefIM75qhrXadAkuTYWNnCGZKuYCM6szwpogVXMaYrhw0%2CAGkb-H_IEqQdnOpyY5dk9TOGuPOt7bWZiwwhpjsrZDvCChdUEJwNxUfszmaCbegbZQ1h3mM1dIENa8I06V-_RXytax5VU4cYjyJSuKnIBJoW1CQ%2CAGkb-H_0-dcGFa9K9jBiYRYIHMIpoMUSXJ25lv1o8LYtSMRHXCyJK25hwQWQXuO5Gg4gHhqHVzsigdRFVoQjC93fugmzosKa5XlYKZBVxc9yfSw&ga_vid=663412386.1630378664&ga_sid=1630378666&ga_hid=79632273&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
fac1513b7ed40bbc59f0102c2164689e1ff7ce4505d94f74c4b55b9613b1e4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8486
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame CF80 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40fa175491776aaf45eb26574cdb34ca6432219dab4d20fe5b3ec93577acda26

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame CF80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKVM9B2mU4duO2ScpSQyPOKumN36aPpK7vRxi6V9v5tralq8KDZRPT9NwmBNrEYBKn5lh4BeifcKXhfOnkZT8O1lQSRlxlHN14JSL7odSTrGNzdCrBSuTY3ciQp-xbTqKL1Ws1tRN9OZaGd8bLLAQ1euzj5gNQzPqs3gOdYBH1JixrBthhFmWSDQljjb-DAfKvygVQQS0CJOF2HX3yTmpIhkHRuQBDazzDWYJLZ8sDoMub9oRyCR1AxBq4nkywYE5-ksgf_GWJURFeRD1M7YU7DukXS87I-fyrgphNZRp0sb3LLQR4IdWBCicDJEMEPgoSCETGqGMa9va_DoKm1BaUGTR3Uovn0M0&sig=Cg0ArKJSzG2fJJvuqx8ZEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:57:46 GMT
173345.js
code.nytive.com/data/ Frame A227 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.nytive.com/data/173345.js?async=1&div=DIV_NTV_173345_686&t=0.5243642164258158
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
0e2562b7d649b68d058c075e9b1c9cd4b9b33423967df4ac57d9e28197175f81

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
server
nginx
allow
GET, POST, HEAD, OPTIONS
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
access-control-max-age
1728000
access-control-allow-credentials
true
content-type
application/x-javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
4242
match
c1.adform.net/serving/cookie/ Frame C340
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=79968A7D-5DEF-4C78-857F-772F74FDDBD2
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=79968A7D-5DEF-4C78-857F-772F74FDDBD2
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=79968A7D-5DEF-4C78-857F-772F74FDDBD2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=79968A7D-5DEF-4C78-857F-772F74FDDBD2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:57:46 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=4931868668745641719; expires=Sat, 30 Oct 2021 02:57:46 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 31 Aug 2021 02:57:46 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=79968A7D-5DEF-4C78-857F-772F74FDDBD2
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 30 Sep 2021 02:57:46 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2E87
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2599667307121001504
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2599667307121001504
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2599667307121001504
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:57:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-2599667307121001504; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:57:46 GMT; path=/ PugT=1630378666; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:57:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:57:46 GMT; path=/
x-lat
lhrpug005:0:411
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2599667307121001504
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 46A2 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Tue, 31 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1437
date
Tue, 31 Aug 2021 02:57:45 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame EB77
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423050569578648
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423050569578648
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423050569578648
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=79968A7D-5DEF-4C78-857F-772F74FDDBD2; chkChromeAb67Sec=1; DPSync3=1631577600%3A201_197_219%7C1630454400%3A174; SyncRTB3=1631664000%3A35%7C1631577600%3A71_21_161_56_22_220_13_54_81_3_8_55_166_7%7C1632960000%3A203%7C1630972800%3A2_15_223%7C1631232000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:57:46 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7002423050569578648; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:57:46 GMT; path=/ PugT=1630378666; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:57:46 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:57:46 GMT; path=/
x-lat
lhrpug014:0:339
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 31 Aug 2021 02:57:46 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7002423050569578648; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7002423050569578648
Pug
image2.pubmatic.com/AdServer/ Frame E9AB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFQjUwN0NXelVBQUJfMjEzNUdKdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFQjUwN0NXelVBQUJfMjEzNUdKdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEB507CWzUAAB_2135GJw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3789399836749246788
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEB507CWzUAAB_2135GJw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3789399836749246788%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=3789399836749246788&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEB507CWzUAAB_2135GJw&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEB507CWzUAAB_2135GJw
42 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEB507CWzUAAB_2135GJw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEB507CWzUAAB_2135GJw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_80=22987-CAESEGn0YHfCJPJecDfp-Ap6yqs&KRTB&16514-CAESEGn0YHfCJPJecDfp-Ap6yqs&KRTB&23025-CAESEGn0YHfCJPJecDfp-Ap6yqs; PUBMDCID=3; KRTBCOOKIE_1101=23040-7002423050569578648; KRTBCOOKIE_336=5844-2599667307121001504; KRTBCOOKIE_27=16735-uid:2405612d-9aaa-4800-8c42-afe043b205d9&KRTB&16736-uid:2405612d-9aaa-4800-8c42-afe043b205d9&KRTB&23019-uid:2405612d-9aaa-4800-8c42-afe043b205d9&KRTB&23114-uid:2405612d-9aaa-4800-8c42-afe043b205d9; KRTBCOOKIE_57=22776-4906231371083910880; KRTBCOOKIE_391=22924-4931868668745641719&KRTB&23263-4931868668745641719; KRTBCOOKIE_218=22978-YS2aqgAET9oobQA4&KRTB&23194-YS2aqgAET9oobQA4&KRTB&23209-YS2aqgAET9oobQA4&KRTB&23244-YS2aqgAET9oobQA4; KRTBCOOKIE_153=19420-BqAoYgnwe2QdoS1kBfU3P1SgKjUdqSpkU6Xn0UWg&KRTB&22979-BqAoYgnwe2QdoS1kBfU3P1SgKjUdqSpkU6Xn0UWg; PugT=1630378667
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 02:57:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AAEB507CWzUAAB_2135GJw; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:57:51 GMT; path=/ PugT=1630378671; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 02:57:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 02:57:51 GMT; path=/
x-lat
lhrpug018:0:402
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 31 Aug 2021 02:57:48 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEB507CWzUAAB_2135GJw
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1209
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eZaKfV3vTHiFf3cvdP3b0g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=78796
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 01 Sep 2021 00:51:02 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9af6612d-9aaa-4c00-8e24-3ecdc7594c9e
0
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9af6612d-9aaa-4c00-8e24-3ecdc7594c9e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 02:57:45 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9af6612d-9aaa-4c00-8e24-3ecdc7594c9e
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:57:44 GMT
mw
mwzeom.zeotap.com/ Frame 1209
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=79968A7D-5DEF-4C78-857F-772F74FDDBD2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=9663856f-13be-48e5-beb8-cdcfb4d2aed2&icm
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=bb209183e0376a40857f0575835bae58
  • https://spl.zeotap.com/?zdid=1332&zcluid=2b89ad34cf5319e4
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c7b2d33b-af6d-4e04-7926-45109a67d244&reqId=5c235c31-eb3b-463b-7a00-42c28b0ed5ea&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEN2Vcm78pn-mItrkXLhhEGI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c7b2d33b-af6d-4e04-7926-45109a67d244&reqId=5c235c31-eb3b-463b-7a00-42c...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEN2Vcm78pn-mItrkXLhhEGI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c7b2d33b-af6d-4e04-7926-45109a67d244&reqId=5c235c31-eb3b-463b-7a00-42c28b0ed5ea&zcluid=2b89ad34cf5319e4&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6872fe52ab815c14-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEN2Vcm78pn-mItrkXLhhEGI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c7b2d33b-af6d-4e04-7926-45109a67d244&reqId=5c235c31-eb3b-463b-7a00-42c28b0ed5ea&zcluid=2b89ad34cf5319e4&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Nzk5NjhBN0QtNURFRi00Qzc4LTg1N0YtNzcyRjc0RkREQkQy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:425
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGn0YHfCJPJecDfp-Ap6yqs&google_cver=1
42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGn0YHfCJPJecDfp-Ap6yqs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:397
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGn0YHfCJPJecDfp-Ap6yqs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1209 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 30 Aug 2021 02:57:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4931868668745641719
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4931868668745641719
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:439
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4931868668745641719
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2405612d-9aaa-4800-8c42-afe043b205d9&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2405612d-9aaa-4800-8c42-afe043b205d9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:397
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 02:57:45 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:2405612d-9aaa-4800-8c42-afe043b205d9&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:57:44 GMT
generic
match.adsrvr.org/track/cmb/ Frame 1209
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
211
Pug
image2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4906231371083910880&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4906231371083910880&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:314
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:46 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5981e281-4be4-4b12-b375-1eedd3254e68
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4906231371083910880&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=79968A7D-5DEF-4C78-857F-772F74FDDBD2&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=79968A7D-5DEF-4C78-857F-772F74FDDBD2&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mCP4yxZE2uW2DOr0BxpQ6.nHPBXRUPg-~A&gdpr=0&gdpr_consent=
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mCP4yxZE2uW2DOr0BxpQ6.nHPBXRUPg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 02:57:49 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mCP4yxZE2uW2DOr0BxpQ6.nHPBXRUPg-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
79968A7D-5DEF-4C78-857F-772F74FDDBD2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1209 		43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/79968A7D-5DEF-4C78-857F-772F74FDDBD2?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BqAoYgnwe2QdoS1kBfU3P1SgKjUdqSpkU6Xn0UWg
42 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BqAoYgnwe2QdoS1kBfU3P1SgKjUdqSpkU6Xn0UWg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:431
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BqAoYgnwe2QdoS1kBfU3P1SgKjUdqSpkU6Xn0UWg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=38d2ac4e-f67e-4e24-90db-79b4590d5930
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=38d2ac4e-f67e-4e24-90db-79b4590d5930
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=3a26446b-14bf-4eee-99be-e6f59761b41e&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=38d2ac4e-f67e-4e24-90db-79b4590d5930&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=38d2ac4e-f67e-4e24-90db-79b4590d5930&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:450
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=38d2ac4e-f67e-4e24-90db-79b4590d5930&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 31 Aug 2021 02:57:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2587956745768064457&gdpr=0&gdpr_consent=&us_privacy=
1 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2587956745768064457&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:49 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:416
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2587956745768064457&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS2aqgAET9oobQA4&gdpr=0&gdpr_consent=&_test=YS2aqgAET9oobQA4
1 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS2aqgAET9oobQA4&gdpr=0&gdpr_consent=&_test=YS2aqgAET9oobQA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:495
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1630378667.915183,VS0,VE0
x-served-by
cache-fra19167-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS2aqgAET9oobQA4&gdpr=0&gdpr_consent=&_test=YS2aqgAET9oobQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1209 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=79968A7D-5DEF-4C78-857F-772F74FDDBD2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=7106cd6f-7823-4339-a7b3-fe61ab32d230-612d9aab-4348&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=7106cd6f-7823-4339-a7b3-fe61ab32d230-612d9aab-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:433
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=7106cd6f-7823-4339-a7b3-fe61ab32d230-612d9aab-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1209
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b068359d-d711-46a6-9409-e547ba507215&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b068359d-d711-46a6-9409-e547ba507215&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:422
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b068359d-d711-46a6-9409-e547ba507215&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 31 Aug 2021 02:57:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sd
eu-u.openx.net/w/1.0/ Frame 3DE3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ab59612d-9aaa-4000-b780-7d364beb06b4
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=ab59612d-9aaa-4000-b780-7d364beb06b4
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=ab59612d-9aaa-4000-b780-7d364beb06b4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=ab59612d-9aaa-4000-b780-7d364beb06b4
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame 3DE3
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HI_z5xPfoOEHjvbhHojstU-IorsHiaThH4lKCw4k
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HI_z5xPfoOEHjvbhHojstU-IorsHiaThH4lKCw4k
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=HI_z5xPfoOEHjvbhHojstU-IorsHiaThH4lKCw4k
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 3DE3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 3DE3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c2c360ef-04f1-3f6c-7b70-1aa138065cc6&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3DE3 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWVhY2IzMjUtY2Q4Ni02MWM4LTZlOTAtNDAxOGYyZTQ5MmE2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3DE3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A227 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcfe0ebd574786d0d0a01eac1c12a0561382486b8cc8777790f94361c3019ba3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
sd
eu-u.openx.net/w/1.0/ Frame FA92
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c7bf612d-9aaa-4800-a572-e622d7ff8605
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c7bf612d-9aaa-4800-a572-e622d7ff8605
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 02:57:46 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c7bf612d-9aaa-4800-a572-e622d7ff8605
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:57:45 GMT
sd
us-u.openx.net/w/1.0/ Frame FA92
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EYGx_R7R4vsKgLT6EoGuqxeEtP0K0uaoF9EG0gAR
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EYGx_R7R4vsKgLT6EoGuqxeEtP0K0uaoF9EG0gAR
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EYGx_R7R4vsKgLT6EoGuqxeEtP0K0uaoF9EG0gAR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FA92
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame FA92 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c2c360ef-04f1-3f6c-7b70-1aa138065cc6&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FA92 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWVhY2IzMjUtY2Q4Ni02MWM4LTZlOTAtNDAxOGYyZTQ5MmE2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FA92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 661B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 02:57:46 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:57:45 GMT
sd
us-u.openx.net/w/1.0/ Frame 661B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=MBqXnT9KxJsrG5KbM0iInT8cl5grHpWcYE2_-h0s
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=MBqXnT9KxJsrG5KbM0iInT8cl5grHpWcYE2_-h0s
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=MBqXnT9KxJsrG5KbM0iInT8cl5grHpWcYE2_-h0s
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 661B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4931868668745641719
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 661B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c2c360ef-04f1-3f6c-7b70-1aa138065cc6&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 661B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWVhY2IzMjUtY2Q4Ni02MWM4LTZlOTAtNDAxOGYyZTQ5MmE2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 661B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=37e95722-5599-4708-ac2b-c16016d6597d&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwoyJSDf4Tkl4pk_DBx3xY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4C72 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.7.65 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-7-65.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
62a73f1956665bbc0abb8d399d9f1e16ba4a0b6a9a98526c1cbf7f7d0ae7d388

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=54359
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9357
Expires
Tue, 31 Aug 2021 18:03:48 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 93E3 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf7a570e79e856bc6758142010ebf9a1574788828a4e61baf0d55a8ce7e7d823

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YS2aqZW4.eyrdVARZEnt.gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|41|90|40|218
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1637
Expires
Tue, 31 Aug 2021 02:57:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2aqZW4.eyrdVARZEnt.gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:57:48 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:57:48 GMT CMPRO=1175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:57:48 GMT CMST=YS2arGEtmqwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 02:57:48 GMT CMRUM3=2d612d9aac05a0&29612d9aac05a0&f1612d9aac05a0&e6612d9aac2760&5a612d9aac05a0&27612d9aac0b40&da612d9aac2760&28612d9aac05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:57:48 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame CEC5 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d04f1633ccda8b6ae69614d710c26496ba47bd5d475c5b002a4c96c6c0c1cf18

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YS2aqZW4.eyrdVARZEnt.gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|230|39|156|152|65|3
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1645
Expires
Tue, 31 Aug 2021 02:57:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2aqZW4.eyrdVARZEnt.gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:57:48 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:57:48 GMT CMPRO=1175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:57:48 GMT CMST=YS2arGEtmqwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 02:57:48 GMT CMRUM3=9c612d9aac05a00&98612d9aac05a00&e6612d9aac2760&03612d9aac05a0&27612d9aac0b40&2d612d9aac05a0&f1612d9aac05a0&41612d9aac05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:57:48 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 80DF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
021dc856412f5a7b910ef0137fb3261caf88fb2689ee62b23842aff63204c133

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YS2aqZW4.eyrdVARZEnt.gAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|241|230|47|4|195|8
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1666
Expires
Tue, 31 Aug 2021 02:57:48 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
Connection
keep-alive
Set-Cookie
CMID=YS2aqZW4.eyrdVARZEnt.gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:57:48 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:57:48 GMT CMPRO=1175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 02:57:48 GMT CMST=YS2arGEtmqwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 02:57:48 GMT CMRUM3=c3612d9aac05a00&2f612d9aac05a0&08612d9aac05a00&f1612d9aac05a0&2d612d9aac05a0&27612d9aac0b40&04612d9aac05a0&e6612d9aac2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 02:57:48 GMT
async_usersync
ib.adnxs.com/ Frame 080F 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:46 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c9948d23-e145-4fce-a66d-0ce1486641f2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E8F9 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:46 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
01157e53-c323-4017-9f3b-7906c923c33e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 598E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 02:57:45 GMT
expires
Wed, 31 Aug 2022 02:57:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 204E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 02:57:45 GMT
expires
Wed, 31 Aug 2022 02:57:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C101 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 02:57:45 GMT
expires
Wed, 31 Aug 2022 02:57:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
617.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/617.json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.200 , France, ASN16276 (OVH, FR),
Reverse DNS
p11.id5-sync.com
Software
/
Resource Hash
2c79f136100e03e374abca6bf96bc12d475dd26b8fa5ba73503ed84b2afbbc27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Tue, 31 Aug 2021 02:57:46 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		77 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cd744f73b46242eef6859bc8dd539ad558f38d87d2dd695e22815f4b4b3fa847

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache
x-server
10.45.4.108
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ 		108 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
b9537dcc795dc796d08d19db5335b17122817000e4ec7cc463f944a59176ec3b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 30 Sep 2021 02:57:46 GMT
d
dc.sanook.com/sanookStat/userActBinary/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dc.sanook.com/sanookStat/userActBinary/d?v=1&_v=j41&a=1595731818&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanook.com%2F&ul=en-us&de=UTF-8&dt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cd4=0&cd22=firstpage&cd23=indexpage&_gid=undefined&_u=AAAAAEABC~&cid=undefined&tid=DC-8147095-6&z=28514868
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.151.130.71 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
71.130.151.203.sta.inet.co.th
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 31 Aug 2021 02:57:48 GMT
X-Powered-By
ARR/3.0
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2758 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste0omaaYhq1hJzQD4eGyKFuCcfmfl3AyDskYCG4QjSWMkoZITRXIGX00I28ZBiOiYvA5qN2r0pzbWbJykv_nkAs4uyLYNp5LZRPkrJX19uNRc_fGcfODogtPFrPsb2ydzm0ce-mlrgTbsB3A464Di8xJUovbQsTkJeBEG24qO6GNYOQC5zVwD9j85Cx-_N4_wQIWuU0TcW7kTui9UjI1AWyUJZ0mOyDJM3UB3nCOcEejcH269y-67Dtr_Nk5hSRD_nZ8zkf27yH55jygfXkSYPzDdulgIq7gMF07h6o-QacHyEZcE3df0ZKjiBhiY7&sig=Cg0ArKJSzALxmUod6f70EAE&urlfix=1&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:57:46 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 2758 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:28:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Aug 2022 14:28:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2758 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:46 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame DCE1 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322975956640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27566
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:46 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 036E 		478 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYyZKKrgEwAQ&v=APEucNVd8BL6XHI6WYFxz01wxbHxq21ieoNvj5wSjcxfIs1q7aQDBdSOWu1F0yZnCjEEr__c9kJEE4jTs7ayBG9DJI4hKZdh5w
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLOokgEQt6j7zAIYyZKKrgEwAQ&v=APEucNVd8BL6XHI6WYFxz01wxbHxq21ieoNvj5wSjcxfIs1q7aQDBdSOWu1F0yZnCjEEr__c9kJEE4jTs7ayBG9DJI4hKZdh5w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnYJtG-aXXEuguX2IsBDxSrmApQdgwzo5k-Y47yqLji5Yfr4OSQ4D3SHDtBWp0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 31 Aug 2021 02:57:46 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 598E 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxYl8TNLW1u7hlasiLrquHjAEON0eIKaEXRf5ZmLkOVmsYNn-MxVCjMAyMJlauvt34dWR_GTR6UXmEJ_KM6bK5neR29rx2zdiYFIEG_kKVt0ffa_hFIdrvcClZLWOISSCstqiguM3vooF57JEheV1FOTsL5Q&dbm_d=AKAmf-BTV5GHXxcL_MyqTDrJeiQa3KfYdrtREyy-mF6zYsikrxEnuvCimIlYiqFk7nydwirTMZhSH0VzoPuqrR_1MYxCVzElP1Xa5ySVoKFE3zot4Hzrxpzu3cVr1lHdYCP8kdJpq-MRk98hyP7mF73ndX8AGNev-dPTY3k6w-q-88xSwtZ6q2hS_u0Ub-qdswDN3XxXnnn1Jp7rhlqRtZ_rS1CxH6qVleq-i42dsEJizlVakf_DOTKVGWoLShyMSK5M9_yY1tDFbzelOwlsh_J_kltWyh74ZfKIhzVhjobces_wm1368Rkxf8axU9CIz03VZgB047tpmCiHgRWfBIW4k0nhnXX8sFQxw6AiN6E8_B4bTw6IbXPi0v2fHV6av_0iEpBXOVmr3d3XAHYH7vHV8vpdAXFIYxFLnB3nSDbKMraqxCf1x6Xjcxtypckn6pUKvjMXa7ziZMwvdxRcE5vjLQm2gsPrzzghm-k5xos3NPPOBJm20huqgJh8Tw5no71nRgE0vbQrcvhn1pG7F3VeMLvGbgibZeEqg4irUCZaHcm9rHy5-O9FP84BqEV8OrHlmbxqJvQ-7omlSWby4yTWeT1luIzNe8s2gF4SuNxB1850LKtpBonPeWEazvoDjkeuDQKKVrG7N9f6mD86-RQ0C0D51XDoyuQTU7eSjrB1fDuO_tDS4t1dmfsWiZGtLoK2pwxKqBhwfB_VmgmjmrGwPf3L7uCJ_Mmh__RGLdIVUxJajoLql1A0mnbveT_H3xcBKZtGryZz8FT10jvEYKvTEbgRBmlmIj6S5iiw7R0HJHOmwfcSWySI0yHi6n-GkXrlNG8GK1i-AYiCvn9fqWhQIpSBJemBGdrc7GfIi2qgqU73Q7EU_14qbak7akArZniZEmlQtqNQm9lL9Ad2-izPPi_CHkLqXCJqRvCn2mmGbegx65wzehq1-iBN8Xfd16CLnY859NTSqYQD_ej-oj58tD8erLAD294urujUTjZkBo1PzcQvGou_ng97ladwm5Eh8JL7hoie3lSxYq3j3NHr3A1Oc5QboSflc70gYoCHu04XWgzcK--N5sFePtGq6vxr029-XkEaLJ1h70ZXDOISQikf3SL2UpphoIcFTj22_xRxL60uPn5Po0lMJAiLtaX3og_5CUEL0ObtfK214eTfSyoRfRL4Jy_BTLpsc1WSWRVvTCs9Rh_zTkxtNu43QIQYl2wjMhNdoe4obhIVyW-NJNdn3Tp5sdqFzjRcLgOKcE_L2PNotZaqyC57pmi3HJ9ItX_Pojd5i26CE3lUjW7We2GI7aflg0h72ifbxC76tmaVKhROaxSbDyku3n-8d33Izq9LojPeIjcnmcy3a4GXz5jj3ST2aDMurIWWmbbUndXGMKYBUrdcMLoiuSqpMXBKy-Kz3Gyq5x3utLlfy7b-zSnbIHDs1d5jYTVsOCiCt-1u0HYK6qPyE2pBauhyab8so-qLv7Z2furBPoSVGjz6zfQ-D0AS9z9xFfDQ1rUEeIElYD8pjU2nYPsoBXLoc7Jb9W6oH1N6EOHToIR2Ofc4dW0uGjH_hx1wS52itDcaeReCX7BXhzPi0MQ4GpWK_8olvbi-OyEsz81nOE7eHjm2iVQthkUWXBGNBTiN3jnZtnbCgYKm0uWUpHnJIvTIUxgCncGneSzezUT12sZ1RyDX520li1X7TD09fy9sUPRGQQvc7kHZVChA7-VdRRL7thDoRCM-mXaKjYDP2Dq5ezxObJ_9DRrAidMioYveAZsBWNfOYpqDK6ScmIK7YR9qPu_j8HDjpcpaBMtuE0NrKHwq2qkH9VBXoX4Rr7AsL98HtHgb5PYriY74hQCGd6T5sJPtMncSzViiGNjjo8oDjhvMqaPYQnL-FZck_t8uJXOkhcr5Tlogwjhh1ULPtMpV1ldfN2HAANq4T5vkSA7nSrHrt9DVGGXG6NDgGA2InczcQ5RFeTz57Cue_VR3ynadwjvTH5xmdyFksxAKe-gyIyE0Nk68Mh0pW6qAgKCqVGrMK6Iu4p9De-IGlTuUIs-qL3Qcw1mucAQx6AtAATvt4v6szhJp541xU2Yf-pLzWuElx3gpHDylBLILli14JD5wPRB_DO7UvtkjmU2R7HYDLlMRHZKc0x4h3Yi_SdFZ9OMBaRlsv5RozIDFtq5w5U1w53Ds4S94M2K6I9Cx89YfbAYVuCGXUINdgEehVDw9rqK_q-fWy5VeZMLl15dVlun-167-E_2_NkJYFjanbLJSG8Quq2Oub48lqRcKLTFwc14TWn1D5R5rwlJ8e3LbYhdQt565rEXN5HBFhnRzcSvIWYxCA6OWO_GwdSHqOwD3yY2oT9-TFwd9iAy8oixSbAhM8S22MDn_dH3cVaYAD_a2k5t21jPWvepKvU4T0ZuRmjMp-TC_TIf3EGQ80jv88WSg1zoUckO6XGGNKUZIet9EXKjBpskZtevgnA6dzl8wW5hFfu1YC6Ywu7cc4PjWY53CDmLlEGSRbB0wOdn30JDXv7x3_XILZe2P6W0VeF1BVjC3A8Ki17P6LQusbg8PG4yd8Lum8x5PNbiJTu7-8Qgk_z-hs8v6xQZxwDgprGUoxagVPHR2fta_XGAC5zODHSoHb57ZIeUStRCFPkQig0MWhrRCdbOcWiWYYkqOxXBCxlr9aciGwsqoXZ9Lpr-_Rs4p7bjKfi84TYXuWe9Gc3kNe9vopT8cyUI8C3i0T5SW_QW808QkKZ82FtpwjTtatKu0WCyoZIcXKc_2nfbt3IFinAlMD1wWUL2GVIRmRvH3z_c6Jo61d9FEIGtuWkfowTQ4-ktuPKVmLY6t86-SgeHUuaum59Nh5qJCCUGAzeli-p8gIBp4Ap5xpzeeOwEJZQWHeyt9IghigAWv6Lm_mksVKuwfOo5nJ4NA0mFSMU9BcB0m4nS4g5xNlCV8Bqu45uxqSJWtY4Zvct2Kb70NAd3hJ4fhf1DwqdsNRw&cid=CAASEuRo5UlGrQq2jzjXImu1ihLzfg&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92c943740882d5358be2d836a205ffcf75b8886b0e17fd33356be6d5712d9f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 598E 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChEkSia1G_rXgiUGUIPmfU8EnQm8kUPWs4ggmlToYl1xyek8Icqnx3ZHE5u9NOF8XwF-DnbSdkzThMfTrjHADmSTnsJsANzmYFOdQR4qBA1jXPpXE
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 598E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:17:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 598E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 598E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:53:19 GMT
l
www.google.com/ads/measurement/ Frame 598E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbuUQVQbXx_3u39pZ3xMwAD2rmBt7w1T6Tg46iwySJ-pSquPHye2G_JukgyJSAZzuQ4cVXVaTqLoT8iJROr-d9ZWT7uw
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4C42 		478 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYrKSKrgEwAQ&v=APEucNXFBVl8IeImmnIFCLLBGvRgVX7jY01YDXmYDrzbjCwodS0srXqyqpU5pdDdmMAMlPsCwiqAMnoLpDdQELeCjcmKxK5oGw
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLOokgEQt6j7zAIYrKSKrgEwAQ&v=APEucNXFBVl8IeImmnIFCLLBGvRgVX7jY01YDXmYDrzbjCwodS0srXqyqpU5pdDdmMAMlPsCwiqAMnoLpDdQELeCjcmKxK5oGw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkNXIALYmat58-Jsz8GVGtoI5mjHNHmgsMAEQ-dFv6OnrzLRB2BD3mSplFMw8w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 31 Aug 2021 02:57:46 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 204E 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsHmCLm2o1xAU8KJ7ZMIxv4po4UYeGqtcmKqSrnmUExnZG6MMo6_bldMuDAe1WscAjzYwqTUrniFNJn0NGrMvvcvzMSl_YfDxAkH9UfGaAAQwCrIT10FwO95U5ipvt63ku89w-0mE4RFuiDjk_sVr6ywU9WQ&dbm_d=AKAmf-CVV4esjO2yVhhQWYoC81qX1Kik6Zac10PSe11T-z3fB5NNktKoo-z6jjgbONmpicAkA3423AF0Oo-E6OEZrI3rao7ExLGsmY04JMKx19qE9d-0VSvqZZmdVZV9EMec56TVhm6Iyp7C0_KP7ruduX9-r99w0hI-znP1Za2hRpgzucp4EWKAkCNQLI3vrtwSSs01WcAZKT10CMDDiNp2IYoK2NNh1aahPmMHhusvDb6ggM1wUYk5HTlmtBZxWXOEaP2GzhtKRXRSt6fkHcdd58noajTHH33ST0bM7q0iNaBB3AhXgxI58jNyF8FPIl0iMU80EmRHRsqiZG-x1Bs-pvWrZkqF37oRjbUadfvahw6v1q5FOpbBCi8CSWbvZgTJPehLx0xnLZnK-smCtxoCvw-3zs6CD0_5-xlgDDDvMVxpx1O_V3dbhFT6T5Pk4VKIC1RY-bGi0J2OaVxsQa1LIqomAfCuL10_mr7JJ-mYU0x2QL4WS7vAVMT2d3SeJcSXCSoJsVA2em_ATVkCMxfJQ_hFntihqpTzxDXrzXfWCY4_qw49T6nOEOn4Tv8o3BwoHPPJlIyG7zOVc_31pTEs_wjBoJ4eL0ABLIiiMsdx13E2HimpT3fi6dktbV_rixqzs1wAtD6McLsULaDWgDrKAwIDhai-YtSUKorg4_DzoI69WZS7uXqJEMIkvgr_Ecq_btcerj55JO_TbL0MlWD4TubeSabDaw7OZ6JdZeG_wVZm2zHdukJqonCj1_INTpQE84RkdjWqKpNtC4ECzBhw0kzodRLEgNkbe1GAF-p6NQSBt7CiYtpa4gLD5mWYdf3G8BSP0utbMU76K96M5aGJ4pvuQ0w8TGwEFx8D1eCVZp1TuTx8DXpua3H3O870cCvzFg4dPHIBujTI6mlx_Jew7sa7yAdDKP8xv2uv7zs7VKN75aUfvPC6btFdvL6rYCd6EH9MUHjJ_KLpRnOwlSrLt4JlXpbO7SyKOSEmVOOLpt5UwDpDJECnn47iXCxAqHEdEQ9WWpM5Q9XuyY4rTFeU5ko3Nm0iVrTJgLrfEYUSOZgCdUv5QzHPuyn1Yr2G-v-h2QLigTjOpLuVIH_naeO5wGWE6-yXZcB0biBONc-460-xhFFuHcKNkimoe1FGgZ7JN7gTmM9Pb04BoSOObtFGg5axpXpGA5VV2W4CRy83nR3g0FAYy3uDMPDCFPp61U3tPf2Y8ygxSExD4V9LA67dq5nQcgkbXYFUJ7CgFrCqcmc-zm2aILTQiUrengX-WLGZXjcUnl6Aql45KrY1zwIiKeJ-7AvdhP2ywrxPcaNnhIASk-jHy8zBqDJrxsIE847_kcR1U5qY9qIbJUbbJgmCZAKDE-9rkC5yHiImU0t9HrCgUHKRshLtBDuJBl6iRB0EZtIFi6J4kMqw5izqksNutXNRkbylCXC8CepEwu4jrCIgFmn2q50yEGfftdbgbBaZHgLK1Vhbf9HD4abl4P7v1JuFP78Jy_WkOEX9EJF3ivorTy9dDvAGKodz_9SneFD5hZ6OFnPm7Vd0gJS5K-Nbdy8mDvhdqYwjKhE9CHieJYcS_fPkdVSO4hAnXlUcH70Bo4MddlXB7wsVaFkO6uji9Y_zyOjjknkuKPxL0ReZWpt5DKLmZWwO9rS__lXEBjYrg9kFxj-9TsPxTCH16VWPyHJXhbpXiNNhpguYcMGftfZylpzFNtRCz5igzOtWLwD6VYkKvBF6DySVuduErFbO7tuFMtQF4dTbknu2eTgev6-Y9ZuGedCxISxl0Xvf1W3eHc40jfr1TxhpLn9eI3LcBQzuEkFRuDG1m5izyZUajwvvQ4c1onHZ65gibxY3u5xwFBJVluzpp42Ii7pD5hgtI8V9h3BGfugAzmsZo41JE7-y6Br17sbzruFr4Sp5t1xpQwTIullUCvxUg7ZUg1bnReKV5gYZA6GiKjMOLux70FK6wwUGoHrgp4i04dZiCh3A3RFATEsM_mqzE2fSGFhF6CyVbSPEWBUThNBEIGTGN3ES6hBGDYwP5zP1fYwuIthEyJUSWLPL9LEUvycg7UBTc7UIt8ejjvmT-_R672KIbTk8oOmJbepqRimAM7Fgte6jTjn1hxX1oanBHlMWVNlH4WhIsTlffV0De1wYju-4G0oEKlqGLAqh4qNJuFsiz_DaDTw7CFh6RmwSKpJoT7KLuVnbAHMY8Xyq2VO_fWvbHtYzrlZ8dP1c9smN0xflMywhEkDYO980Zk9rNnxDgGT3PMxkDzlDxyjwsANw3i4wHTnIcwDnqzCcVdkdiBUtqlb2m_jfs6b4jRlZK4WtRrSD1Rm12gDWNzkLKN_Iq710obA5uvMecO4jw7Hv3WljjtsBnUvo0kKTRYzTTSagtbOwAYFJX1IhmoN_QBU3ETCV3X4sGmP05I1TTlSvhFzYh2SFG1Z6IIYq5RmyR7xr4WfOgR_lJGSPFAfJQ5XLouiWw6dr9ckCfzoX2o8_qGFxht5LgWvm5SdBHq666Vae40QHVbyaaDgtiZ8BAvyogikJXgD3XDUPSfNGM7CTwVSYpicx6cLU_frqwvPAn3Y1rDMi7I5L0xSmLbAvpx_rv-51RwPKVupz11r14x7OuV4LwuJXr0svwjG1OZeMrjYskKDF0Vp5I1zSCoWO7TaJv0W6NDHHyAS72UTaUmLQeicYLfZr7F26TtX4MjB5esmix0rwkqxiSRSaY6J_is5LNXKyWvukQobiGVr9wCdRtotOyBQGGU5QcmKiVi5qcO3XC3buVL4bit815QK_ekk1HW-xKhwIV3UPHiFZrU1jr5UKDYM-VkgqLfqUVU-kKTjc7aQvszMewM-kQq8X4Nwa6eCiOb0kRmuiLVPmcrm3UvSShcESY_tx_MUkpAR4nyAjYgslifoaGO3digiFMcAe4toCzWn5RYvqKr3iPSRICW1s5ZRSDdVxO04Z2Ib_5yeCkC_hRM2ZeockWQ&cid=CAASEuRof4syNAhPSMj9TAlPg5L84Q&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db65126c2d025ea469b1b0a7a0c9da110181ff127649a4894ec35a37338ff3db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28265
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 204E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgQCdT-iz0CDp7_J9T5ndt7yVP-yMGrV8z2XG1p8FCT60r5c0Bzqy-e6yWlsTTOwaOWGl_Fo-B5n1yvgmD7B8FkkPZlZHh2QoENRlgk2H9zvV9zzA
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 204E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:17:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 204E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 204E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:53:19 GMT
l
www.google.com/ads/measurement/ Frame 204E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3eEbvfK4Dc7wl1NWXJp6ySlMqn59RgXs0QpOxPJEb8_o6T1eZCXLR0P12xBJz5BDFHav4KeeNzH4vUe4HkasSXoC8TQ
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4A56 		611 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYq6SKrgEwAQ&v=APEucNV8UA19XlTucqWjR1p5BmJuOL1NIP2rTeEouV_5d-XA7Xxh-Y_HQOWFbUKa4Z1ceaSlXQE2nfrGP2tHegwScKvguWE5LQ
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLOokgEQt6j7zAIYq6SKrgEwAQ&v=APEucNV8UA19XlTucqWjR1p5BmJuOL1NIP2rTeEouV_5d-XA7Xxh-Y_HQOWFbUKa4Z1ceaSlXQE2nfrGP2tHegwScKvguWE5LQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkNXIALYmat58-Jsz8GVGtoI5mjHNHmgsMAEQ-dFv6OnrzLRB2BD3mSplFMw8w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 31 Aug 2021 02:57:46 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C101 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrpLECM9Lu-c9fIR896sXaukdh7XtcuREoa0eU6McyJQFyXY9MA0mWxuIo-GT2CHqfd98mHj0cD9ykuxh6FKyaKmrHPJ9RKrpjSN_mqL9kM-DR5iXVQj4kNvGOo6AGO5b5udPOux7ZGDK-xqjQFXf9ehkcNg&dbm_d=AKAmf-Ctuc4SQt8fniiDip1Sw7mKhyMs8QTqZuB41_g9woFLA1UoRN1zek6Msx5URvkj3hnYC5CxjYuzM5KEPwadbtyffZpGGITyOuwde3_mpUZVIbzjVQwuOddkThFoO4pENVZzudKZTrirPJEc4Rwlv4LYZNdno95rKZSydk1Lj8hIp3HGIoU9WrRcaP_pcl28QU3PMEZ12WTv9zzi8Mj-fwiLJgROH6skMU2NKJZPbcxMpOxliVLpkQxj9bWoexwShDPLFmA3-UdDBERrhUD-zcwHjg7zfv_0bmqYNKhSHrld6UiilBLlmPuHsoluOZxST8xTrqI6vSsw3k-RGc5GkfhyrVcuHZhqIDIsRylo5sF7IFc0T7pUPcPkEFNc4ktovMQogkeLFoEi1nXWgOoVY9HuwpCJyg7B_RH715l9UUL8H_woTNXvJpKMZKQNR-yjSaKjkQUMHmS1lhSCeLgMFFak644hhH09XU-ObQN5i0DOhm_ktVWu1jQVT0a8aqWynWGgHiWT-URo3HRmV8krP31OOvK-htI1sI077qtKLsV_XnQfhk5zcJtb-2PGgk5zuHvsiFPGQwMoxZz8-Yy-0Q0IhHQLx7kpyN4lAGtagrii9lFx1I8aXhU1-PgcDEYb4ZJDUJ2qwG0uMk0JgztsJMDTxMA0IZzcTzyzXfDkfHNbG5Z3bmnCXkH2fG0rjhoR5U2WBe-OK4xrT4P-evvAOWHd7FjSIuXhqZtc7GdWJbisEUC38iv66TYIX_-M54K1BLWysuFBmB9vIc7S6Gtt7F9f6Ix7czAkWkS1YS-PeuigrSiSlZRdl7ffQ2rnQV_g0eRK33rWf37Xs_ToYP8axvDI7FFdkXtKgOlacxzqsV2PJBoTskAEx-GtKhbhM2S5bZx44g7MWNyDSB2YMKu1cg-9mnYGFBL8vg-Pejb1OLLkR95HQ0enIiQN9hBxRaWMDmj8ned-FY24SDdWDuKcTINTZOE86gS7mTl9FFI95qyIrOatxthF8546fG5E4f5etqb3amoLBW9o0_LdpeEkdM3axK3qV4uNhTkOpKoPoQlYxmOvSXZSJ7Zj4DwwseLJqTwPb2RAb_W6HlcXlucHwMRppqAcgOywL-DsD6njII77SugF3Lt1KfKuEfpQCV68J9sJhjjSQDnD_-mZVdzvhSPb5c06hf0ZpJrVqgyi-aLugKEqoIFXTxFp4H8hjTYvEaIF-Rrupi2sK9uNGACncuQXOnXLyqMfQwJiTijtGZ4bScIte_tk2R3LgnnvLOxfMQA4CNXeZPLIbDwSq_QaTLTKm574gh0Gzo0KY4TsTothySRmUZHNls2PbSWcUzKfxinSllgIzI4szenx0H5VEtVkFUgKiCte_tEn9yawJeUlchWYgE4jz7k5pkNiFoh8QgjmLZMc84lMTeV_fCHIHtbx4jni4wBFJXU0g8eFIL7siZiwJYo5kT1Twexby52w8YKa9VFk9rXaiQNxCffTAW4QtlnpPZljlRaxWSb9GtSAZ0nuzhIwjvaK1lVtwJxQBuOscFzMtMYGo8VKcFXXLnD5ceoBtYdHASPIVwMGsAFQJ4l3lAM6S_xPFCWePPVZHHFHWTpQC6uywe7q5B8tkjslGzRferH7Ta8_vw45wnBZp7GZT0uA6kVYv4bYwgBfyD_OukKDf2BYgrGyfYtDorAIE8eBYPPJLLJ51eV6_bd7aaVVTdUOYp-lirYXqLTD5TjO-ZUvsFugTonerCAGItwhlRGhxy7Lk2tCr6hjLFxd5iXssfpurXalMF7CVnMOsLdRCmV27Z7QdPWCm9uDNSnrhPXCPdWgMrVJ3AupILUGHdCE-Gtmja3F-FFDfiYKAh3jL7kedoiZv7C-yyorECnq-gT3QhJGu3eYTWucc48wdvlD4P3kobU3wBX99tIr5pOfOr21u4AX1RzaV5BggJNoDMWozoJXfxWSErxdEB9lYpkfMEcEnNHFB0GHmpg6Vf6JWt4aeKie6a_A-rODgNz_W3wNS5FPOVYS4JhO_XviOkrJFWtMK6L-qkBnp99wBw6blPHHSJvxQkQPojF6-Ut8Mpe5ZJYv5DSIU1nB0pfD-sQWy9BIn0IKZtiSIIb1_hiYdM11ji_4NYZs1TKv-uBnYeAQ5kOUg3utUov10WgExzlP4S0YR6ekebH-Ixzy9PEw3YLnwmYK6TB8ZQlSpCEz3GzhUnOamjvg4W8Z4jcORzRtLJAJYkJNMoJKRT-ji0wT4FxjlQ87Di_dj4ExuZDDXLspQqS2lb-v2BOmnXYGm9OSCJUrHHt_vZ7gaHnhm15zsI55s-iK5z5Y3hADciehp1EtHVLGPH_8Sh5hdx-K72P9BaWpF43fZLixj2QK8EpYzt9LslgYcJpWHvJk34ZfMAwcI63-RYqGIcae36Rrx3PH1QC_OdaBE07Vo95ldBwp4sJBPM0VWzZycgSLTW8OWvlJAEMDdNgrxhDZ8WhYyrM2vY6ZQsP_dg7oDAx_GM1yJfTbm0GDwQXAIhXjZuzR0pxMSfo0fxFlbtN0Foz5NxnjWtNP-NxJrBFFoeoJ2cpCgHC_3HgR80PIPquiWvHJ3hWooMBTbTB6qe0a4Mdz_fDZpl-_jSghoEDKZtWOZwrUw0awkuy_J9KLT8zPlCwJixtC_8ykmUjF0auM3v6CdzP7w3vUYa-Zi-9cGQ_DeaQP-a2-XXzK4Lve8Z9sRFpcYY6knt1CoiyBdf0TqrzwFnpQyuHD2hyDV9Uzp71AYXGRSEqvU7kz0-LR44hlpeDutY7OcKCoVzuMTOxt6VQOYBoMh3Rl7iREt7sujXclXLZP0aWROmUGqBI7oSYQVIbaiAL7Dtaw9sFOULNG_lnX_xvMlxgSRrm4X-QexfxcBL8mwJVkxB5MiepGK961UFDzKXyCLE_iZddH25J46hAw1eDgOuMze2McE789jk7vhird_6BnmKGBlGMLqe4E9MncPjyS8w&cid=CAASEuRoF5jDCfzhcMF64rUdzwvv-Q&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c566d610177d2a237a3dabd1e256faa9e141b816a37ede338d2328a680757ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C101 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CesOcd0w_K3-FNXeAi41YTIhkk10WMIzEUgZc1zwKV87S2bD-Ue3Ky8UwCCli1Vndu_cnTmlEPeBaz4tTGb8345cdHfisaerXjX-RYzS38daVdzgw
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame C101 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2405
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:17:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C101 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame C101 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:53:19 GMT
l
www.google.com/ads/measurement/ Frame C101 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSmMf8-ZdWzk5YQ6iR588AwD98N5jc-t_x1XpQctZEX4jUvxhGPUMkvZoD3xrJrFwO-LD1rKB3Ht7KynRvW8_NGXokRA
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
/
avd.innity.com/dc/ 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/dc/?cl=225&cuid=7668287e9493357912f0d2816b82f18e&cb=1630378666857&douid=&sess=136891830.225.1630378666852&dur=0&ref=https%3A%2F%2Fwww.sanook.com%2F&srf=&pk=&pt=sanook.com%20%E0%B8%A3%E0%B8%A7%E0%B8%A1%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%20%E0%B8%94%E0%B8%B9%E0%B8%94%E0%B8%A7%E0%B8%87%20%E0%B8%AB%E0%B8%A7%E0%B8%A2%20%E0%B8%9C%E0%B8%A5%E0%B8%9A%E0%B8%AD%E0%B8%A5%20%E0%B9%80%E0%B8%9E%E0%B8%A5%E0%B8%87%20Joox%20%E0%B9%80%E0%B8%81%E0%B8%A1&sr=1600x1200&ul=en-US&de=UTF-8&vp=1600x1200
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Last-Modified
Tue, 31 Aug 2021 02:57:49 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
/
avd.innity.com/sync/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Favd.innity.com%2Fsync%2F%3Fpartner%3Dappnexus%26token%3D%24UID%26type%3Dcookie%26itmcb%3D1630378666857
  • https://avd.innity.com/sync/?partner=appnexus&token=4906231371083910880&type=cookie&itmcb=1630378666857
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=appnexus&token=4906231371083910880&type=cookie&itmcb=1630378666857
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:54 GMT
Last-Modified
Tue, 31 Aug 2021 02:57:54 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:47 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cd3a7d03-1d61-4c76-a7a6-f1bdc3bca06e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://avd.innity.com/sync/?partner=appnexus&token=4906231371083910880&type=cookie&itmcb=1630378666857
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
avd.innity.com/sync/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avd.innity.com/sync/?partner=innity&token=7668287e9493357912f0d2816b82f18e&type=cookie&itmcb=1630378666857
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.216.16 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
10.d8.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:54 GMT
Last-Modified
Tue, 31 Aug 2021 02:57:54 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/gif
Content-Length
43
Expires
Wed, 04 Aug 1985 12:59:00 GMT
abuse.js
st.yengo.com/yengo/js/ Frame A227 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.yengo.com/yengo/js/abuse.js?t=0.48361799611004397
Requested by
Host: code.nytive.com
URL: https://code.nytive.com/data/173345.js?async=1&div=DIV_NTV_173345_686&t=0.5243642164258158
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.106.253.167 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx /
Resource Hash
6b4bba15892a49e00bdfa9197ad03c766040c5d6545da3511b405015a4184f2b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:48 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 26 Apr 2021 10:38:12 GMT
server
nginx
etag
W/"60869814-485a"
allow
GET, POST, HEAD, OPTIONS
content-type
application/javascript; charset=utf-8
cache-control
max-age=1209600
expires
Tue, 14 Sep 2021 02:57:48 GMT
pixel
cm.g.doubleclick.net/ Frame 036E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYyZKKrgEwAQ&v=APEucNVd8BL6XHI6WYFxz01wxbHxq21ieoNvj5wSjcxfIs1q7aQDBdSOWu1F0yZnCjEEr__c9kJEE4jTs7ayBG9DJI4hKZdh5w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 036E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYyZKKrgEwAQ&v=APEucNVd8BL6XHI6WYFxz01wxbHxq21ieoNvj5wSjcxfIs1q7aQDBdSOWu1F0yZnCjEEr__c9kJEE4jTs7ayBG9DJI4hKZdh5w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:47 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 31 Aug 2021 02:57:47 GMT
rum
dsum-sec.casalemedia.com/ Frame 036E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS2aqxPKzNt4XtY-WrqH5wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYyZKKrgEwAQ&v=APEucNVd8BL6XHI6WYFxz01wxbHxq21ieoNvj5wSjcxfIs1q7aQDBdSOWu1F0yZnCjEEr__c9kJEE4jTs7ayBG9DJI4hKZdh5w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C42 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYrKSKrgEwAQ&v=APEucNXFBVl8IeImmnIFCLLBGvRgVX7jY01YDXmYDrzbjCwodS0srXqyqpU5pdDdmMAMlPsCwiqAMnoLpDdQELeCjcmKxK5oGw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4C42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYrKSKrgEwAQ&v=APEucNXFBVl8IeImmnIFCLLBGvRgVX7jY01YDXmYDrzbjCwodS0srXqyqpU5pdDdmMAMlPsCwiqAMnoLpDdQELeCjcmKxK5oGw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:47 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 31 Aug 2021 02:57:47 GMT
rum
dsum-sec.casalemedia.com/ Frame 4C42
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS2aqxPKzNt4XtY-WrqH6wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYrKSKrgEwAQ&v=APEucNXFBVl8IeImmnIFCLLBGvRgVX7jY01YDXmYDrzbjCwodS0srXqyqpU5pdDdmMAMlPsCwiqAMnoLpDdQELeCjcmKxK5oGw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4A56
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPB4OAyjFmeUUnZlk-3xGWY&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPB4OAyjFmeUUnZlk-3xGWY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYq6SKrgEwAQ&v=APEucNV8UA19XlTucqWjR1p5BmJuOL1NIP2rTeEouV_5d-XA7Xxh-Y_HQOWFbUKa4Z1ceaSlXQE2nfrGP2tHegwScKvguWE5LQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4056f685-e7f4-404f-8035-284ce92ab4e8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPB4OAyjFmeUUnZlk-3xGWY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4A56
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNjIzMTM3MTA4MzkxMDg4MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNjIzMTM3MTA4MzkxMDg4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYq6SKrgEwAQ&v=APEucNV8UA19XlTucqWjR1p5BmJuOL1NIP2rTeEouV_5d-XA7Xxh-Y_HQOWFbUKa4Z1ceaSlXQE2nfrGP2tHegwScKvguWE5LQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a3657c63-57a5-4b62-aaf4-b3612ff95b35
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNjIzMTM3MTA4MzkxMDg4MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4A56
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqf59H9AvDAlbb9T2Ycobo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqf59H9AvDAlbb9T2Ycobo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYq6SKrgEwAQ&v=APEucNV8UA19XlTucqWjR1p5BmJuOL1NIP2rTeEouV_5d-XA7Xxh-Y_HQOWFbUKa4Z1ceaSlXQE2nfrGP2tHegwScKvguWE5LQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqf59H9AvDAlbb9T2Ycobo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4A56
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDczM2Y2NjMtMzNlZC0yMGE2LWZhNzMtOWUzZWU1YzVlM2Ji
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDczM2Y2NjMtMzNlZC0yMGE2LWZhNzMtOWUzZWU1YzVlM2Ji
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQt6j7zAIYq6SKrgEwAQ&v=APEucNV8UA19XlTucqWjR1p5BmJuOL1NIP2rTeEouV_5d-XA7Xxh-Y_HQOWFbUKa4Z1ceaSlXQE2nfrGP2tHegwScKvguWE5LQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDczM2Y2NjMtMzNlZC0yMGE2LWZhNzMtOWUzZWU1YzVlM2Ji
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
via
1.1 google
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 598E 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 12:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Aug 2021 12:38:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/ Frame 598E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxYl8TNLW1u7hlasiLrquHjAEON0eIKaEXRf5ZmLkOVmsYNn-MxVCjMAyMJlauvt34dWR_GTR6UXmEJ_KM6bK5neR29rx2zdiYFIEG_kKVt0ffa_hFIdrvcClZLWOISSCstqiguM3vooF57JEheV1FOTsL5Q&dbm_d=AKAmf-BTV5GHXxcL_MyqTDrJeiQa3KfYdrtREyy-mF6zYsikrxEnuvCimIlYiqFk7nydwirTMZhSH0VzoPuqrR_1MYxCVzElP1Xa5ySVoKFE3zot4Hzrxpzu3cVr1lHdYCP8kdJpq-MRk98hyP7mF73ndX8AGNev-dPTY3k6w-q-88xSwtZ6q2hS_u0Ub-qdswDN3XxXnnn1Jp7rhlqRtZ_rS1CxH6qVleq-i42dsEJizlVakf_DOTKVGWoLShyMSK5M9_yY1tDFbzelOwlsh_J_kltWyh74ZfKIhzVhjobces_wm1368Rkxf8axU9CIz03VZgB047tpmCiHgRWfBIW4k0nhnXX8sFQxw6AiN6E8_B4bTw6IbXPi0v2fHV6av_0iEpBXOVmr3d3XAHYH7vHV8vpdAXFIYxFLnB3nSDbKMraqxCf1x6Xjcxtypckn6pUKvjMXa7ziZMwvdxRcE5vjLQm2gsPrzzghm-k5xos3NPPOBJm20huqgJh8Tw5no71nRgE0vbQrcvhn1pG7F3VeMLvGbgibZeEqg4irUCZaHcm9rHy5-O9FP84BqEV8OrHlmbxqJvQ-7omlSWby4yTWeT1luIzNe8s2gF4SuNxB1850LKtpBonPeWEazvoDjkeuDQKKVrG7N9f6mD86-RQ0C0D51XDoyuQTU7eSjrB1fDuO_tDS4t1dmfsWiZGtLoK2pwxKqBhwfB_VmgmjmrGwPf3L7uCJ_Mmh__RGLdIVUxJajoLql1A0mnbveT_H3xcBKZtGryZz8FT10jvEYKvTEbgRBmlmIj6S5iiw7R0HJHOmwfcSWySI0yHi6n-GkXrlNG8GK1i-AYiCvn9fqWhQIpSBJemBGdrc7GfIi2qgqU73Q7EU_14qbak7akArZniZEmlQtqNQm9lL9Ad2-izPPi_CHkLqXCJqRvCn2mmGbegx65wzehq1-iBN8Xfd16CLnY859NTSqYQD_ej-oj58tD8erLAD294urujUTjZkBo1PzcQvGou_ng97ladwm5Eh8JL7hoie3lSxYq3j3NHr3A1Oc5QboSflc70gYoCHu04XWgzcK--N5sFePtGq6vxr029-XkEaLJ1h70ZXDOISQikf3SL2UpphoIcFTj22_xRxL60uPn5Po0lMJAiLtaX3og_5CUEL0ObtfK214eTfSyoRfRL4Jy_BTLpsc1WSWRVvTCs9Rh_zTkxtNu43QIQYl2wjMhNdoe4obhIVyW-NJNdn3Tp5sdqFzjRcLgOKcE_L2PNotZaqyC57pmi3HJ9ItX_Pojd5i26CE3lUjW7We2GI7aflg0h72ifbxC76tmaVKhROaxSbDyku3n-8d33Izq9LojPeIjcnmcy3a4GXz5jj3ST2aDMurIWWmbbUndXGMKYBUrdcMLoiuSqpMXBKy-Kz3Gyq5x3utLlfy7b-zSnbIHDs1d5jYTVsOCiCt-1u0HYK6qPyE2pBauhyab8so-qLv7Z2furBPoSVGjz6zfQ-D0AS9z9xFfDQ1rUEeIElYD8pjU2nYPsoBXLoc7Jb9W6oH1N6EOHToIR2Ofc4dW0uGjH_hx1wS52itDcaeReCX7BXhzPi0MQ4GpWK_8olvbi-OyEsz81nOE7eHjm2iVQthkUWXBGNBTiN3jnZtnbCgYKm0uWUpHnJIvTIUxgCncGneSzezUT12sZ1RyDX520li1X7TD09fy9sUPRGQQvc7kHZVChA7-VdRRL7thDoRCM-mXaKjYDP2Dq5ezxObJ_9DRrAidMioYveAZsBWNfOYpqDK6ScmIK7YR9qPu_j8HDjpcpaBMtuE0NrKHwq2qkH9VBXoX4Rr7AsL98HtHgb5PYriY74hQCGd6T5sJPtMncSzViiGNjjo8oDjhvMqaPYQnL-FZck_t8uJXOkhcr5Tlogwjhh1ULPtMpV1ldfN2HAANq4T5vkSA7nSrHrt9DVGGXG6NDgGA2InczcQ5RFeTz57Cue_VR3ynadwjvTH5xmdyFksxAKe-gyIyE0Nk68Mh0pW6qAgKCqVGrMK6Iu4p9De-IGlTuUIs-qL3Qcw1mucAQx6AtAATvt4v6szhJp541xU2Yf-pLzWuElx3gpHDylBLILli14JD5wPRB_DO7UvtkjmU2R7HYDLlMRHZKc0x4h3Yi_SdFZ9OMBaRlsv5RozIDFtq5w5U1w53Ds4S94M2K6I9Cx89YfbAYVuCGXUINdgEehVDw9rqK_q-fWy5VeZMLl15dVlun-167-E_2_NkJYFjanbLJSG8Quq2Oub48lqRcKLTFwc14TWn1D5R5rwlJ8e3LbYhdQt565rEXN5HBFhnRzcSvIWYxCA6OWO_GwdSHqOwD3yY2oT9-TFwd9iAy8oixSbAhM8S22MDn_dH3cVaYAD_a2k5t21jPWvepKvU4T0ZuRmjMp-TC_TIf3EGQ80jv88WSg1zoUckO6XGGNKUZIet9EXKjBpskZtevgnA6dzl8wW5hFfu1YC6Ywu7cc4PjWY53CDmLlEGSRbB0wOdn30JDXv7x3_XILZe2P6W0VeF1BVjC3A8Ki17P6LQusbg8PG4yd8Lum8x5PNbiJTu7-8Qgk_z-hs8v6xQZxwDgprGUoxagVPHR2fta_XGAC5zODHSoHb57ZIeUStRCFPkQig0MWhrRCdbOcWiWYYkqOxXBCxlr9aciGwsqoXZ9Lpr-_Rs4p7bjKfi84TYXuWe9Gc3kNe9vopT8cyUI8C3i0T5SW_QW808QkKZ82FtpwjTtatKu0WCyoZIcXKc_2nfbt3IFinAlMD1wWUL2GVIRmRvH3z_c6Jo61d9FEIGtuWkfowTQ4-ktuPKVmLY6t86-SgeHUuaum59Nh5qJCCUGAzeli-p8gIBp4Ap5xpzeeOwEJZQWHeyt9IghigAWv6Lm_mksVKuwfOo5nJ4NA0mFSMU9BcB0m4nS4g5xNlCV8Bqu45uxqSJWtY4Zvct2Kb70NAd3hJ4fhf1DwqdsNRw&cid=CAASEuRo5UlGrQq2jzjXImu1ihLzfg&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:51:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 598E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxYl8TNLW1u7hlasiLrquHjAEON0eIKaEXRf5ZmLkOVmsYNn-MxVCjMAyMJlauvt34dWR_GTR6UXmEJ_KM6bK5neR29rx2zdiYFIEG_kKVt0ffa_hFIdrvcClZLWOISSCstqiguM3vooF57JEheV1FOTsL5Q&dbm_d=AKAmf-BTV5GHXxcL_MyqTDrJeiQa3KfYdrtREyy-mF6zYsikrxEnuvCimIlYiqFk7nydwirTMZhSH0VzoPuqrR_1MYxCVzElP1Xa5ySVoKFE3zot4Hzrxpzu3cVr1lHdYCP8kdJpq-MRk98hyP7mF73ndX8AGNev-dPTY3k6w-q-88xSwtZ6q2hS_u0Ub-qdswDN3XxXnnn1Jp7rhlqRtZ_rS1CxH6qVleq-i42dsEJizlVakf_DOTKVGWoLShyMSK5M9_yY1tDFbzelOwlsh_J_kltWyh74ZfKIhzVhjobces_wm1368Rkxf8axU9CIz03VZgB047tpmCiHgRWfBIW4k0nhnXX8sFQxw6AiN6E8_B4bTw6IbXPi0v2fHV6av_0iEpBXOVmr3d3XAHYH7vHV8vpdAXFIYxFLnB3nSDbKMraqxCf1x6Xjcxtypckn6pUKvjMXa7ziZMwvdxRcE5vjLQm2gsPrzzghm-k5xos3NPPOBJm20huqgJh8Tw5no71nRgE0vbQrcvhn1pG7F3VeMLvGbgibZeEqg4irUCZaHcm9rHy5-O9FP84BqEV8OrHlmbxqJvQ-7omlSWby4yTWeT1luIzNe8s2gF4SuNxB1850LKtpBonPeWEazvoDjkeuDQKKVrG7N9f6mD86-RQ0C0D51XDoyuQTU7eSjrB1fDuO_tDS4t1dmfsWiZGtLoK2pwxKqBhwfB_VmgmjmrGwPf3L7uCJ_Mmh__RGLdIVUxJajoLql1A0mnbveT_H3xcBKZtGryZz8FT10jvEYKvTEbgRBmlmIj6S5iiw7R0HJHOmwfcSWySI0yHi6n-GkXrlNG8GK1i-AYiCvn9fqWhQIpSBJemBGdrc7GfIi2qgqU73Q7EU_14qbak7akArZniZEmlQtqNQm9lL9Ad2-izPPi_CHkLqXCJqRvCn2mmGbegx65wzehq1-iBN8Xfd16CLnY859NTSqYQD_ej-oj58tD8erLAD294urujUTjZkBo1PzcQvGou_ng97ladwm5Eh8JL7hoie3lSxYq3j3NHr3A1Oc5QboSflc70gYoCHu04XWgzcK--N5sFePtGq6vxr029-XkEaLJ1h70ZXDOISQikf3SL2UpphoIcFTj22_xRxL60uPn5Po0lMJAiLtaX3og_5CUEL0ObtfK214eTfSyoRfRL4Jy_BTLpsc1WSWRVvTCs9Rh_zTkxtNu43QIQYl2wjMhNdoe4obhIVyW-NJNdn3Tp5sdqFzjRcLgOKcE_L2PNotZaqyC57pmi3HJ9ItX_Pojd5i26CE3lUjW7We2GI7aflg0h72ifbxC76tmaVKhROaxSbDyku3n-8d33Izq9LojPeIjcnmcy3a4GXz5jj3ST2aDMurIWWmbbUndXGMKYBUrdcMLoiuSqpMXBKy-Kz3Gyq5x3utLlfy7b-zSnbIHDs1d5jYTVsOCiCt-1u0HYK6qPyE2pBauhyab8so-qLv7Z2furBPoSVGjz6zfQ-D0AS9z9xFfDQ1rUEeIElYD8pjU2nYPsoBXLoc7Jb9W6oH1N6EOHToIR2Ofc4dW0uGjH_hx1wS52itDcaeReCX7BXhzPi0MQ4GpWK_8olvbi-OyEsz81nOE7eHjm2iVQthkUWXBGNBTiN3jnZtnbCgYKm0uWUpHnJIvTIUxgCncGneSzezUT12sZ1RyDX520li1X7TD09fy9sUPRGQQvc7kHZVChA7-VdRRL7thDoRCM-mXaKjYDP2Dq5ezxObJ_9DRrAidMioYveAZsBWNfOYpqDK6ScmIK7YR9qPu_j8HDjpcpaBMtuE0NrKHwq2qkH9VBXoX4Rr7AsL98HtHgb5PYriY74hQCGd6T5sJPtMncSzViiGNjjo8oDjhvMqaPYQnL-FZck_t8uJXOkhcr5Tlogwjhh1ULPtMpV1ldfN2HAANq4T5vkSA7nSrHrt9DVGGXG6NDgGA2InczcQ5RFeTz57Cue_VR3ynadwjvTH5xmdyFksxAKe-gyIyE0Nk68Mh0pW6qAgKCqVGrMK6Iu4p9De-IGlTuUIs-qL3Qcw1mucAQx6AtAATvt4v6szhJp541xU2Yf-pLzWuElx3gpHDylBLILli14JD5wPRB_DO7UvtkjmU2R7HYDLlMRHZKc0x4h3Yi_SdFZ9OMBaRlsv5RozIDFtq5w5U1w53Ds4S94M2K6I9Cx89YfbAYVuCGXUINdgEehVDw9rqK_q-fWy5VeZMLl15dVlun-167-E_2_NkJYFjanbLJSG8Quq2Oub48lqRcKLTFwc14TWn1D5R5rwlJ8e3LbYhdQt565rEXN5HBFhnRzcSvIWYxCA6OWO_GwdSHqOwD3yY2oT9-TFwd9iAy8oixSbAhM8S22MDn_dH3cVaYAD_a2k5t21jPWvepKvU4T0ZuRmjMp-TC_TIf3EGQ80jv88WSg1zoUckO6XGGNKUZIet9EXKjBpskZtevgnA6dzl8wW5hFfu1YC6Ywu7cc4PjWY53CDmLlEGSRbB0wOdn30JDXv7x3_XILZe2P6W0VeF1BVjC3A8Ki17P6LQusbg8PG4yd8Lum8x5PNbiJTu7-8Qgk_z-hs8v6xQZxwDgprGUoxagVPHR2fta_XGAC5zODHSoHb57ZIeUStRCFPkQig0MWhrRCdbOcWiWYYkqOxXBCxlr9aciGwsqoXZ9Lpr-_Rs4p7bjKfi84TYXuWe9Gc3kNe9vopT8cyUI8C3i0T5SW_QW808QkKZ82FtpwjTtatKu0WCyoZIcXKc_2nfbt3IFinAlMD1wWUL2GVIRmRvH3z_c6Jo61d9FEIGtuWkfowTQ4-ktuPKVmLY6t86-SgeHUuaum59Nh5qJCCUGAzeli-p8gIBp4Ap5xpzeeOwEJZQWHeyt9IghigAWv6Lm_mksVKuwfOo5nJ4NA0mFSMU9BcB0m4nS4g5xNlCV8Bqu45uxqSJWtY4Zvct2Kb70NAd3hJ4fhf1DwqdsNRw&cid=CAASEuRo5UlGrQq2jzjXImu1ihLzfg&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:44:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2758 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbmYcVYGPRTzwsajwogSwXvwdKxEpl0Hp04tFJyHaxUrvQO0qHIAw3f2jeY0SSqUv7tApkYJuTJtm4CtWKxiRZFW7JOmBjrDI7QINasdtAMPqz_RhDuznG8xQQmZSFkJ1F2M0EVzYJFo0dFMrvYWLRsEAABbgBvioEZfbWhbzRNgg3jGepXD3kDtLWRvDfWBLqwhz54JwSimTGsO2gVV9yhTJ7bfw1Z6PiWdgTIrbUuV6wHtWlzGEhHMIJKchQHHDLpDCBwA_ZG8X9JOm9e5fc_9aX5wswgdWrmbVkpWrHYK-li1c20fAo9-rvLtL0sNg&sig=Cg0ArKJSzIv1NKpVa5ayEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:57:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DCE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwrUXphKuCz-RvBOpSdtZAdgJP7efSg6BeCfjjyEzyzgeVzhX8_4-UgbEwOH4byO786rbUrLw8TmCPKDOhy0oChCjyMsBWrMEeROvkOiw68gfB19JjXIPosmiWA1UScA8suul7Kx3YPrDqQnNy1ihVdULbwEHJAHHuEiBF4-fCIscIcusOiiO6x0UwZBd8ZnWjBm_NNAYrqldF8aY0MUGWy0f03FE8ObrnPrR2IoInrZ9urLf6cWMOzkAIymiFmrMcQkzOcreJ5wkz2m_EGBu9I9uiUejY7eW96hp9ezGv5TIqr4_ijQLmg9_xrKCcCEc5PjCZms9iDzliQ2lksOxl5uojbMc&sig=Cg0ArKJSzLxuAMGAZUskEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:57:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DCE1 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bf97815cdc9239734a88f22aef7a83c4346401c468e8b790515fab48f5c58a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8605
x-xss-protection
0
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame C101 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 12:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Aug 2021 12:38:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/ Frame C101 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrpLECM9Lu-c9fIR896sXaukdh7XtcuREoa0eU6McyJQFyXY9MA0mWxuIo-GT2CHqfd98mHj0cD9ykuxh6FKyaKmrHPJ9RKrpjSN_mqL9kM-DR5iXVQj4kNvGOo6AGO5b5udPOux7ZGDK-xqjQFXf9ehkcNg&dbm_d=AKAmf-Ctuc4SQt8fniiDip1Sw7mKhyMs8QTqZuB41_g9woFLA1UoRN1zek6Msx5URvkj3hnYC5CxjYuzM5KEPwadbtyffZpGGITyOuwde3_mpUZVIbzjVQwuOddkThFoO4pENVZzudKZTrirPJEc4Rwlv4LYZNdno95rKZSydk1Lj8hIp3HGIoU9WrRcaP_pcl28QU3PMEZ12WTv9zzi8Mj-fwiLJgROH6skMU2NKJZPbcxMpOxliVLpkQxj9bWoexwShDPLFmA3-UdDBERrhUD-zcwHjg7zfv_0bmqYNKhSHrld6UiilBLlmPuHsoluOZxST8xTrqI6vSsw3k-RGc5GkfhyrVcuHZhqIDIsRylo5sF7IFc0T7pUPcPkEFNc4ktovMQogkeLFoEi1nXWgOoVY9HuwpCJyg7B_RH715l9UUL8H_woTNXvJpKMZKQNR-yjSaKjkQUMHmS1lhSCeLgMFFak644hhH09XU-ObQN5i0DOhm_ktVWu1jQVT0a8aqWynWGgHiWT-URo3HRmV8krP31OOvK-htI1sI077qtKLsV_XnQfhk5zcJtb-2PGgk5zuHvsiFPGQwMoxZz8-Yy-0Q0IhHQLx7kpyN4lAGtagrii9lFx1I8aXhU1-PgcDEYb4ZJDUJ2qwG0uMk0JgztsJMDTxMA0IZzcTzyzXfDkfHNbG5Z3bmnCXkH2fG0rjhoR5U2WBe-OK4xrT4P-evvAOWHd7FjSIuXhqZtc7GdWJbisEUC38iv66TYIX_-M54K1BLWysuFBmB9vIc7S6Gtt7F9f6Ix7czAkWkS1YS-PeuigrSiSlZRdl7ffQ2rnQV_g0eRK33rWf37Xs_ToYP8axvDI7FFdkXtKgOlacxzqsV2PJBoTskAEx-GtKhbhM2S5bZx44g7MWNyDSB2YMKu1cg-9mnYGFBL8vg-Pejb1OLLkR95HQ0enIiQN9hBxRaWMDmj8ned-FY24SDdWDuKcTINTZOE86gS7mTl9FFI95qyIrOatxthF8546fG5E4f5etqb3amoLBW9o0_LdpeEkdM3axK3qV4uNhTkOpKoPoQlYxmOvSXZSJ7Zj4DwwseLJqTwPb2RAb_W6HlcXlucHwMRppqAcgOywL-DsD6njII77SugF3Lt1KfKuEfpQCV68J9sJhjjSQDnD_-mZVdzvhSPb5c06hf0ZpJrVqgyi-aLugKEqoIFXTxFp4H8hjTYvEaIF-Rrupi2sK9uNGACncuQXOnXLyqMfQwJiTijtGZ4bScIte_tk2R3LgnnvLOxfMQA4CNXeZPLIbDwSq_QaTLTKm574gh0Gzo0KY4TsTothySRmUZHNls2PbSWcUzKfxinSllgIzI4szenx0H5VEtVkFUgKiCte_tEn9yawJeUlchWYgE4jz7k5pkNiFoh8QgjmLZMc84lMTeV_fCHIHtbx4jni4wBFJXU0g8eFIL7siZiwJYo5kT1Twexby52w8YKa9VFk9rXaiQNxCffTAW4QtlnpPZljlRaxWSb9GtSAZ0nuzhIwjvaK1lVtwJxQBuOscFzMtMYGo8VKcFXXLnD5ceoBtYdHASPIVwMGsAFQJ4l3lAM6S_xPFCWePPVZHHFHWTpQC6uywe7q5B8tkjslGzRferH7Ta8_vw45wnBZp7GZT0uA6kVYv4bYwgBfyD_OukKDf2BYgrGyfYtDorAIE8eBYPPJLLJ51eV6_bd7aaVVTdUOYp-lirYXqLTD5TjO-ZUvsFugTonerCAGItwhlRGhxy7Lk2tCr6hjLFxd5iXssfpurXalMF7CVnMOsLdRCmV27Z7QdPWCm9uDNSnrhPXCPdWgMrVJ3AupILUGHdCE-Gtmja3F-FFDfiYKAh3jL7kedoiZv7C-yyorECnq-gT3QhJGu3eYTWucc48wdvlD4P3kobU3wBX99tIr5pOfOr21u4AX1RzaV5BggJNoDMWozoJXfxWSErxdEB9lYpkfMEcEnNHFB0GHmpg6Vf6JWt4aeKie6a_A-rODgNz_W3wNS5FPOVYS4JhO_XviOkrJFWtMK6L-qkBnp99wBw6blPHHSJvxQkQPojF6-Ut8Mpe5ZJYv5DSIU1nB0pfD-sQWy9BIn0IKZtiSIIb1_hiYdM11ji_4NYZs1TKv-uBnYeAQ5kOUg3utUov10WgExzlP4S0YR6ekebH-Ixzy9PEw3YLnwmYK6TB8ZQlSpCEz3GzhUnOamjvg4W8Z4jcORzRtLJAJYkJNMoJKRT-ji0wT4FxjlQ87Di_dj4ExuZDDXLspQqS2lb-v2BOmnXYGm9OSCJUrHHt_vZ7gaHnhm15zsI55s-iK5z5Y3hADciehp1EtHVLGPH_8Sh5hdx-K72P9BaWpF43fZLixj2QK8EpYzt9LslgYcJpWHvJk34ZfMAwcI63-RYqGIcae36Rrx3PH1QC_OdaBE07Vo95ldBwp4sJBPM0VWzZycgSLTW8OWvlJAEMDdNgrxhDZ8WhYyrM2vY6ZQsP_dg7oDAx_GM1yJfTbm0GDwQXAIhXjZuzR0pxMSfo0fxFlbtN0Foz5NxnjWtNP-NxJrBFFoeoJ2cpCgHC_3HgR80PIPquiWvHJ3hWooMBTbTB6qe0a4Mdz_fDZpl-_jSghoEDKZtWOZwrUw0awkuy_J9KLT8zPlCwJixtC_8ykmUjF0auM3v6CdzP7w3vUYa-Zi-9cGQ_DeaQP-a2-XXzK4Lve8Z9sRFpcYY6knt1CoiyBdf0TqrzwFnpQyuHD2hyDV9Uzp71AYXGRSEqvU7kz0-LR44hlpeDutY7OcKCoVzuMTOxt6VQOYBoMh3Rl7iREt7sujXclXLZP0aWROmUGqBI7oSYQVIbaiAL7Dtaw9sFOULNG_lnX_xvMlxgSRrm4X-QexfxcBL8mwJVkxB5MiepGK961UFDzKXyCLE_iZddH25J46hAw1eDgOuMze2McE789jk7vhird_6BnmKGBlGMLqe4E9MncPjyS8w&cid=CAASEuRoF5jDCfzhcMF64rUdzwvv-Q&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:51:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame C101 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrpLECM9Lu-c9fIR896sXaukdh7XtcuREoa0eU6McyJQFyXY9MA0mWxuIo-GT2CHqfd98mHj0cD9ykuxh6FKyaKmrHPJ9RKrpjSN_mqL9kM-DR5iXVQj4kNvGOo6AGO5b5udPOux7ZGDK-xqjQFXf9ehkcNg&dbm_d=AKAmf-Ctuc4SQt8fniiDip1Sw7mKhyMs8QTqZuB41_g9woFLA1UoRN1zek6Msx5URvkj3hnYC5CxjYuzM5KEPwadbtyffZpGGITyOuwde3_mpUZVIbzjVQwuOddkThFoO4pENVZzudKZTrirPJEc4Rwlv4LYZNdno95rKZSydk1Lj8hIp3HGIoU9WrRcaP_pcl28QU3PMEZ12WTv9zzi8Mj-fwiLJgROH6skMU2NKJZPbcxMpOxliVLpkQxj9bWoexwShDPLFmA3-UdDBERrhUD-zcwHjg7zfv_0bmqYNKhSHrld6UiilBLlmPuHsoluOZxST8xTrqI6vSsw3k-RGc5GkfhyrVcuHZhqIDIsRylo5sF7IFc0T7pUPcPkEFNc4ktovMQogkeLFoEi1nXWgOoVY9HuwpCJyg7B_RH715l9UUL8H_woTNXvJpKMZKQNR-yjSaKjkQUMHmS1lhSCeLgMFFak644hhH09XU-ObQN5i0DOhm_ktVWu1jQVT0a8aqWynWGgHiWT-URo3HRmV8krP31OOvK-htI1sI077qtKLsV_XnQfhk5zcJtb-2PGgk5zuHvsiFPGQwMoxZz8-Yy-0Q0IhHQLx7kpyN4lAGtagrii9lFx1I8aXhU1-PgcDEYb4ZJDUJ2qwG0uMk0JgztsJMDTxMA0IZzcTzyzXfDkfHNbG5Z3bmnCXkH2fG0rjhoR5U2WBe-OK4xrT4P-evvAOWHd7FjSIuXhqZtc7GdWJbisEUC38iv66TYIX_-M54K1BLWysuFBmB9vIc7S6Gtt7F9f6Ix7czAkWkS1YS-PeuigrSiSlZRdl7ffQ2rnQV_g0eRK33rWf37Xs_ToYP8axvDI7FFdkXtKgOlacxzqsV2PJBoTskAEx-GtKhbhM2S5bZx44g7MWNyDSB2YMKu1cg-9mnYGFBL8vg-Pejb1OLLkR95HQ0enIiQN9hBxRaWMDmj8ned-FY24SDdWDuKcTINTZOE86gS7mTl9FFI95qyIrOatxthF8546fG5E4f5etqb3amoLBW9o0_LdpeEkdM3axK3qV4uNhTkOpKoPoQlYxmOvSXZSJ7Zj4DwwseLJqTwPb2RAb_W6HlcXlucHwMRppqAcgOywL-DsD6njII77SugF3Lt1KfKuEfpQCV68J9sJhjjSQDnD_-mZVdzvhSPb5c06hf0ZpJrVqgyi-aLugKEqoIFXTxFp4H8hjTYvEaIF-Rrupi2sK9uNGACncuQXOnXLyqMfQwJiTijtGZ4bScIte_tk2R3LgnnvLOxfMQA4CNXeZPLIbDwSq_QaTLTKm574gh0Gzo0KY4TsTothySRmUZHNls2PbSWcUzKfxinSllgIzI4szenx0H5VEtVkFUgKiCte_tEn9yawJeUlchWYgE4jz7k5pkNiFoh8QgjmLZMc84lMTeV_fCHIHtbx4jni4wBFJXU0g8eFIL7siZiwJYo5kT1Twexby52w8YKa9VFk9rXaiQNxCffTAW4QtlnpPZljlRaxWSb9GtSAZ0nuzhIwjvaK1lVtwJxQBuOscFzMtMYGo8VKcFXXLnD5ceoBtYdHASPIVwMGsAFQJ4l3lAM6S_xPFCWePPVZHHFHWTpQC6uywe7q5B8tkjslGzRferH7Ta8_vw45wnBZp7GZT0uA6kVYv4bYwgBfyD_OukKDf2BYgrGyfYtDorAIE8eBYPPJLLJ51eV6_bd7aaVVTdUOYp-lirYXqLTD5TjO-ZUvsFugTonerCAGItwhlRGhxy7Lk2tCr6hjLFxd5iXssfpurXalMF7CVnMOsLdRCmV27Z7QdPWCm9uDNSnrhPXCPdWgMrVJ3AupILUGHdCE-Gtmja3F-FFDfiYKAh3jL7kedoiZv7C-yyorECnq-gT3QhJGu3eYTWucc48wdvlD4P3kobU3wBX99tIr5pOfOr21u4AX1RzaV5BggJNoDMWozoJXfxWSErxdEB9lYpkfMEcEnNHFB0GHmpg6Vf6JWt4aeKie6a_A-rODgNz_W3wNS5FPOVYS4JhO_XviOkrJFWtMK6L-qkBnp99wBw6blPHHSJvxQkQPojF6-Ut8Mpe5ZJYv5DSIU1nB0pfD-sQWy9BIn0IKZtiSIIb1_hiYdM11ji_4NYZs1TKv-uBnYeAQ5kOUg3utUov10WgExzlP4S0YR6ekebH-Ixzy9PEw3YLnwmYK6TB8ZQlSpCEz3GzhUnOamjvg4W8Z4jcORzRtLJAJYkJNMoJKRT-ji0wT4FxjlQ87Di_dj4ExuZDDXLspQqS2lb-v2BOmnXYGm9OSCJUrHHt_vZ7gaHnhm15zsI55s-iK5z5Y3hADciehp1EtHVLGPH_8Sh5hdx-K72P9BaWpF43fZLixj2QK8EpYzt9LslgYcJpWHvJk34ZfMAwcI63-RYqGIcae36Rrx3PH1QC_OdaBE07Vo95ldBwp4sJBPM0VWzZycgSLTW8OWvlJAEMDdNgrxhDZ8WhYyrM2vY6ZQsP_dg7oDAx_GM1yJfTbm0GDwQXAIhXjZuzR0pxMSfo0fxFlbtN0Foz5NxnjWtNP-NxJrBFFoeoJ2cpCgHC_3HgR80PIPquiWvHJ3hWooMBTbTB6qe0a4Mdz_fDZpl-_jSghoEDKZtWOZwrUw0awkuy_J9KLT8zPlCwJixtC_8ykmUjF0auM3v6CdzP7w3vUYa-Zi-9cGQ_DeaQP-a2-XXzK4Lve8Z9sRFpcYY6knt1CoiyBdf0TqrzwFnpQyuHD2hyDV9Uzp71AYXGRSEqvU7kz0-LR44hlpeDutY7OcKCoVzuMTOxt6VQOYBoMh3Rl7iREt7sujXclXLZP0aWROmUGqBI7oSYQVIbaiAL7Dtaw9sFOULNG_lnX_xvMlxgSRrm4X-QexfxcBL8mwJVkxB5MiepGK961UFDzKXyCLE_iZddH25J46hAw1eDgOuMze2McE789jk7vhird_6BnmKGBlGMLqe4E9MncPjyS8w&cid=CAASEuRoF5jDCfzhcMF64rUdzwvv-Q&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:44:47 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 204E 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 12:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Aug 2021 12:38:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/ Frame 204E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsHmCLm2o1xAU8KJ7ZMIxv4po4UYeGqtcmKqSrnmUExnZG6MMo6_bldMuDAe1WscAjzYwqTUrniFNJn0NGrMvvcvzMSl_YfDxAkH9UfGaAAQwCrIT10FwO95U5ipvt63ku89w-0mE4RFuiDjk_sVr6ywU9WQ&dbm_d=AKAmf-CVV4esjO2yVhhQWYoC81qX1Kik6Zac10PSe11T-z3fB5NNktKoo-z6jjgbONmpicAkA3423AF0Oo-E6OEZrI3rao7ExLGsmY04JMKx19qE9d-0VSvqZZmdVZV9EMec56TVhm6Iyp7C0_KP7ruduX9-r99w0hI-znP1Za2hRpgzucp4EWKAkCNQLI3vrtwSSs01WcAZKT10CMDDiNp2IYoK2NNh1aahPmMHhusvDb6ggM1wUYk5HTlmtBZxWXOEaP2GzhtKRXRSt6fkHcdd58noajTHH33ST0bM7q0iNaBB3AhXgxI58jNyF8FPIl0iMU80EmRHRsqiZG-x1Bs-pvWrZkqF37oRjbUadfvahw6v1q5FOpbBCi8CSWbvZgTJPehLx0xnLZnK-smCtxoCvw-3zs6CD0_5-xlgDDDvMVxpx1O_V3dbhFT6T5Pk4VKIC1RY-bGi0J2OaVxsQa1LIqomAfCuL10_mr7JJ-mYU0x2QL4WS7vAVMT2d3SeJcSXCSoJsVA2em_ATVkCMxfJQ_hFntihqpTzxDXrzXfWCY4_qw49T6nOEOn4Tv8o3BwoHPPJlIyG7zOVc_31pTEs_wjBoJ4eL0ABLIiiMsdx13E2HimpT3fi6dktbV_rixqzs1wAtD6McLsULaDWgDrKAwIDhai-YtSUKorg4_DzoI69WZS7uXqJEMIkvgr_Ecq_btcerj55JO_TbL0MlWD4TubeSabDaw7OZ6JdZeG_wVZm2zHdukJqonCj1_INTpQE84RkdjWqKpNtC4ECzBhw0kzodRLEgNkbe1GAF-p6NQSBt7CiYtpa4gLD5mWYdf3G8BSP0utbMU76K96M5aGJ4pvuQ0w8TGwEFx8D1eCVZp1TuTx8DXpua3H3O870cCvzFg4dPHIBujTI6mlx_Jew7sa7yAdDKP8xv2uv7zs7VKN75aUfvPC6btFdvL6rYCd6EH9MUHjJ_KLpRnOwlSrLt4JlXpbO7SyKOSEmVOOLpt5UwDpDJECnn47iXCxAqHEdEQ9WWpM5Q9XuyY4rTFeU5ko3Nm0iVrTJgLrfEYUSOZgCdUv5QzHPuyn1Yr2G-v-h2QLigTjOpLuVIH_naeO5wGWE6-yXZcB0biBONc-460-xhFFuHcKNkimoe1FGgZ7JN7gTmM9Pb04BoSOObtFGg5axpXpGA5VV2W4CRy83nR3g0FAYy3uDMPDCFPp61U3tPf2Y8ygxSExD4V9LA67dq5nQcgkbXYFUJ7CgFrCqcmc-zm2aILTQiUrengX-WLGZXjcUnl6Aql45KrY1zwIiKeJ-7AvdhP2ywrxPcaNnhIASk-jHy8zBqDJrxsIE847_kcR1U5qY9qIbJUbbJgmCZAKDE-9rkC5yHiImU0t9HrCgUHKRshLtBDuJBl6iRB0EZtIFi6J4kMqw5izqksNutXNRkbylCXC8CepEwu4jrCIgFmn2q50yEGfftdbgbBaZHgLK1Vhbf9HD4abl4P7v1JuFP78Jy_WkOEX9EJF3ivorTy9dDvAGKodz_9SneFD5hZ6OFnPm7Vd0gJS5K-Nbdy8mDvhdqYwjKhE9CHieJYcS_fPkdVSO4hAnXlUcH70Bo4MddlXB7wsVaFkO6uji9Y_zyOjjknkuKPxL0ReZWpt5DKLmZWwO9rS__lXEBjYrg9kFxj-9TsPxTCH16VWPyHJXhbpXiNNhpguYcMGftfZylpzFNtRCz5igzOtWLwD6VYkKvBF6DySVuduErFbO7tuFMtQF4dTbknu2eTgev6-Y9ZuGedCxISxl0Xvf1W3eHc40jfr1TxhpLn9eI3LcBQzuEkFRuDG1m5izyZUajwvvQ4c1onHZ65gibxY3u5xwFBJVluzpp42Ii7pD5hgtI8V9h3BGfugAzmsZo41JE7-y6Br17sbzruFr4Sp5t1xpQwTIullUCvxUg7ZUg1bnReKV5gYZA6GiKjMOLux70FK6wwUGoHrgp4i04dZiCh3A3RFATEsM_mqzE2fSGFhF6CyVbSPEWBUThNBEIGTGN3ES6hBGDYwP5zP1fYwuIthEyJUSWLPL9LEUvycg7UBTc7UIt8ejjvmT-_R672KIbTk8oOmJbepqRimAM7Fgte6jTjn1hxX1oanBHlMWVNlH4WhIsTlffV0De1wYju-4G0oEKlqGLAqh4qNJuFsiz_DaDTw7CFh6RmwSKpJoT7KLuVnbAHMY8Xyq2VO_fWvbHtYzrlZ8dP1c9smN0xflMywhEkDYO980Zk9rNnxDgGT3PMxkDzlDxyjwsANw3i4wHTnIcwDnqzCcVdkdiBUtqlb2m_jfs6b4jRlZK4WtRrSD1Rm12gDWNzkLKN_Iq710obA5uvMecO4jw7Hv3WljjtsBnUvo0kKTRYzTTSagtbOwAYFJX1IhmoN_QBU3ETCV3X4sGmP05I1TTlSvhFzYh2SFG1Z6IIYq5RmyR7xr4WfOgR_lJGSPFAfJQ5XLouiWw6dr9ckCfzoX2o8_qGFxht5LgWvm5SdBHq666Vae40QHVbyaaDgtiZ8BAvyogikJXgD3XDUPSfNGM7CTwVSYpicx6cLU_frqwvPAn3Y1rDMi7I5L0xSmLbAvpx_rv-51RwPKVupz11r14x7OuV4LwuJXr0svwjG1OZeMrjYskKDF0Vp5I1zSCoWO7TaJv0W6NDHHyAS72UTaUmLQeicYLfZr7F26TtX4MjB5esmix0rwkqxiSRSaY6J_is5LNXKyWvukQobiGVr9wCdRtotOyBQGGU5QcmKiVi5qcO3XC3buVL4bit815QK_ekk1HW-xKhwIV3UPHiFZrU1jr5UKDYM-VkgqLfqUVU-kKTjc7aQvszMewM-kQq8X4Nwa6eCiOb0kRmuiLVPmcrm3UvSShcESY_tx_MUkpAR4nyAjYgslifoaGO3digiFMcAe4toCzWn5RYvqKr3iPSRICW1s5ZRSDdVxO04Z2Ib_5yeCkC_hRM2ZeockWQ&cid=CAASEuRof4syNAhPSMj9TAlPg5L84Q&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:51:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 204E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsHmCLm2o1xAU8KJ7ZMIxv4po4UYeGqtcmKqSrnmUExnZG6MMo6_bldMuDAe1WscAjzYwqTUrniFNJn0NGrMvvcvzMSl_YfDxAkH9UfGaAAQwCrIT10FwO95U5ipvt63ku89w-0mE4RFuiDjk_sVr6ywU9WQ&dbm_d=AKAmf-CVV4esjO2yVhhQWYoC81qX1Kik6Zac10PSe11T-z3fB5NNktKoo-z6jjgbONmpicAkA3423AF0Oo-E6OEZrI3rao7ExLGsmY04JMKx19qE9d-0VSvqZZmdVZV9EMec56TVhm6Iyp7C0_KP7ruduX9-r99w0hI-znP1Za2hRpgzucp4EWKAkCNQLI3vrtwSSs01WcAZKT10CMDDiNp2IYoK2NNh1aahPmMHhusvDb6ggM1wUYk5HTlmtBZxWXOEaP2GzhtKRXRSt6fkHcdd58noajTHH33ST0bM7q0iNaBB3AhXgxI58jNyF8FPIl0iMU80EmRHRsqiZG-x1Bs-pvWrZkqF37oRjbUadfvahw6v1q5FOpbBCi8CSWbvZgTJPehLx0xnLZnK-smCtxoCvw-3zs6CD0_5-xlgDDDvMVxpx1O_V3dbhFT6T5Pk4VKIC1RY-bGi0J2OaVxsQa1LIqomAfCuL10_mr7JJ-mYU0x2QL4WS7vAVMT2d3SeJcSXCSoJsVA2em_ATVkCMxfJQ_hFntihqpTzxDXrzXfWCY4_qw49T6nOEOn4Tv8o3BwoHPPJlIyG7zOVc_31pTEs_wjBoJ4eL0ABLIiiMsdx13E2HimpT3fi6dktbV_rixqzs1wAtD6McLsULaDWgDrKAwIDhai-YtSUKorg4_DzoI69WZS7uXqJEMIkvgr_Ecq_btcerj55JO_TbL0MlWD4TubeSabDaw7OZ6JdZeG_wVZm2zHdukJqonCj1_INTpQE84RkdjWqKpNtC4ECzBhw0kzodRLEgNkbe1GAF-p6NQSBt7CiYtpa4gLD5mWYdf3G8BSP0utbMU76K96M5aGJ4pvuQ0w8TGwEFx8D1eCVZp1TuTx8DXpua3H3O870cCvzFg4dPHIBujTI6mlx_Jew7sa7yAdDKP8xv2uv7zs7VKN75aUfvPC6btFdvL6rYCd6EH9MUHjJ_KLpRnOwlSrLt4JlXpbO7SyKOSEmVOOLpt5UwDpDJECnn47iXCxAqHEdEQ9WWpM5Q9XuyY4rTFeU5ko3Nm0iVrTJgLrfEYUSOZgCdUv5QzHPuyn1Yr2G-v-h2QLigTjOpLuVIH_naeO5wGWE6-yXZcB0biBONc-460-xhFFuHcKNkimoe1FGgZ7JN7gTmM9Pb04BoSOObtFGg5axpXpGA5VV2W4CRy83nR3g0FAYy3uDMPDCFPp61U3tPf2Y8ygxSExD4V9LA67dq5nQcgkbXYFUJ7CgFrCqcmc-zm2aILTQiUrengX-WLGZXjcUnl6Aql45KrY1zwIiKeJ-7AvdhP2ywrxPcaNnhIASk-jHy8zBqDJrxsIE847_kcR1U5qY9qIbJUbbJgmCZAKDE-9rkC5yHiImU0t9HrCgUHKRshLtBDuJBl6iRB0EZtIFi6J4kMqw5izqksNutXNRkbylCXC8CepEwu4jrCIgFmn2q50yEGfftdbgbBaZHgLK1Vhbf9HD4abl4P7v1JuFP78Jy_WkOEX9EJF3ivorTy9dDvAGKodz_9SneFD5hZ6OFnPm7Vd0gJS5K-Nbdy8mDvhdqYwjKhE9CHieJYcS_fPkdVSO4hAnXlUcH70Bo4MddlXB7wsVaFkO6uji9Y_zyOjjknkuKPxL0ReZWpt5DKLmZWwO9rS__lXEBjYrg9kFxj-9TsPxTCH16VWPyHJXhbpXiNNhpguYcMGftfZylpzFNtRCz5igzOtWLwD6VYkKvBF6DySVuduErFbO7tuFMtQF4dTbknu2eTgev6-Y9ZuGedCxISxl0Xvf1W3eHc40jfr1TxhpLn9eI3LcBQzuEkFRuDG1m5izyZUajwvvQ4c1onHZ65gibxY3u5xwFBJVluzpp42Ii7pD5hgtI8V9h3BGfugAzmsZo41JE7-y6Br17sbzruFr4Sp5t1xpQwTIullUCvxUg7ZUg1bnReKV5gYZA6GiKjMOLux70FK6wwUGoHrgp4i04dZiCh3A3RFATEsM_mqzE2fSGFhF6CyVbSPEWBUThNBEIGTGN3ES6hBGDYwP5zP1fYwuIthEyJUSWLPL9LEUvycg7UBTc7UIt8ejjvmT-_R672KIbTk8oOmJbepqRimAM7Fgte6jTjn1hxX1oanBHlMWVNlH4WhIsTlffV0De1wYju-4G0oEKlqGLAqh4qNJuFsiz_DaDTw7CFh6RmwSKpJoT7KLuVnbAHMY8Xyq2VO_fWvbHtYzrlZ8dP1c9smN0xflMywhEkDYO980Zk9rNnxDgGT3PMxkDzlDxyjwsANw3i4wHTnIcwDnqzCcVdkdiBUtqlb2m_jfs6b4jRlZK4WtRrSD1Rm12gDWNzkLKN_Iq710obA5uvMecO4jw7Hv3WljjtsBnUvo0kKTRYzTTSagtbOwAYFJX1IhmoN_QBU3ETCV3X4sGmP05I1TTlSvhFzYh2SFG1Z6IIYq5RmyR7xr4WfOgR_lJGSPFAfJQ5XLouiWw6dr9ckCfzoX2o8_qGFxht5LgWvm5SdBHq666Vae40QHVbyaaDgtiZ8BAvyogikJXgD3XDUPSfNGM7CTwVSYpicx6cLU_frqwvPAn3Y1rDMi7I5L0xSmLbAvpx_rv-51RwPKVupz11r14x7OuV4LwuJXr0svwjG1OZeMrjYskKDF0Vp5I1zSCoWO7TaJv0W6NDHHyAS72UTaUmLQeicYLfZr7F26TtX4MjB5esmix0rwkqxiSRSaY6J_is5LNXKyWvukQobiGVr9wCdRtotOyBQGGU5QcmKiVi5qcO3XC3buVL4bit815QK_ekk1HW-xKhwIV3UPHiFZrU1jr5UKDYM-VkgqLfqUVU-kKTjc7aQvszMewM-kQq8X4Nwa6eCiOb0kRmuiLVPmcrm3UvSShcESY_tx_MUkpAR4nyAjYgslifoaGO3digiFMcAe4toCzWn5RYvqKr3iPSRICW1s5ZRSDdVxO04Z2Ib_5yeCkC_hRM2ZeockWQ&cid=CAASEuRof4syNAhPSMj9TAlPg5L84Q&rfl=1%2Chttps%253A%252F%252Fwww.sanook.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 02:44:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DCE1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:46 GMT
index.html
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/ Frame D997 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
436fb2a07d97b6149d0f8f57dc1a962eda55f409157e3450f075f7157d7816a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1438
date
Mon, 30 Aug 2021 14:36:55 GMT
expires
Tue, 31 Aug 2021 14:36:55 GMT
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
44452
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 598E 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGcrOjSqrA8hGzi1FRFzCfi0mp5ozhHNw5gDqXoKzFiABHa1xiPMr6-z82h6YW7KGX7cOFeLatdN5Upu9cLYRi7pdOFaZM22j6UB1RIvjJkxsdnk4-5Jpdpp_ZzEDbOk8h_9H2sEIgbY4Wti1qO9wacEtv_76GPRAVgKyuz8le5K84zxRtIwvi-Sg--DyhlFQfep-HwXFX9YOopf5tj27vcFMx7DcMKaMqzAbZv4d0k1FR64M0lyjBLsVwKIoIN04n5MsjbZY0OcKufP0awmGQ3GSCXNnSYgqegUdeDNz7XHO1EGDi4y9fUFzAOFd2CihlWjsAGibQ6s-CN3D1B7y8_Y_UgdgOckjvYb8AcYS9A2PB6Yps-ueJtFArIwSjwjr64dKDtherXk39jdf_XlPEf6_3QD7EeawBh5Rt6jYmj3pnBNpltYnyU9oICoTHp7imnt6OfoulZh42iQ92XSA0nEU9dafRTiBqjoIuRZZYLIBkW5RLK1IuKva75dx4c5Po3vzVmHHBuCRjcc4oBYa02VgkezYXyhbbLJz2_qWP-v4WtxpgZc3aURCmbOoTxDWrrqKSqWNHpJ7wWu6M2KPoD2xzNta4mcJSAekOLLxQTLgz3jU1IUHx-z5TADDAFFunHk5gQ__oTRM22uzg0ORrg1ZwSJsIqk1QEtLCLsd63T2VdPSegYeNlVUHIqxsGc4WGwYqKzUH2ZoLoaoEj3xmsE6SReUzDpWVPLj3UFwfrezbi8_94ApA8OrNi7vrGKdhdcXh85Lz_fa-BtacmzF3Tssj-dZU34Ee-OhsMdNQ7CO9tSRfbNS_rXbjLohfARni3M2swKkaZFbp0K3hpzC9YZ1-aUnAnIajUkhsPJvgT6AEYmrK8qLYhIQvP9_oNoUdJkGmtO9nuz7RU71Xbu7Hg2EIs-28zOSNkPZT21dBt2DD5UvmxunIZHvE1oNJMPaWJVgPz3hX2gKseIIpGW2KVJ1oyAYAOmsVdSXOUyEM3ecfmCwB3FyGUYP0CBVb4jbCMRdg5JcQ2WdIveXA8oeoHSgHoOF_YYtbe8yzs1z31lZ7G1UpFYeyZowh534rCltLFQclC6o34-WVbImG967vxmVZIAxQ&sai=AMfl-YTSgyL1kcE-o36ZJ--4kFLEyl8XMqVz_gIQ7KASl81GOM5fHtXxqQs5G9RStUzE860sjnKahBhdggzx5Yolf1FZzxkGBRl9wxjZaTJH-7jtJVLwpKbkeWAZZLqlXd3fp5uaAoLx2WfaGMitWtgbXgqwAfbyVQ&sig=Cg0ArKJSzEPXRb_egXsvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=113&cbvp=1&cstd=110&cisv=r20210826.34129&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 31 Aug 2021 02:57:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/ Frame BBCC 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c28df97cbdf3b633b4cdd09616091087a08ce583709edb1788f0109ce4200f4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1438
date
Mon, 30 Aug 2021 09:49:50 GMT
expires
Tue, 31 Aug 2021 09:49:50 GMT
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
61677
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C101 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufBzd6mVDDpfnRShGb3TEPYsyyA6ffAbZQRdoSYFLSwTDob9wIF78pBgamuNgJV65nb1FeDaJAhZsiSapmlEN9-uGewxyiT0fW_q0gf1Nb7KpJhIWk0HRK6B8GuWXHqbO9oa-QDoEboi0F4a6D2u7YWZlzMBdG6GGFWtdXdkclHKvKIrkoruMTZa4wN5FWAk0B_fT5xZ4K7ZnQusrh07XuzwIzzr-s_L8_msrj74b4Yg7li0-kjKfP5vSH2nCiXKImLS10qU2IQ58nv6CIDDLK71MugXIwST_4SKxQTaw-c7re12CUh4Gz58cEQhYrV8aRw_iSHuZIbrDW8OHCFeqx7RyV-KJNnGQvnkdJ-Qel-v775b5I2aPhlAFfiP8QfiscdtBajH6_tCsqhFuRAVrcvZeZenWWsj1WPnhro2Itf8794cfMwzXToWRMvzB_TmG2DfbOBF3fMUq1e5AF2qrhRRwe6llWDRzvvek6Ih8otB1tnpbzv5DgQjUnUo8-gwounyCw4_7RPI83c4zBTggkyge5vCWVGkIhKL5SJLeTLwZaX5U9HHkRps0Uiam08FLhg4nx1uClmq73iqqbuehP-ztrFAEwfDuYcDmLCREBj0d2IReBo0jSBxK9ya5asGUkOwdj7NfARakNGsZ6k8t1OZF78wig3WP2EJlZYzNoZ-y7GHypX4_KdAWWwDVs2fAyO9FGH3098yqFXYcSalqUoO9YyFAQ3sDkoA3TCV6w5ov7gew5XVFyoCZm6UKnkijSqs4rjOEi0O2uy63SQA6tdIGZNJq_h5ckI8X29IQ3myJT0PQdmrqDTG4LT58s5MWBsNE1rZqJ9yLsgaf0a_Q7w03QnhZyAhRAL_BTnuZknrBrjPu66WbK7YxXu9iZv5UkpNqm06AByhk_RRqDblOqJz-qs8zVoZ8dNrbUwGDO0K5O8C695rimmALx2rGYwp2tQnG0ydCUvL8OFVw28c2umdYOm_FrWSjhTLoFhc8-Qy4caU5z9WC7HK0byqhZdjNEdzrLPjy95lpaVy2vFxib9vSlUcGdecIM9700w4xLOlD0LQH4zMMS6yKSicw8ToqYMxbwHBr9eQh5lCHmGfKf1dbedXJSdhjJKA&sai=AMfl-YRvUZymOZt6EPHpNDxCUVhfn23GWcXBeeA0eyltVg1UJZlUdgIB8s6Ie_t_2wpgQlzGUUz19mpLZ84kVvAhqm8kwKJ5KnlZXlV7LBCdjq3joOITqslPJVCoFs4h4iVQY0oaAzYhPSM2Ohz7rKuwrV_CobD0WQ&sig=Cg0ArKJSzFoTvAjvafjvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=64&cbvp=1&cstd=62&cisv=r20210826.85837&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 31 Aug 2021 02:57:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 598E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 20:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Aug 2022 20:17:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 809C 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 30 Aug 2021 12:12:35 GMT
expires
Tue, 31 Aug 2021 12:12:35 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
53112
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 598E 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
146749d9b86903f6c1fcbfecd5cf7e74ceb111f0d39951b5c90e99cf28d86b7e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/ Frame 8438 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c28df97cbdf3b633b4cdd09616091087a08ce583709edb1788f0109ce4200f4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1438
date
Mon, 30 Aug 2021 08:46:49 GMT
expires
Tue, 31 Aug 2021 08:46:49 GMT
last-modified
Fri, 25 Jun 2021 12:36:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
65458
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 204E 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvMYGZkDK6b2AGpsEAedLl_m463bLUjX12t4U-nwGkcrtc2Ardo7Z27HUaRnDxOnTJ02wQ1FhfFlG2LkX6e3rSAULfMmZrwxuOW0MTOSgWoJECFFpcQ4d4mYIYbnuOHPFeH_jUVP-tTJYInXg49VTU67YeKE0ctKOQlmf1hxIr00XoKZTrOd783Y54usKutSxRmQI3fhfKKnZM8auawNLQfJiQnOxJ3_snGqdOuExw_5Ciug0Mc0DnYEq4IeVQgqd3vPHpd3zVCl5yEK5BWS0ix9jCUWKiB_Rd6UJ7OBPYWxfuZ-Ai0JObzUwc6_Dgh7-FAnXbveH1Gds8DE2SFYGYZLU9kCdHw1aiduITpojW5K0OSiBot0Kuol5R0f0Qc7fi8BEK-zFbIVd8gxADTyIrCTQf9G3XJSloX0VG6osOW8WZdAbwtQMA8ukS4ExRNbUIzmPY16tlwfR4Y4z9hdZUzD5a5IRa5de0Js_z4zx0ZwL2yk_X81_9IEHdjhIAV2n-M8hpPZr5KnZnztTGVXyOLTUeL4RQwj-EFjGtRWP88LnCN0snh7DYHoJPc3AQQENBsNcTzkYq1jxaWV92DZYVO9JjuUUnQ92NbW8xEoMmfaKjPYxR5NmPzOHSGzNPgNYUP-gvR1KVaW98l4ao8rG0KaI8z3GfQ5hbZGykOHCgKpDNFAUIRIYsi3xHapC0NwZ8f1x5RUR3C1BOn10utjwrXtPbs-bjlKdn2Yxcz1xpD5MV28F6tMtObB2tSgir_lhb6Rn3JEP4NA2_c7WZTUUUxKEgwowYgO4hrZYmV1ux1Q8yBnurH5slISeveIrL5rdCw1gLc1Qs1VZljV7Mw05k17ILUPc1XQdEes2yKNKBamM_1zIEYY37FeOr5S8CAtg_QftpwHI9w6FqpVzEpBeK-iiP4f0K1SkVqicSMv6n49mQf0f_xVLgkqLFlfV2Wna1h-JvMMLVjZaDz6eRxgOpYSYVUnC1Suy8_h4Aabp908OOFoQMW04YHj3DqTyy0nBbYPZ35za-tw0Z4vVZZ-Z_QfTGVaAZQHgWxvnf2XZCqnL4uWEDqwvisp6L54D4ADq_eL2KD15jRQYphKQ3WOVvp_rceKWRjCbtCQ&sai=AMfl-YROAbrG3uB3m8EjgdzL9mlWKJDrJbOKZnHfw-EDcknoVw_3LMSNox42a-jMc_Gnf74V6NqwAAAwS_m4IMHy5MUAgZM9eooZoYuIq_pDBCVotmzTrBSwbEKTAapFMJDAy53eF8ijyRv-u3chkzJt5N_9aRbhIg&sig=Cg0ArKJSzH2p2OZ06APmEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cstd=91&cisv=r20210826.23644&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 31 Aug 2021 02:57:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame CB5F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 31 Aug 2021 01:05:20 GMT
expires
Wed, 31 Aug 2022 01:05:20 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6747
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E2A1 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0d98f7c47aa7136f264d8ca69558ac9a99357614f68c99df2c77b67188a51b2c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OA++m2RrUOXRfKqA6Q9tIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 31 Aug 2021 02:57:47 GMT
date
Tue, 31 Aug 2021 02:57:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-OA++m2RrUOXRfKqA6Q9tIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C101 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 20:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Aug 2022 20:17:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B329 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 30 Aug 2021 12:12:35 GMT
expires
Tue, 31 Aug 2021 12:12:35 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
53112
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C101 		205 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70888bd52108ee4384de6a79bcc2395b7a594f1f3733d2ce04d4b6899e1c28fc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 204E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 20:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Aug 2022 20:17:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 88C8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 30 Aug 2021 12:12:35 GMT
expires
Tue, 31 Aug 2021 12:12:35 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
53112
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 204E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87457a622ea97b393a3fc6c5924456324d339fac6853d24c1fba583226f99324

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CE00 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 27 Aug 2021 09:05:30 GMT
expires
Sat, 27 Aug 2022 09:05:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
323537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
style.css
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/ Frame BBCC 		1 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebbf3a903c50ba2ddaf6c9959a5a371485a5eea7f36e4c96168f48b25c1fa9a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 18:00:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
515
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 31 Aug 2021 18:00:06 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/ Frame BBCC 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1984627
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
32828
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1b8f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKvZUNG%2FWmOhDnPUwse993s%2BDDORpRCbkl%2F9cg0EEsZy2oyTtRxtc6yyiGqnrSGj%2BN9wMv6j3dv0mHN2VthqFonfub%2BwH7e4IWUOOCE86vCAa%2FQ54k5ZZ3QelAJLzOl4qgcFhzsrvw06MbQBCv1HABec"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6872fe4e0f154a86-FRA
expires
Sun, 21 Aug 2022 02:57:47 GMT
zepto.min.js
cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/ Frame BBCC 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/zepto.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
608380
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:18:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04043-6233"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rpg%2BNzt2UXetKkMSheNsoOjyOYDHpywDvuHNCaUaq3YbYxYS8HUeyvCWn0zsiBMws1dHBDocwhiUt0Aj%2B5ItyjKOA%2FaRFW0cRBrCoozbgE4OoXlcPgv7TjUrsklfBptj6%2BK%2BUDxr01Q0SHNZVgoKtgtk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6872fe4e0f174a86-FRA
expires
Sun, 21 Aug 2022 02:57:47 GMT
main.js
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/ Frame BBCC 		1 KB
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8222a809127ce20f5200964cdc7f58c4fc9b386f0cb0591df90a4f10ff6e2011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 07:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
523
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 31 Aug 2021 07:26:04 GMT
style.css
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/ Frame D997 		1 KB
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d71a2b99a45d83fe742e77777daf8c55fd4d37ace24dc432e293cde0d3205585
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
516
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 31 Aug 2021 14:36:55 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/ Frame D997 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1984627
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
32828
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1b8f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRivSTYBsE%2FkN4eA4XC4rdDhBMA1VpuHpz2IbAPqo33P1DeJv8N3K9ffhsthoiGbt0viq28oFUNGvhXlj%2FcJegEHGOuv%2FbSZzGrKom7ymsiISz8ipcsB4Hv2YVNLfwLRgZ54I%2B9ajdrUHBaF5jn1FIvg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6872fe4e0f184a86-FRA
expires
Sun, 21 Aug 2022 02:57:47 GMT
zepto.min.js
cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/ Frame D997 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/zepto.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
608380
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:18:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04043-6233"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tYHHJcF7Wye7iGHyYZhlTyQKp10tiovfUpGFJTtLj%2B%2FlnWNPOm99w0jQcdVlZEXvemmmUW5rRZ%2FlNxx6XnQ%2BFqK6prb%2BZsE652HZjlJBjfZSKHpzWv78yQKC%2F6ZVWI%2FMndmGMQGQ0Kky5HJ1tUJUvS3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6872fe4e0f194a86-FRA
expires
Sun, 21 Aug 2022 02:57:47 GMT
main.js
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/ Frame D997 		1 KB
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6517a830207b1c158d471121e399fc3cd7246fabb8ce47390675917b4e17d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
522
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 31 Aug 2021 14:36:55 GMT
style.css
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/ Frame 8438 		1 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebbf3a903c50ba2ddaf6c9959a5a371485a5eea7f36e4c96168f48b25c1fa9a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
515
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:36:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 31 Aug 2021 03:20:53 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/ Frame 8438 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1984627
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
32828
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1b8f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9PrVt0ahMDUzrDjHcycTpwlbyNs5G5SrReoMmJzSZhpdzdftDvrCNsDy6HdUhKhl%2FUh%2BeBcksSjtcEz1p7k5ZaqXfSGd8w%2BuQMT3zhPClZnm5Q5weimAJV3wRIkrMWl5Nwp46vjuF%2FbIfUUXMG%2Bg1ux"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6872fe4e0f1e4a86-FRA
expires
Sun, 21 Aug 2022 02:57:47 GMT
zepto.min.js
cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/ Frame 8438 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/zepto/1.1.6/zepto.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
608380
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:18:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04043-6233"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKoNao7zeElWWbWbhdchfLVr0ym5Bbmn4hwJ4vF1jIrFFdtIPNcqIXfUYPdfLpiSloKAvXtrrDKJxExXL76legsMn6zef6PesNDiY0T2BfqBwoaHzXquqUS1%2BvhrvZphpuAl7sPoRb0FrA4b3TjVuE0a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6872fe4e0f204a86-FRA
expires
Sun, 21 Aug 2022 02:57:47 GMT
main.js
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/ Frame 8438 		1 KB
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8222a809127ce20f5200964cdc7f58c4fc9b386f0cb0591df90a4f10ff6e2011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
523
x-xss-protection
0
last-modified
Fri, 25 Jun 2021 12:36:26 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 31 Aug 2021 03:20:53 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ED2E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 27 Aug 2021 09:05:30 GMT
expires
Sat, 27 Aug 2022 09:05:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
323537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 809C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R3h5WUJ3bW4xTWtUWWE1&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPLTy3Q1JbVWblWe0UXji7LStNCMpNuFD3vnTTx2w0O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R3h5WUJ3bW4xTWtUWWE1&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPLTy3Q1JbVWblWe0UXji7LStNCMpNuFD3vnTTx2w0O_fx0lDYepga7VrLUXQfLXs_q68NiHjqbfehEau6rhH3Lvg4UxzjUw
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:50 GMT
Server
PingMatch/v2.0.30-669-g517f080#rel-ec2-master i-033d4d9b32ba647d7@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=R3h5WUJ3bW4xTWtUWWE1&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPLTy3Q1JbVWblWe0UXji7LStNCMpNuFD3vnTTx2w0O_fx0lDYepga7VrLUXQfLXs_q68NiHjqbfehEau6rhH3Lvg4UxzjUw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 809C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECztDr9Gkk4UJwoIoCMOzC8&google_cver=1&google_push=AYg5qPLqWeXnEXHubZaBH8TsLxa02M6v3iqBIFMs5HQaw02gcY3b7x2peDqxFUur7nBQdPaVMBmK0Vb...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESECztDr9Gkk4UJwoIoCMOzC8&google_cver=1&google_push=AYg5qPLqWeXnEXHubZaBH8TsLxa02M6v3iqBIFMs5HQaw02gcY3b7x2peDqxFUur7nBQd...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=cQbNb3gjQzmns_5hqzLSMGEtmqs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=cQbNb3gjQzmns_5hqzLSMGEtmqs
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=cQbNb3gjQzmns_5hqzLSMGEtmqs
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 809C 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOSyQCm3GSOnKQSUznCVKlw&google_cver=1&google_push=AYg5qPKDlESmN9HC2q80lNWvEi9WphQ1f8XCaEpH1mcaIlBY1DnorPYOJawcleSLAWEzGiBxlw2TKBLllfWXUjQ90LW_3m4OxUFm
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 809C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPdlnz1SUO0YXgfEydVMkK0&google_cver=1&google_push=AYg5qPJSuX3_tKhMeTNFv7xwXimImhBCrkHw530uFlSIcvpScMNbhOPcB9lJP0fCxM2AsRgqcLcdtVuHXzlON2...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc0OTU3ODkwNA%3D%3D&google_push=AYg5qPJSuX3_tKhMeTNFv7xwXimImhBCrkHw530uFlSIcvpScMNbhOPcB9lJP0fCxM2AsRgqcLcdtVuHXzlON2UEbE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc0OTU3ODkwNA%3D%3D&google_push=AYg5qPJSuX3_tKhMeTNFv7xwXimImhBCrkHw530uFlSIcvpScMNbhOPcB9lJP0fCxM2AsRgqcLcdtVuHXzlON2UEbEMTdBhLXBVv
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc0OTU3ODkwNA%3D%3D&google_push=AYg5qPJSuX3_tKhMeTNFv7xwXimImhBCrkHw530uFlSIcvpScMNbhOPcB9lJP0fCxM2AsRgqcLcdtVuHXzlON2UEbEMTdBhLXBVv
Date
Tue, 31 Aug 2021 02:57:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 809C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECq7EKB8qdZHpJtD4ZXvpgI&google_cver=1&google_push=AYg5qPKHzpm-urM_S39I4X6XQTuRRhvhPAt4MWGblK2egDn-39ulFvff2oQbt7ojIua8MmkFlNcJY2-5...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMTg2ODY2ODc0NTY0MTcxOQ&google_push=AYg5qPKHzpm-urM_S39I4X6XQTuRRhvhPAt4MWGblK2egDn-39ulFvff2oQbt7ojIua8MmkFlNcJY2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMTg2ODY2ODc0NTY0MTcxOQ&google_push=AYg5qPKHzpm-urM_S39I4X6XQTuRRhvhPAt4MWGblK2egDn-39ulFvff2oQbt7ojIua8MmkFlNcJY2-5YS4lF2PqKWP3rURpWUYf
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMTg2ODY2ODc0NTY0MTcxOQ&google_push=AYg5qPKHzpm-urM_S39I4X6XQTuRRhvhPAt4MWGblK2egDn-39ulFvff2oQbt7ojIua8MmkFlNcJY2-5YS4lF2PqKWP3rURpWUYf
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 809C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KzbPk1qIj0gp88z5jPXwjrx6m5COJfT5wHgM2PUdx6Mv0ZbBsHfW9wVmo
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
pagead2.googlesyndication.com/bg/ Frame CB5F 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CF80 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGwlPjOEad9igQV16C1553UYy9EhSJaLAWeDnTQt9NisEpjKlBhBMWo94ztjgtX8kbqV3_UebWtwiVAI3ssFpbZG5PL_0oQJRIUK73Wn9FNQv5sh2V&sig=Cg0ArKJSzME1QVOFp5hQEAE&id=lidar2&mcvt=1004&p=344,108,789,238&asp=344,108,789,238&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2209700283&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630378665920&rpt=316&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7F2F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 27 Aug 2021 09:05:30 GMT
expires
Sat, 27 Aug 2022 09:05:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
323537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hero.jpg
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/ Frame D997 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/hero.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baba37d2723b7fe15feac903de74bfedccd6953a304e4a11b518884189ed63ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
server
sffe
age
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73900
x-xss-protection
0
expires
Wed, 01 Sep 2021 02:57:47 GMT
outline_a.png
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/ Frame D997 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/outline_a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4435a4fde8104837018873f1e1f3d34444619e2d7215c11e9ac3fa66c372d55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1534
x-xss-protection
0
expires
Wed, 01 Sep 2021 02:57:47 GMT
outline_b.png
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/ Frame D997 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/outline_b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa67e4211eade7f314c17000572b6b60865098362d87ca5897a11d9b8d01359e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1153
x-xss-protection
0
expires
Wed, 01 Sep 2021 02:57:47 GMT
logo.png
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/ Frame D997 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d547ef0601715a017405bb2dfeb08267e73b4dbac9fcf9c5774dd10c38c1510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:36:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
server
sffe
age
44452
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4761
x-xss-protection
0
expires
Tue, 31 Aug 2021 14:36:55 GMT
copy_f1_a.png
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/ Frame D997 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/copy_f1_a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcd56118cd1afc04b23cc3a7087467d4c53f759f69db816996b5b97f63364296
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:36:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
server
sffe
age
44452
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6061
x-xss-protection
0
expires
Tue, 31 Aug 2021 14:36:55 GMT
copy_f1_b.png
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/ Frame D997 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/copy_f1_b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1c0147936795b9e65ec53f600c4088c7f1ff1c7df80e46c9623b188b6bc73a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:36:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
server
sffe
age
44452
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2460
x-xss-protection
0
expires
Tue, 31 Aug 2021 14:36:55 GMT
cta.png
s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/ Frame D997 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48e320d7c30bc19b24457e150841c53bedb6b51acc3e792ad0f2a31e3951475e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:36:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:42 GMT
server
sffe
age
44452
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3040
x-xss-protection
0
expires
Tue, 31 Aug 2021 14:36:55 GMT
hero.jpg
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/ Frame 8438 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/hero.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98aee6ffed92f43d697845c103d37e575ddfaf8db5db86869ef6abc42c60857f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:47:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:26 GMT
server
sffe
age
43812
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62553
x-xss-protection
0
expires
Tue, 31 Aug 2021 14:47:35 GMT
outline_a.png
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/ Frame 8438 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/outline_a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88ca13a1824d18666d986dceab4109c1049526a881b6d720e5a5e643f62ddb3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:40:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:26 GMT
server
sffe
age
47864
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2923
x-xss-protection
0
expires
Tue, 31 Aug 2021 13:40:03 GMT
outline_b.png
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/ Frame 8438 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/outline_b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2a0913e005539dec873be4241fec4fb354e263c44cc5277be0e6dd6bf98ec86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:20:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:25 GMT
server
sffe
age
85012
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2906
x-xss-protection
0
expires
Tue, 31 Aug 2021 03:20:55 GMT
logo.png
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/ Frame 8438 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4187ccd35c686f7ee17981362e555d34ecc96f835790ffd0d18bc9383f642f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 09:12:51 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:25 GMT
server
sffe
age
63896
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5951
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:12:51 GMT
copy_f1_a.png
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/ Frame 8438 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/copy_f1_a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dd109e5b71823810abf407ad41458584d4066b2d038d1c80f2a40732d068e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 23:05:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:25 GMT
server
sffe
age
13938
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7858
x-xss-protection
0
expires
Tue, 31 Aug 2021 23:05:29 GMT
copy_f1_b.png
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/ Frame 8438 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/copy_f1_b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1249d551ebe5ad030b7220b92d2583d482b6a4cd0ea33a4a0ee8456118ae4990
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:24:59 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:26 GMT
server
sffe
age
48768
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Tue, 31 Aug 2021 13:24:59 GMT
cta.png
s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/ Frame 8438 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d33fc9d897a6cb58f1f0d9cc394e70adbb8a1fa6064fa246d6d913047583330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 16:03:26 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:26 GMT
server
sffe
age
39261
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4036
x-xss-protection
0
expires
Tue, 31 Aug 2021 16:03:26 GMT
hero.jpg
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame BBCC 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/hero.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f256d12de75913a1c9f9d402e145dfde8cdf1d8b219d28c7c2fb82aa189e46e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 08:44:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
65624
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50369
x-xss-protection
0
expires
Tue, 31 Aug 2021 08:44:03 GMT
outline_a.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame BBCC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/outline_a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88ca13a1824d18666d986dceab4109c1049526a881b6d720e5a5e643f62ddb3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 22:39:01 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
15526
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2923
x-xss-protection
0
expires
Tue, 31 Aug 2021 22:39:01 GMT
outline_b.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame BBCC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/outline_b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2a0913e005539dec873be4241fec4fb354e263c44cc5277be0e6dd6bf98ec86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 22:39:01 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
15526
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2906
x-xss-protection
0
expires
Tue, 31 Aug 2021 22:39:01 GMT
logo.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame BBCC 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4187ccd35c686f7ee17981362e555d34ecc96f835790ffd0d18bc9383f642f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 14:47:38 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
43809
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5951
x-xss-protection
0
expires
Tue, 31 Aug 2021 14:47:38 GMT
copy_f1_a.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame BBCC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/copy_f1_a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfa80a0f28b948ff235be2e348a251844306bd8b9e2fc73b563774a997596be8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 15:03:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
42839
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8423
x-xss-protection
0
expires
Tue, 31 Aug 2021 15:03:48 GMT
copy_f1_b.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame BBCC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/copy_f1_b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e2ffd4b4a9a876c813d8482f3d9f5ea545a4b8eaa65bfa4593ebffc27ba10ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 03:40:00 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
83867
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2988
x-xss-protection
0
expires
Tue, 31 Aug 2021 03:40:00 GMT
cta.png
s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/ Frame BBCC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d33fc9d897a6cb58f1f0d9cc394e70adbb8a1fa6064fa246d6d913047583330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 05:52:18 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 12:36:23 GMT
server
sffe
age
75929
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4036
x-xss-protection
0
expires
Tue, 31 Aug 2021 05:52:18 GMT
pixel
cm.g.doubleclick.net/ Frame B329
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPdlnz1SUO0YXgfEydVMkK0&google_cver=1&google_push=AYg5qPIFH5dNapEpOLwjgYsWUbOp1NJML2cmkGfK7i2u5CqKgQPDXyRcQ_V5r2epCvZX5N2ERsvi_P8lslhrfI...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc0OTc3NTUxMg%3D%3D&google_push=AYg5qPIFH5dNapEpOLwjgYsWUbOp1NJML2cmkGfK7i2u5CqKgQPDXyRcQ_V5r2epCvZX5N2ERsvi_P8lslhrfIDMxD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc0OTc3NTUxMg%3D%3D&google_push=AYg5qPIFH5dNapEpOLwjgYsWUbOp1NJML2cmkGfK7i2u5CqKgQPDXyRcQ_V5r2epCvZX5N2ERsvi_P8lslhrfIDMxDmhSGchgV0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc0OTc3NTUxMg%3D%3D&google_push=AYg5qPIFH5dNapEpOLwjgYsWUbOp1NJML2cmkGfK7i2u5CqKgQPDXyRcQ_V5r2epCvZX5N2ERsvi_P8lslhrfIDMxDmhSGchgV0
Date
Tue, 31 Aug 2021 02:57:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame B329
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAgyAa_S0BarNFXOFc-7vCw&google_cver=1&google_push=AYg5qPKCkCOQcLeRiNNDfmzQQMpyOIOYvaQ7YwvxK4c_bIcz42sGDch59QLApys4jB-SmBNg_W2x_6AO7ignOdXp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o1i2eV10TPmvaPRT0QJIkQ2&google_push=AYg5qPKCkCOQcLeRiNNDfmzQQMpyOIOYvaQ7YwvxK4c_bIcz42sGDch59QLApys4jB-SmBNg_W2x_6AO7ignOdXp_b48wbheondd
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o1i2eV10TPmvaPRT0QJIkQ2&google_push=AYg5qPKCkCOQcLeRiNNDfmzQQMpyOIOYvaQ7YwvxK4c_bIcz42sGDch59QLApys4jB-SmBNg_W2x_6AO7ignOdXp_b48wbheondd
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 31 Aug 2021 02:57:47 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=o1i2eV10TPmvaPRT0QJIkQ2&google_push=AYg5qPKCkCOQcLeRiNNDfmzQQMpyOIOYvaQ7YwvxK4c_bIcz42sGDch59QLApys4jB-SmBNg_W2x_6AO7ignOdXp_b48wbheondd
x-host
tde-deliveryengine-production-57bdbcf799-vf6c4
alt-svc
clear
content-length
0
match
um.wbtrk.net/doubleclick/user/ Frame B329 		0
0
pixel
cm.g.doubleclick.net/ Frame B329
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAbO20S_E3sTL5sr7ixQ07k&google_cver=1&google_push=AYg5qPIku98cvJLevtfkMJBYnB5bSQejfGXUa0p-jALct7QhWBVM0AbOHe8fKxixhRM7nf3PT2q5aAKmPcKHS...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAbO20S_E3sTL5sr7ixQ07k&google_push=AYg5qPIku98cvJLevtfkMJBYnB5bSQejfGXUa0p-jALct7QhWBVM0AbOHe8fKxixhRM7nf3PT2q5aAKmPcKHS...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIku98cvJLevtfkMJBYnB5bSQejfGXUa0p-jALct7QhWBVM0AbOHe8fKxixhRM7nf3PT2q5aAKmPcKHSoYTuwum8HudeKI&google_hm=UU5iaVQxY19ERG0xa2hDT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIku98cvJLevtfkMJBYnB5bSQejfGXUa0p-jALct7QhWBVM0AbOHe8fKxixhRM7nf3PT2q5aAKmPcKHSoYTuwum8HudeKI&google_hm=UU5iaVQxY19ERG0xa2hDT1RHQnE=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:51 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIku98cvJLevtfkMJBYnB5bSQejfGXUa0p-jALct7QhWBVM0AbOHe8fKxixhRM7nf3PT2q5aAKmPcKHSoYTuwum8HudeKI&google_hm=UU5iaVQxY19ERG0xa2hDT1RHQnE=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
rtb2-useast.e-volution.ai/ Frame B329 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESELeZb7jQa36SW5BRYtxn-jA&google_cver=1&google_push=AYg5qPL38Y-_HBd1ZeY91ytXAkamiZ89E3MTDbbxf_Ud9xl4kX_ZUz65U84fCs_NMAeISAiox2HWIAW45K4UhYZlmL5H_xx8Gp1ejw
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:47 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame B329
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEMKfFtEGbJsqSM3313u_SPk&google_cver=1&google_push=AYg5qPLh9-EnVwuWh4xbfkEYsUeXmXnjM0yFvFThP-Y3E5wmUAIV1twcPH9MVeq0VATkLStzGbjE3a2whAi4JQucfK3k5vc...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLh9-EnVwuWh4xbfkEYsUeXmXnjM0yFvFThP-Y3E5wmUAIV1twcPH9MVeq0VATkLStzGbjE3a2whAi4JQucfK3k5vcIj0A60w&google_hm=MzE4MDA2N...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLh9-EnVwuWh4xbfkEYsUeXmXnjM0yFvFThP-Y3E5wmUAIV1twcPH9MVeq0VATkLStzGbjE3a2whAi4JQucfK3k5vcIj0A60w&google_hm=MzE4MDA2N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLh9-EnVwuWh4xbfkEYsUeXmXnjM0yFvFThP-Y3E5wmUAIV1twcPH9MVeq0VATkLStzGbjE3a2whAi4JQucfK3k5vcIj0A60w&google_hm=MzE4MDA2NTA0NDE2NDUyNDQzNA==&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLh9-EnVwuWh4xbfkEYsUeXmXnjM0yFvFThP-Y3E5wmUAIV1twcPH9MVeq0VATkLStzGbjE3a2whAi4JQucfK3k5vcIj0A60w&google_hm=MzE4MDA2NTA0NDE2NDUyNDQzNA==&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
436
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame B329 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEI5_Cy6U_o5DQYlA5WzV97E&google_cver=1&google_push=AYg5qPJ3qvpRfoirInQ2WIeujXtQac7WLN1K4-x_b3ic-o1I3NlFoBUy0pVnwTYOzpjtbrXkvz5h7eSqIC0hOTyxwSrt35fYXwgqug
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 01 Sep 2021 02:57:47 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B329 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JluVB0XtfQxmkKv_JOKfAqkJs8a3TkM2tS8NlcmLb91yMaDWsP6B4KBFoBlD1Pr8mKG9C5zwLj
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame 080F 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
48767d38-b0a8-4cb8-99f2-86ee6909cdcb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DCE1 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2758 		0
0
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1630378667.dop129.fr8.t,1630378667.cds268.fr8.hc,1630378667.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
pixel
cm.g.doubleclick.net/ Frame 88C8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REdFeHk5d2QxTWtUWWE1&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPJiUaRfAlV3PGi29ET_Pmaw5KW0lEBGMxxd21cFL_P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REdFeHk5d2QxTWtUWWE1&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPJiUaRfAlV3PGi29ET_Pmaw5KW0lEBGMxxd21cFL_PGM7SPHd35mT78mJ0UgC3wgcJ8VgXiBjQ8QMrp-dm2joQIQfmXmTk
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Server
PingMatch/v2.0.30-669-g517f080#rel-ec2-master i-02ce78e70e67c0493@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REdFeHk5d2QxTWtUWWE1&google_gid=CAESEHrfztu5T4RSC7MNdEYTitc&google_cver=1&google_push=AYg5qPJiUaRfAlV3PGi29ET_Pmaw5KW0lEBGMxxd21cFL_PGM7SPHd35mT78mJ0UgC3wgcJ8VgXiBjQ8QMrp-dm2joQIQfmXmTk
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 88C8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECztDr9Gkk4UJwoIoCMOzC8&google_cver=1&google_push=AYg5qPLdwc2N8H9KOTCG9NDoONE9_ryCnKeJC8S4Cq017sY75g63dOCV1xpDDXudIaHKFGKd4NCFVhQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=cQbNb3gjQzmns_5hqzLSMGEtmqs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=cQbNb3gjQzmns_5hqzLSMGEtmqs
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=cQbNb3gjQzmns_5hqzLSMGEtmqs
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 88C8 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOSyQCm3GSOnKQSUznCVKlw&google_cver=1&google_push=AYg5qPIUWkGX9YgS2ZETf9Zvb_XH2Yez8vtfz6RPnKZGUGN60k7BEtBWe8LT3MGejiYOd39La9plrmnP8qadze-CV7_2JUv9UzA
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 88C8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPdlnz1SUO0YXgfEydVMkK0&google_cver=1&google_push=AYg5qPK5TxH8w7JNd1NY0MV5OeDnuUOyScCeOnNYLT1gKLH_7JKWAmcYHhuc9cTNOgE4jQpf_O9cABZH34B_Og...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc1MDAzNzY1Ng%3D%3D&google_push=AYg5qPK5TxH8w7JNd1NY0MV5OeDnuUOyScCeOnNYLT1gKLH_7JKWAmcYHhuc9cTNOgE4jQpf_O9cABZH34B_OgtIvq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc1MDAzNzY1Ng%3D%3D&google_push=AYg5qPK5TxH8w7JNd1NY0MV5OeDnuUOyScCeOnNYLT1gKLH_7JKWAmcYHhuc9cTNOgE4jQpf_O9cABZH34B_OgtIvqZb0nkSq80
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAwMjQyMzA2Nzc1MDAzNzY1Ng%3D%3D&google_push=AYg5qPK5TxH8w7JNd1NY0MV5OeDnuUOyScCeOnNYLT1gKLH_7JKWAmcYHhuc9cTNOgE4jQpf_O9cABZH34B_OgtIvqZb0nkSq80
Date
Tue, 31 Aug 2021 02:57:50 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 88C8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECq7EKB8qdZHpJtD4ZXvpgI&google_cver=1&google_push=AYg5qPKz6JyfYJ0XW_7KdemE9S7FxS3BfMp9gp2Qtr0i9mh0JPrqUUatC0GzCYVSIyceKEK3h4h9qhRi...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMTg2ODY2ODc0NTY0MTcxOQ&google_push=AYg5qPKz6JyfYJ0XW_7KdemE9S7FxS3BfMp9gp2Qtr0i9mh0JPrqUUatC0GzCYVSIyceKEK3h4h9qh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMTg2ODY2ODc0NTY0MTcxOQ&google_push=AYg5qPKz6JyfYJ0XW_7KdemE9S7FxS3BfMp9gp2Qtr0i9mh0JPrqUUatC0GzCYVSIyceKEK3h4h9qhRiPECxA1Nvl_EUQVxVlA
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkzMTg2ODY2ODc0NTY0MTcxOQ&google_push=AYg5qPKz6JyfYJ0XW_7KdemE9S7FxS3BfMp9gp2Qtr0i9mh0JPrqUUatC0GzCYVSIyceKEK3h4h9qhRiPECxA1Nvl_EUQVxVlA
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 88C8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JAcEmxlHMLvR6wixAfwWyonNAxCito1OkWKtjVrVhUjZS9CSIlHPf7CX0
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
pagead2.googlesyndication.com/bg/ Frame CE00 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 21:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
21288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13187
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 21:02:59 GMT
6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
pagead2.googlesyndication.com/bg/ Frame ED2E 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 21:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
21288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13187
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 21:02:59 GMT
6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
pagead2.googlesyndication.com/bg/ Frame 7F2F 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 21:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
21288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13187
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 21:02:59 GMT
async_usersync
ib.adnxs.com/ Frame E8F9 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
49bc019c-9389-4735-b8a1-539a2c7fa996
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C101 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufBzd6mVDDpfnRShGb3TEPYsyyA6ffAbZQRdoSYFLSwTDob9wIF78pBgamuNgJV65nb1FeDaJAhZsiSapmlEN9-uGewxyiT0fW_q0gf1Nb7KpJhIWk0HRK6B8GuWXHqbO9oa-QDoEboi0F4a6D2u7YWZlzMBdG6GGFWtdXdkclHKvKIrkoruMTZa4wN5FWAk0B_fT5xZ4K7ZnQusrh07XuzwIzzr-s_L8_msrj74b4Yg7li0-kjKfP5vSH2nCiXKImLS10qU2IQ58nv6CIDDLK71MugXIwST_4SKxQTaw-c7re12CUh4Gz58cEQhYrV8aRw_iSHuZIbrDW8OHCFeqx7RyV-KJNnGQvnkdJ-Qel-v775b5I2aPhlAFfiP8QfiscdtBajH6_tCsqhFuRAVrcvZeZenWWsj1WPnhro2Itf8794cfMwzXToWRMvzB_TmG2DfbOBF3fMUq1e5AF2qrhRRwe6llWDRzvvek6Ih8otB1tnpbzv5DgQjUnUo8-gwounyCw4_7RPI83c4zBTggkyge5vCWVGkIhKL5SJLeTLwZaX5U9HHkRps0Uiam08FLhg4nx1uClmq73iqqbuehP-ztrFAEwfDuYcDmLCREBj0d2IReBo0jSBxK9ya5asGUkOwdj7NfARakNGsZ6k8t1OZF78wig3WP2EJlZYzNoZ-y7GHypX4_KdAWWwDVs2fAyO9FGH3098yqFXYcSalqUoO9YyFAQ3sDkoA3TCV6w5ov7gew5XVFyoCZm6UKnkijSqs4rjOEi0O2uy63SQA6tdIGZNJq_h5ckI8X29IQ3myJT0PQdmrqDTG4LT58s5MWBsNE1rZqJ9yLsgaf0a_Q7w03QnhZyAhRAL_BTnuZknrBrjPu66WbK7YxXu9iZv5UkpNqm06AByhk_RRqDblOqJz-qs8zVoZ8dNrbUwGDO0K5O8C695rimmALx2rGYwp2tQnG0ydCUvL8OFVw28c2umdYOm_FrWSjhTLoFhc8-Qy4caU5z9WC7HK0byqhZdjNEdzrLPjy95lpaVy2vFxib9vSlUcGdecIM9700w4xLOlD0LQH4zMMS6yKSicw8ToqYMxbwHBr9eQh5lCHmGfKf1dbedXJSdhjJKA&sai=AMfl-YRvUZymOZt6EPHpNDxCUVhfn23GWcXBeeA0eyltVg1UJZlUdgIB8s6Ie_t_2wpgQlzGUUz19mpLZ84kVvAhqm8kwKJ5KnlZXlV7LBCdjq3joOITqslPJVCoFs4h4iVQY0oaAzYhPSM2Ohz7rKuwrV_CobD0WQ&sig=Cg0ArKJSzFoTvAjvafjvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=762&vt=11&dtpt=698&dett=3&cstd=62&cisv=r20210826.85837&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 204E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvMYGZkDK6b2AGpsEAedLl_m463bLUjX12t4U-nwGkcrtc2Ardo7Z27HUaRnDxOnTJ02wQ1FhfFlG2LkX6e3rSAULfMmZrwxuOW0MTOSgWoJECFFpcQ4d4mYIYbnuOHPFeH_jUVP-tTJYInXg49VTU67YeKE0ctKOQlmf1hxIr00XoKZTrOd783Y54usKutSxRmQI3fhfKKnZM8auawNLQfJiQnOxJ3_snGqdOuExw_5Ciug0Mc0DnYEq4IeVQgqd3vPHpd3zVCl5yEK5BWS0ix9jCUWKiB_Rd6UJ7OBPYWxfuZ-Ai0JObzUwc6_Dgh7-FAnXbveH1Gds8DE2SFYGYZLU9kCdHw1aiduITpojW5K0OSiBot0Kuol5R0f0Qc7fi8BEK-zFbIVd8gxADTyIrCTQf9G3XJSloX0VG6osOW8WZdAbwtQMA8ukS4ExRNbUIzmPY16tlwfR4Y4z9hdZUzD5a5IRa5de0Js_z4zx0ZwL2yk_X81_9IEHdjhIAV2n-M8hpPZr5KnZnztTGVXyOLTUeL4RQwj-EFjGtRWP88LnCN0snh7DYHoJPc3AQQENBsNcTzkYq1jxaWV92DZYVO9JjuUUnQ92NbW8xEoMmfaKjPYxR5NmPzOHSGzNPgNYUP-gvR1KVaW98l4ao8rG0KaI8z3GfQ5hbZGykOHCgKpDNFAUIRIYsi3xHapC0NwZ8f1x5RUR3C1BOn10utjwrXtPbs-bjlKdn2Yxcz1xpD5MV28F6tMtObB2tSgir_lhb6Rn3JEP4NA2_c7WZTUUUxKEgwowYgO4hrZYmV1ux1Q8yBnurH5slISeveIrL5rdCw1gLc1Qs1VZljV7Mw05k17ILUPc1XQdEes2yKNKBamM_1zIEYY37FeOr5S8CAtg_QftpwHI9w6FqpVzEpBeK-iiP4f0K1SkVqicSMv6n49mQf0f_xVLgkqLFlfV2Wna1h-JvMMLVjZaDz6eRxgOpYSYVUnC1Suy8_h4Aabp908OOFoQMW04YHj3DqTyy0nBbYPZ35za-tw0Z4vVZZ-Z_QfTGVaAZQHgWxvnf2XZCqnL4uWEDqwvisp6L54D4ADq_eL2KD15jRQYphKQ3WOVvp_rceKWRjCbtCQ&sai=AMfl-YROAbrG3uB3m8EjgdzL9mlWKJDrJbOKZnHfw-EDcknoVw_3LMSNox42a-jMc_Gnf74V6NqwAAAwS_m4IMHy5MUAgZM9eooZoYuIq_pDBCVotmzTrBSwbEKTAapFMJDAy53eF8ijyRv-u3chkzJt5N_9aRbhIg&sig=Cg0ArKJSzH2p2OZ06APmEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=733&vt=11&dtpt=640&dett=3&cstd=91&cisv=r20210826.23644&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 598E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGcrOjSqrA8hGzi1FRFzCfi0mp5ozhHNw5gDqXoKzFiABHa1xiPMr6-z82h6YW7KGX7cOFeLatdN5Upu9cLYRi7pdOFaZM22j6UB1RIvjJkxsdnk4-5Jpdpp_ZzEDbOk8h_9H2sEIgbY4Wti1qO9wacEtv_76GPRAVgKyuz8le5K84zxRtIwvi-Sg--DyhlFQfep-HwXFX9YOopf5tj27vcFMx7DcMKaMqzAbZv4d0k1FR64M0lyjBLsVwKIoIN04n5MsjbZY0OcKufP0awmGQ3GSCXNnSYgqegUdeDNz7XHO1EGDi4y9fUFzAOFd2CihlWjsAGibQ6s-CN3D1B7y8_Y_UgdgOckjvYb8AcYS9A2PB6Yps-ueJtFArIwSjwjr64dKDtherXk39jdf_XlPEf6_3QD7EeawBh5Rt6jYmj3pnBNpltYnyU9oICoTHp7imnt6OfoulZh42iQ92XSA0nEU9dafRTiBqjoIuRZZYLIBkW5RLK1IuKva75dx4c5Po3vzVmHHBuCRjcc4oBYa02VgkezYXyhbbLJz2_qWP-v4WtxpgZc3aURCmbOoTxDWrrqKSqWNHpJ7wWu6M2KPoD2xzNta4mcJSAekOLLxQTLgz3jU1IUHx-z5TADDAFFunHk5gQ__oTRM22uzg0ORrg1ZwSJsIqk1QEtLCLsd63T2VdPSegYeNlVUHIqxsGc4WGwYqKzUH2ZoLoaoEj3xmsE6SReUzDpWVPLj3UFwfrezbi8_94ApA8OrNi7vrGKdhdcXh85Lz_fa-BtacmzF3Tssj-dZU34Ee-OhsMdNQ7CO9tSRfbNS_rXbjLohfARni3M2swKkaZFbp0K3hpzC9YZ1-aUnAnIajUkhsPJvgT6AEYmrK8qLYhIQvP9_oNoUdJkGmtO9nuz7RU71Xbu7Hg2EIs-28zOSNkPZT21dBt2DD5UvmxunIZHvE1oNJMPaWJVgPz3hX2gKseIIpGW2KVJ1oyAYAOmsVdSXOUyEM3ecfmCwB3FyGUYP0CBVb4jbCMRdg5JcQ2WdIveXA8oeoHSgHoOF_YYtbe8yzs1z31lZ7G1UpFYeyZowh534rCltLFQclC6o34-WVbImG967vxmVZIAxQ&sai=AMfl-YTSgyL1kcE-o36ZJ--4kFLEyl8XMqVz_gIQ7KASl81GOM5fHtXxqQs5G9RStUzE860sjnKahBhdggzx5Yolf1FZzxkGBRl9wxjZaTJH-7jtJVLwpKbkeWAZZLqlXd3fp5uaAoLx2WfaGMitWtgbXgqwAfbyVQ&sig=Cg0ArKJSzEPXRb_egXsvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=825&vt=11&dtpt=712&dett=3&cstd=110&cisv=r20210826.34129&adurl=
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wl
t.pubmatic.com/ 		17 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:51 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=155976
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.sanook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
query
global.cloud.netacuity.com/webservice/ 		565 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.175.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-175-116.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
7abed7595ebbe4b9e6ed39844913ad19b128ec63452e36f55c51ef027d829bb4

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 31 Aug 2021 02:57:48 GMT
content-encoding
gzip
server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length
257
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE00 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3vGOqpotYZLjL7HI7_UP8Oa0uA0AAAAAOAHgBAI&bg=!tLelt_PNAAZOkH6FTpA7ACkAdvg8WknHUPt4sHnT3tifRAHZSqhJOmDKh9iTKqgtjkCy0fDV2nvs1gIAAAEkUgAAADpoAQcKAGZAWsyBqSC_RHC29S7egZSMO8q8OP6CdpUQnalJLMvp-xpyAK4yJPcsb0YrRkBV1C2GZs8Tjbz4Xab7Mc-UKSLijYKTHcO4v_QKZmXmIylQbjyhwD23fj0fuaXbxEr2TR705UkaZqCZAsBlFNicjEjYelzW3cHHDrSpOvLmH7_rv7VMnvHgClwgAh6T8j9FWsEBfIqm226yInAOtZGBb9e06kiFKN2AcMXr3s9PJhbbRCHTzqP6xmBtt_FvIxDbqiazNPzp9QWC628hBYZQDhbGfd4pXBS0n2txeMxpFc3detQ3GEjHVhmJxKiG6-e7pFBcUdJMP7LFSHirBpMkdudnp8DcVx8wzy4KMq5Xxda6M50P4LI5jIbNe7rTtCgxZ3djc1XJjTcv0FGAy3PkyDVL01zEPsxwrsYVNn_k3Z5PFsLnv06UjqWLiKTvpA6MOGQ0P8tu8fjIGrXxwvdVPHUeHU2jcFjs7aoXvtroEOFlE3S_jjUhQsXT-CpqizKk2nyXTz9xElRVC48DymbOyYw4FVc2kLziuAfd2wG5157gwjluTKFEC6-4R6Jic4lE2zv-o37C2yCBYKyWcqR3xtvUvP3dSnn5FM3JAUg7UNxenpU9HBPnjZxSicZK--fG8Px7vXQZew68w-kFmc9Fl0WM8IK6oWBuyOb9BaVzjvEj9AQgCE0kT53rff-Ct1uB73pW4G2syxryJ_OXJ-4ChBiSbY7q-SOluVEl285xS08MthbBNc_n_IwozMUvV8iiBeqIc-GHwskf0PaIiUhpfuGtS93Dd8z5MnNcveEBlrUb5Ds7tCeE15duEcdZBOQGpbxvWAdTSwhDaOBtAR7wqdcBNWlZPWwkQWLM8EKI7o2JEn03y08s53acykpWj7-oooZoNeZtWUg0YK-3bLC9tJ_SQG3YFlgh0J30E4o207u_bxWAoI98ihDmdmT5XW4sd-q_3Iig5D1qeuwGPCKqqQbosmnDjsFNOibyJw9cjFAM7cuvb9fvF14Hek7okdj55LrBDuPpUItoQ70g-OxQ3yX6qBUqYTLi6SKs018KIb55GDpTcZMBQrsI_g
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 598E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPcjA7e9G5OSsGkr2W-cw7G1Wy1tNd5oyu0Quy00EwwZVcSFsn9zzPjveYta25MhZwfnZAoIufrUA2-FqmuIrBjCmDzkxAfnp76cHEB3Hmae7uvUCYng1mQWM&sai=AMfl-YQrRI2YBc-cWpY2zVc960vxvisYo_QPi5wtpm3QRLUSeOeZ56WFf0DqsuBp_5za3ahPULl2u1jgtsSXPhL3mrgJJzZUr1SDe_JSBjcu8McLcbCvk-vsmbL_FyaC&sig=Cg0ArKJSzIaYImddps0NEAE&cid=CAASEuRo5UlGrQq2jzjXImu1ihLzfg&id=lidar2&mcvt=1005&p=75,315,325,1285&asp=75,315,325,1285&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=397997913&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630378666662&rpt=382&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED2E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7bz4qpotYdmFMZiD3wOAqY-wBAAAAAA4AeAEAg&bg=!3d6l3prNAAZOkH6FTpA7ACkAdvg8WrPK63exvPn0_25mLVuVDOx6hYI5rsfIhcZTGPEVsNgurZ0BSwIAAAFOUgAAAA9oAQeZAtbZhEmIJMaXIZ-S7WYWfflgBwd3hyULemdkYwATw2P8o8y3li-7tRH80y8TBY37Tne_rUMvHJ0qUkQh00gOyV1ZcMxvvywsSg1AQt0J_gMIv0y9BCDvlDkn7QJ_0bKPJrinEv3ID8XeGeVZOKU08MMai6_9dQWIhQVhSjnmddPBTwbxPryrTt1D2Aofgd2UXUpGoCSo-MrrWE84GBOBPoSr1sXQQ_T_5qLWuTS8VzbhBQUhOL6EzLwNJldu_wwBjtRocgh5g1C7rYT_zjGLN4NBu1AcWys1HBOAsWvk2CpFwZVP60-Fpq8loYT7mjE_NXcJqDzdvXdYvCRqO278JuwI5_CMmJ5ofygy86WI6cl2qs0GUR9eV1ptRYhn-uFxnWlXwiJtqrCCu0jtXr2wQOJAwiMiZov53d5tdg3WN917ky5OmDiwBZPTwKYU0euvfRvg2axCjuWkuInMbIQYPQLL3ZauaxyvoPaku1pl8bQu5rpvXTFBNe9y0yagfkrJG3KZw8IS35pmo9NN8shfLDwFn6_AoXpmALPIw4_GikPO5z3Hun9rcV4MIHprW-vj4R67Kkfhx5FdX3eKDx2bqD6RyiVCu90ld0yCB91gZEaianLyU-ycYCyLEuhgBp5g1t15CMNRaAeWAr--biGVfQc4FUaaBNCu40eKbJvIzK95WM25hy61uCtccdamKoiUX7a5KNVtXb6C5g3ED-f3NS83hO1Rs3qVKzq3W9GolTx378n1Mb10PrC9eOCrhFVzebjFZV3hkolmfTRI2HKEsN5bfRgkQLvnz4eKnmE3-QcEh0AWkwI1-YYBNt4Hp5trBEraxd4JD5KKHZyE0lWkyMCX0FfR06wu9FrYQDhES8cE9BoOUM-qdXBK3z24RmpynnVdh0HdIvbdDA25ZF_Q0AwuSbBSC05ydSMeqfxm1J_mg3DUi3X85Rh11ayarCiwtrI9vhzCHJI
Requested by
Host: 6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
URL: https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F2F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYs4nqpotYeyEMtWtrATUqIuIBgAAAAA4AeAEAg&bg=!SkmlSQ3NAAZOkH6FTpA7ACkAdvg8WpWDi0N_-BfVu8qVFP7-D7B3QbzU2L1SmOWwvcnquuSDWWDcZAIAAAEaUgAAABBoAQcKAG7VHZmjaAQZaN6yGNn6vYXYPekVfNL8rfruze9DWHPSjf6HTz9Do9PYVPsYhYWEurDSRM4xgpHVSKZa0EAQcEv1H7agRmFpZzNZ2lQ3eHHCMN4jGVSiVoTIc-qa-kJxDrcB8H4BabhqEBx0K87jFZkCyM9pLKWx-d2z8k3gfzU6oGZ1be0TWHLVe-qyN6PPFwTlk3hY_oGMbMydWmPSkToy7zN1AkFTosEIFBQfmj2t-fXXf3vCcsfmGPNzM7CD9sb1nvcdlCU6SkmNsvQo-I7x89Le-NHISTyGoaOxon99wBm8mg8GX87-WC9W1nIG5TOuM0q4OJkp1qdiIgcISl5bsGF5miZGrWJG7gs1yRE02OW88vxsUzSr0F4-gUQBt7iLiFbIuqMv4Izi16u6q6XnCaKQp7HfQZ2iOZDGur5gzchScKjtcz_Az8pATvdmXqfnLkUegLbB6Yi8Jp4bSd4dt94Ge6qvyqwcJ8Psc5R8GVVEd8y2yK3Tn-H9Rnke7A3UfWowaOHXe-SdGV8LYrcAYmrPbVS8INEQLzH_8D_x2uS6R7GqWieV2uoxrOUipAQ90YmVWBaMnV_9mu9rntpf_FVaec7fed4-yJgNBuG5Vb7n6Lg78E3S7Jfriuu_teiRnu9WDLsM0vTuN6yXA2vQ1gfgLKCnfhAX8yfSh0F_hEVEu3rK1DFHzIyLI0C1TwvflqZDxo0qdOUYJKVT1hxqBSTvGfu1POPk1WOTrfQXqAC1opGeHtrBx1Og0_ONdEDvV5O83u2OToiyAzmH7cdSYB_TSDe8ES__e1Mxpi93hG-jE3Ek3s2PLhZeRaP-Gq4Y2kHG-GKMqc_GkKr-abYNTsisa8i_R9tYttANQq4zIvv6gPvnlZXSXafBORUP7XPTmnr6r0sfrrJ_4pb8IBO08wwEI_Gg9n2-g0PNLTsrsxdmmf-fbJ6cThopH1UisMgIWlVZMl9F8sLAvxWNVgGmWanEkOVWhC5V-1EnpwmfV6MuFwvSingS6u--P5dd0xBGWjiaHJxNtLa_W3z1qrtRO5dxpqZeWHDhMXFFLrtIYh0GN467JyP2AQzkvqzFvHP7Yv0j02omKP8
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Jul 2021 15:29:14 GMT
server
nginx
age
449
etag
W/"91f36cb612bb5287d05f3c7044927cbe"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=3600
timing-allow-origin
*
alt-svc
clear
content-length
3532
activeview
pagead2.googlesyndication.com/pcs/ Frame C101 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWe89DOBfdofN4wiIkacEfE8dHpTYVI7avOQnFySWQtNwjbajjj-QJC-QWLGs1sgzedkREcCOFAkA9CcdFqo9XSNLa8CY-uVdcXDbpSFCvawMaX0LT5Hw47QQ&sai=AMfl-YTnoR3JS4C4dmdz-Wwdnb_48b9feMEOYLbGRIxVXg9U8NiVucx_3wxC6D1U6SIDwBu_n8AQzo5qkgeS5pSfnfK9adJOb_vUjEgZehuayQ8mzcrQ7yftundlGtQ&sig=Cg0ArKJSzFaS-ES2-A2IEAE&cid=CAASEuRoF5jDCfzhcMF64rUdzwvv-Q&id=lidar2&mcvt=1000&p=924,1045,1174,1345&asp=924,1045,1174,1345&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2300844004&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630378666690&rpt=471&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A227 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthoKDDA8lzrwU9_wMlqQQ5eS0akxK8yAcfjbNi_Vm_13MxOBsdD8fsgRg9EOhtoPGUjcitCMj4P_1TuCLIgaWOGncUlah4bMjbOTPDaBATpPBSAheTwyfL1-DL736aMpedYORWePidrUvuYsg5_rEtDGuaXlBQSwXpsU7eB1J8OF3LvejrIT2NrpcBkQgzoN1XeiuHVg4oBEKwXWk2Jutdv92qy-MfaIg94CAZFKdjE6c_WbbCFk0FscZiCZfupTailZencArYFu0W24wvqmXQBU2ukxhOGQ-OiClHDXAz1bwFf71UA8cJsj4QaKHcEfOn0T3ERmZDFwwnKwFpM0vi4pA&sig=Cg0ArKJSzBwnRgvJ51rBEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 31 Aug 2021 02:57:48 GMT
crum
dsum-sec.casalemedia.com/ Frame 93E3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2aqZW4.eyrdVARZEnt.gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 93E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 93E3
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B409Y1BVPW53SXTCG9BP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WMQN73SV8A08C0YNTS3X
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 93E3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bridge
cm.adgrx.com/ Frame 93E3 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:51 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 93E3
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=91A54A2B89424F30981705A958B2AEE8
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=91A54A2B89424F30981705A958B2AEE8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:51 GMT

Redirect headers

date
Tue, 31 Aug 2021 02:57:51 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=91A54A2B89424F30981705A958B2AEE8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 30 Aug 2021 02:57:51 GMT
demconf.jpg
dpm.demdex.net/ Frame 93E3
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YS2aqZW4.eyrdVARZEnt.gAA%261175?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YS2aqZW4.eyrdVARZEnt.gAA%261175
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YS2aqZW4.eyrdVARZEnt.gAA%261175
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-219-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v015-06e2d9998.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
O9F0SAf+S5M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v015-07e475314.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
HTCoOiFaTWc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YS2aqZW4.eyrdVARZEnt.gAA%261175
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 93E3 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS2aqZW4.eyrdVARZEnt.gAA%261175
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:49 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1099
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 03:16:08 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 9E5C
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.75.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-75-25.compute-1.amazonaws.com
Software
/
Resource Hash
15965cd01af1305315401fe00980e1e2a44c19f3321b3107880fb18a92585821

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum-sec.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=3a6fbe05-a393-4c8e-a3e1-921670ee9ef5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Tue, 31 Aug 2021 02:57:48 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Tue, 31 Aug 2021 02:57:48 GMT
pragma
no-cache

Redirect headers

date
Tue, 31 Aug 2021 02:57:48 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=3a6fbe05-a393-4c8e-a3e1-921670ee9ef5; Path=/; Domain=eqads.com; Expires=Wed, 01 Dec 2021 02:57:48 GMT; Secure; SameSite=None
crum
dsum-sec.casalemedia.com/ Frame CEC5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2aqZW4.eyrdVARZEnt.gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame CEC5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5Y705FW6X8SDP2NMFDC8
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
S30ZYZEP477Z0C029BEH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CEC5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame CEC5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cookiesync
bttrack.com/pixel/ Frame CEC5 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:19 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame CEC5
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5fb2c16d-6c85-485c-a083-95d397741119
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5fb2c16d-6c85-485c-a083-95d397741119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:50 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5fb2c16d-6c85-485c-a083-95d397741119
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum.casalemedia.com/ Frame CEC5
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630465068
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630465068
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:49 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630465068
pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame CEC5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:51 GMT

Redirect headers

Date
Tue, 31 Aug 2021 02:57:51 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:57:50 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame CEC5 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS2aqZW4.eyrdVARZEnt.gAA%261175
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:49 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1099
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 03:16:08 GMT
casale
match.adsrvr.org/track/cmf/ Frame 80DF 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 80DF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS2aqZW4.eyrdVARZEnt.gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYPuU4hIFTRrsz_Vu2o-u0&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 80DF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PPVBEX79VJ8S72X2GZN5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MJBFGAS4V70JZEQS4S34
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 80DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS2aqZW4-eyrdVARZEnt-gAABJcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEtl6dzEFqqzlzBkBMuGIxg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 80DF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=yNKIHfZX1MkTYa5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=yNKIHfZX1MkTYa5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:50 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:50 GMT
Server
PingMatch/v2.0.30-669-g517f080#rel-ec2-master i-0670be21af8977517@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=yNKIHfZX1MkTYa5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 80DF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2587956745768064457
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2587956745768064457
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:49 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2587956745768064457
pragma
no-cache
date
Tue, 31 Aug 2021 02:57:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 80DF
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7b9c9670-6125-4a7a-adb7-66f9c64b1623
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7b9c9670-6125-4a7a-adb7-66f9c64b1623
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:52 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7b9c9670-6125-4a7a-adb7-66f9c64b1623
date
Tue, 31 Aug 2021 02:57:52 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 80DF
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=35ec8677-3483-4bcc-83f7-5a4a7bc52d5a&expiration=1661914669
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=35ec8677-3483-4bcc-83f7-5a4a7bc52d5a&expiration=1661914669
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:49 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=35ec8677-3483-4bcc-83f7-5a4a7bc52d5a&expiration=1661914669
date
Tue, 31 Aug 2021 02:57:49 GMT
server
Kestrel
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 80DF 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS2aqZW4.eyrdVARZEnt.gAA%261175
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sanook.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 02:57:49 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1099
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 03:16:08 GMT
crum
dsum-sec.casalemedia.com/ Frame 9E5C 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3a6fbe05-a393-4c8e-a3e1-921670ee9ef5&expiration=1638327468
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 02:57:49 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 02:57:49 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4C72 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
tap.php
pixel.rubiconproject.com/ Frame 4C72
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Date
Tue, 31 Aug 2021 02:57:51 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5b68612d-9aaa-4500-9129-a1c53cf1e0b0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 02:57:50 GMT
pixel
cm.g.doubleclick.net/ Frame 4C72
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaSEQ0TkstVC04SzhT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaSEQ0TkstVC04SzhT
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaSEQ0TkstVC04SzhT
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4C72
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zA0Uj8XYtaxqwVI_CFuwWw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2283188919631550807
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2283188919631550807
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

date
Tue, 31 Aug 2021 02:57:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2283188919631550807
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C72
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTYzOTk0MWVhZmI3M2M1OGQzZGNkNzQyMzkzZDU1MDA5OGJlMWY5OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTYzOTk0MWVhZmI3M2M1OGQzZGNkNzQyMzkzZDU1MDA5OGJlMWY5OQ
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTYzOTk0MWVhZmI3M2M1OGQzZGNkNzQyMzkzZDU1MDA5OGJlMWY5OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 4C72
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZHD4NK-T-8K8S&sigv=1&esig=2~e85bf5e2ea0aa3acd09eaa2b5c4db80fbec56e0b
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZHD4NK-T-8K8S&sigv=1&esig=2~e85bf5e2ea0aa3acd09eaa2b5c4db80fbec56e0b
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:49 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSZHD4NK-T-8K8S&sigv=1&esig=2~e85bf5e2ea0aa3acd09eaa2b5c4db80fbec56e0b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 4C72 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:50 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 4C72
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YS2aqgAET9oobQA4
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YS2aqgAET9oobQA4
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1630378671.961663,VS0,VE0
x-served-by
cache-fra19153-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YS2aqgAET9oobQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame 4C72 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"a1a545c95f313a230157b47dca555c25"
x-amz-request-id
DM30SWKKVC6S9RTW
x-cache
HIT
content-length
9086
x-amz-id-2
PB2dZdkBAg3MOl6rQOIJs4rDAwkQxHHgoudypaqkid0YQ+oThDmxYru0sr4ENZXjvzCv3wU/M1w=
x-served-by
cache-fra19171-FRA
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1630378675.633546,VS0,VE0
date
Tue, 31 Aug 2021 02:57:54 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17
syncframe
gum.criteo.com/ Frame 6003 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.sanook.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.sanook.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1874
set-cookie
uid=600e7e6e-4436-4d04-ae1d-1240af85c547; expires=Sun, 25 Sep 2022 02:57:53 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Tue, 31 Aug 2021 02:57:54 GMT
content-length
4666
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
789d1330ad94e742ece74db2e248347186ff8db4d57571c14149c636b53f6580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 02:57:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8515
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:57:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 31 Aug 2021 02:57:54 GMT
8f062114d3
bam.nr-data.net/1/ 		57 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f062114d3?a=50891400&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=14315&ref=https://www.sanook.com/&be=3626&fe=14251&dc=3764&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1630378660388,%22n%22:0,%22f%22:1842,%22dn%22:1843,%22dne%22:1843,%22c%22:1843,%22s%22:2042,%22ce%22:2513,%22rq%22:2513,%22rp%22:2712,%22rpe%22:3110,%22dl%22:2715,%22di%22:3764,%22ds%22:3764,%22de%22:3764,%22dc%22:14250,%22l%22:14250,%22le%22:14255%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=iso-8859-1
sid
mug.criteo.com/ Frame 6003
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=sanook.com&sn=ChromeSyncframe&so=0&topUrl=www.sanook.com&cw=1
  • https://mug.criteo.com/sid?cpp=h7eo93xIaXZ6Ui8xd0p0MGY5cTV2MzIwTFp5Nk82U29SU3c0SHZGZm9UMGhyYjRKTG95eG5BaGtyL2VsaklCRTJiNmk5Z2VydXdjRVl6dWJOZndQV0RZdjdCVk8wZHhSRWh5OEt3d3FUV0x2bXVNVkpHdHNhVU9LSkoxRW...
419 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=h7eo93xIaXZ6Ui8xd0p0MGY5cTV2MzIwTFp5Nk82U29SU3c0SHZGZm9UMGhyYjRKTG95eG5BaGtyL2VsaklCRTJiNmk5Z2VydXdjRVl6dWJOZndQV0RZdjdCVk8wZHhSRWh5OEt3d3FUV0x2bXVNVkpHdHNhVU9LSkoxRWcxQkgzSXc1Uk5YMjBMSEtTQmpGVDFnT3VHTmtEUTZzZ0Zxc0VRN3FwL05uellraUNXSWVmd2V5UFEybTl1YlNieHNQcmUyS3dyenppYStKMzY2eU5Xb1hiWTdnWGswTTVNR2lSS1MwdkpidjZRQTBSdUxqcEZIcU5MWWUrdmNBM1BMRkVoZytOdkU2aG0vMEFjTHRKU2lhMHRGWFBQUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2a3fd4a32e1cb9eb6937974e50de565da5b8aee63c7fa202b947dfc741466eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 31 Aug 2021 02:57:54 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2101
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 31 Aug 2021 02:57:53 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=h7eo93xIaXZ6Ui8xd0p0MGY5cTV2MzIwTFp5Nk82U29SU3c0SHZGZm9UMGhyYjRKTG95eG5BaGtyL2VsaklCRTJiNmk5Z2VydXdjRVl6dWJOZndQV0RZdjdCVk8wZHhSRWh5OEt3d3FUV0x2bXVNVkpHdHNhVU9LSkoxRWcxQkgzSXc1Uk5YMjBMSEtTQmpGVDFnT3VHTmtEUTZzZ0Zxc0VRN3FwL05uellraUNXSWVmd2V5UFEybTl1YlNieHNQcmUyS3dyenppYStKMzY2eU5Xb1hiWTdnWGswTTVNR2lSS1MwdkpidjZRQTBSdUxqcEZIcU5MWWUrdmNBM1BMRkVoZytOdkU2aG0vMEFjTHRKU2lhMHRGWFBQUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1945
content-length
541
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2289 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 31 Aug 2021 01:05:20 GMT
expires
Wed, 31 Aug 2022 01:05:20 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8442 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ea5274cd7904a50beb2ca8615db81748606aa77be6b70443e4df3c6348ec082
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RkqkQN7gZDFcLmtcIyiDDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sanook.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.sanook.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 31 Aug 2021 02:57:54 GMT
date
Tue, 31 Aug 2021 02:57:54 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-RkqkQN7gZDFcLmtcIyiDDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
pagead2.googlesyndication.com/bg/ Frame 2289 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 21:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
21295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13187
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 21:02:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082701&jk=1819461917466331&bg=!rK-lr-vNAAZOkH6FTpA7ACkAdvg8Wv93xL_r7b1ET_EPHpNbI7P-B5Ty6QST6PYqHw67ozV4ZhsADQIAAABlUgAAAApoAQcKANMncJOmUVB3ZbYq5toqvd3n4PPcvAGFsiFgMWyBhTXyMn-yrS8kldKZ10Wga_IcltQ_V0LjpBrMt09r-N6pxZ_bDRaHTmNmmBuxG-SGo0HEu0cJP0WBNgwvOV2rP4TjaZHETVWEdEDXoe9pGdUm79gfgd9-lkpsgi-AKwq0JONt1vDCVWSOxCAeST0HnEoyr5agMdpJJa8WfLb2-3nFJ3oFqXd0vVD9y3nrgDcXQPKrWHI1CCLyycXMnHeRfM9Y58cypmOvNwFW1KDJr8JcT2ennOmOmQKDcQm_XGZbLNWHcCpDRFGorJyz6polBdXg8OaHb9kFSMkAYZA-yRSMjqGpacEWJIdzwrazJ8IdNmVpYIACcaNZSMo-GYu_trFBmYjdSBa65UpM-un9eaaT5Lj9ehiotbDa55hPWOrqFzfJkwl1OW8O8BPsj-GtJI-V5ZtoEpAoSk_JIOAo30SBZLU6lVdCgxRkImMrs6jeVosLJniIf3iy6Hytz7iqds-3YKM8XF-tor-1_g7pOpgNUZ0KutHWCL_ecv8Xt-P_mBQ3bX-Y4vB63CmSOVNtUDoyB3nGbUHrmhLb1NgQxBKNcAZef6JDj8s1dDs1q3Tiy6LxQaTF1m-iEPLwyQHkBVKgQa9N1IbWHgDzWJPv8b1Fd4Ndl6-1BjoFS_DEnGPtWQDfbhcI7SM6he4uRjHz_4pqN1qMxj4V16fmwI6GRhy3eSMw-tp4B5uRH6YtlAAk1I7eNPyHS1ZY5DiduyQhr8Ozv7aFF0gzfDDATOhGuNTn2Anx4UURWB6HvgbkFaeGdU9oe1ciHEToNQR2IR9zS41og_CyuslZyAfMgnOZFZc2cw_0PHirxKPlGN0rAG3KxzL02H02CvBNPLZy1iBepV2fEEyVKiOhVSebd9qw7oMdu2HoXVConTtZn4stMJNvkd7i94TsHIX2wfUXbhRH56wjkb2ohjhZIYAFRUPpDrfyI_p0c59MhbNRyLE2fx8Wp9tz6cm_rBy7dPI2fiIRWjIHlCEbV6koT6zA-f125f7r7IZoBlOjXbVMuJmGoOGoBEwAmktqZv1FymJqiwfzhEA5HyIiYAJpBtldKIci3kUsn0UkO0XIZG8xMBwLgsxxOETUvsOlQSk672R2ew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
jquery-1.8.3.min.js
s.isanook.com/sh/0/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 04:02:48 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 18 Sep 2013 06:11:51 GMT
server
Lego Server
age
301
etag
"52394427-16dc4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
16179877664807968834
accept-ranges
bytes
content-length
33479
expires
Thu, 23 Sep 2021 04:02:48 GMT
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE4ODkvMzFhdWcuanBn.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE4ODkvMzFhdWcuanBn.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
297034e4fc4bc86e8b391c05b5b01c03bdd551ace36b4ccc8aa29e3a3da53589

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 01:11:54 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
8874323551610287270
accept-ranges
bytes
content-length
36617
expires
Thu, 30 Sep 2021 01:11:54 GMT
sanook-notification.1.0.3.min.js
s.isanook.com/no/1/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sr/0/_next/static/chunks/296c2f46e05a3698b69e11aff904f199bbae8293.917adce89b0ea44db467.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 00:33:12 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
last-modified
Tue, 08 Oct 2019 09:05:20 GMT
server
Lego Server
age
0
etag
W/"5d9c5150-842"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
17599209671792088904
accept-ranges
bytes
content-length
1054
expires
Fri, 24 Sep 2021 00:33:12 GMT
sanook-notification-v1.017b.css
s.isanook.com/sh/0/cs/ 		3 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/sh/0/cs/sanook-notification-v1.017b.css
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/sh/0/js/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 01:07:25 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
3433
server
Lego Server
age
0
etag
W/"5d9c5105-d69"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-nws-log-uuid
13632363741305314216
accept-ranges
bytes
content-length
825
expires
Tue, 28 Sep 2021 01:07:25 GMT
socket.io.min.1.0.js
s.isanook.com/no/1/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.isanook.com/no/1/js/socket.io.min.1.0.js
Requested by
Host: s.isanook.com
URL: https://s.isanook.com/no/1/js/sanook-notification.1.0.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 16:34:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-original-content-length
43330
server
Lego Server
age
0
etag
W/"52393b2d-a942"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
5667118553788929349
accept-ranges
bytes
content-length
13513
expires
Mon, 27 Sep 2021 16:34:30 GMT
dc_oe=ChMI7IGk6qHa8gIV1RaLCh1U1AJhEAAYACD5vppJQhMI9_P36aHa8gIVzIp3Ch1J5AHD;met=1;&timestamp=1630378677715;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 204E 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7IGk6qHa8gIV1RaLCh1U1AJhEAAYACD5vppJQhMI9_P36aHa8gIVzIp3Ch1J5AHD;met=1;&timestamp=1630378677715;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIkuCh6qHa8gIVMeS7CB1wMw3XEAAYACD17ZBJQhMIk5L46aHa8gIVGbZ3Ch3-OgwH;met=1;&timestamp=1630378677717;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 598E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkuCh6qHa8gIVMeS7CB1wMw3XEAAYACD17ZBJQhMIk5L46aHa8gIVGbZ3Ch3-OgwH;met=1;&timestamp=1630378677717;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2YKj6qHa8gIVmMF3Ch2A1ANGEAAYACDY6JBJQhMIgM396aHa8gIVR_53Ch2JSA_R;met=1;&timestamp=1630378678125;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C101 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2YKj6qHa8gIVmMF3Ch2A1ANGEAAYACDY6JBJQhMIgM396aHa8gIVR_53Ch2JSA_R;met=1;&timestamp=1630378678125;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:57:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
notification.sanook.com/socket.io/1/ 		71 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.sanook.com:8403/socket.io/1/?t=1630378681581
Requested by
Host: www.sanook.com
URL: https://www.sanook.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
203.151.133.54 Bangkok, Thailand, ASN4618 (INET-TH-AS Internet Thailand Company Limited, TH),
Reverse DNS
54.134.151.203.sta.inet.co.th
Software
/
Resource Hash
5d42a55971206aa380d7b4e0331bb42f1b5385eea4ed92b6110c0459405349a7

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.sanook.com
Date
Tue, 31 Aug 2021 02:58:02 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE5MjUvMS5qcGc=.jpg
s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.isanook.com/fi/0/rp/rc/w535h321/ya0xa0m1w0/aHR0cHM6Ly9zLmlzYW5vb2suY29tL2ZpLzAvZnAvMzIwLzE2MDE5MjUvMS5qcGc=.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.91.221.32 Bangkok, Thailand, ASN38082 (IIT-TIG-AS-AP True International Gateway Co., Ltd., TH),
Reverse DNS
61-91-221-32.static.asianet.co.th
Software
Lego Server /
Resource Hash
873c02bdc7f74e4e47dc9469cad36185102d2bf7a4732cab22c99dad1bc0e67b

Request headers

Referer
https://www.sanook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 02:35:40 GMT
x-cache-lookup
Cache Hit, Hit From Inner Cluster
server
Lego Server
age
0
etag
W/"PSA-5NiKnzBlQ1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-nws-log-uuid
6688677188194176063
accept-ranges
bytes
content-length
27598
expires
Thu, 30 Sep 2021 02:35:40 GMT
dc_oe=ChMI7IGk6qHa8gIV1RaLCh1U1AJhEAAYACD5vppJQhMI9_P36aHa8gIVzIp3Ch1J5AHD;met=1;&timestamp=1630378687713;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 204E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7IGk6qHa8gIV1RaLCh1U1AJhEAAYACD5vppJQhMI9_P36aHa8gIVzIp3Ch1J5AHD;met=1;&timestamp=1630378687713;eid1=2;ecn1=0;etm1=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIkuCh6qHa8gIVMeS7CB1wMw3XEAAYACD17ZBJQhMIk5L46aHa8gIVGbZ3Ch3-OgwH;met=1;&timestamp=1630378687717;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 598E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkuCh6qHa8gIVMeS7CB1wMw3XEAAYACD17ZBJQhMIk5L46aHa8gIVGbZ3Ch3-OgwH;met=1;&timestamp=1630378687717;eid1=2;ecn1=0;etm1=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2YKj6qHa8gIVmMF3Ch2A1ANGEAAYACDY6JBJQhMIgM396aHa8gIVR_53Ch2JSA_R;met=1;&timestamp=1630378688125;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame C101 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2YKj6qHa8gIVmMF3Ch2A1ANGEAAYACDY6JBJQhMIgM396aHa8gIVR_53Ch2JSA_R;met=1;&timestamp=1630378688125;eid1=2;ecn1=0;etm1=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:58:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p3.isanook.com
URL
https://p3.isanook.com/sh/0/di/ac/vl/spacer.gif
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/6gKGIMOXYYAaEt2loOPE_y5Y_PepjaUwyzoGEOWjQQI.js
Domain
um.wbtrk.net
URL
https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEE4lhVBTOIfMn8UWQ_2yHHI&google_cver=1&google_push=AYg5qPJsBRSk9xuVncxUPD0ARezIsOXgBnpjo7wuin8BJA7FEDBiNi78zWyoXjVOSFFLkq7y0fpxRrzVowffl2WRVd7JbegmXN4w
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHjINAM3iuWXTc_Jyf3vSsEPSarCQf9O2vg_fBt51TfRlR7-1dfdRLp0Aco58aGHk731yh7VXiww-oDQLcVxLTKzWPweiw-AkvwwQIS6kCo2Pn3Duj&sig=Cg0ArKJSzADzlxQ0r6c7EAE&id=lidartos&mcvt=0&p=0,0,0,0&asp=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=345054422&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1630378665931&rpt=1008&isd=0&lsd=0&r=u&ec=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu20C7CqGZKyWFGLU2VQ3m_CZkS7_PIDsvy4oLgaQZlBD2K9w6NJ_S4-K8W75Mj2eVJUHpFUP4M1SSwHdPSE3c1xvz4MV4n3zGK5EbGN8R7hqunu62J&sig=Cg0ArKJSzBBVhL0AtrQCEAE&id=lidartos&mcvt=0&p=0,0,0,0&asp=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=1033481451&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=3&eosm=0&rst=1630378666786&rpt=149&isd=0&lsd=0&r=u&ec=0

Verdicts & Comments Add Verdict or Comment

483 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| objGTMInitialValue object| smiData boolean| GTMFirstLoad object| dataLayer function| getPage boolean| THFirstLoad string| page string| SanookAnalyticsObject function| snSAL object| m function| fbq function| _fbq object| NREUM object| newrelic function| __nr_require string| deviceOS object| _izq object| criteo_pubtag object| criteo_pubtag_112 object| Criteo object| Criteo_112 string| hash string| turlnameindex string| _hsv string| _ht string| _ctg string| _hc number| __thflag undefined| stat_frm string| truehitsurl object| tga number| VisitorT number| onSeconds string| p_cookie function| getLogonTime function| getLogoffTime function| path_cookie function| logon_getcookie function| Tracker function| _rdId function| _toHex function| _gsc function| _Flv function| _Hash function| _ref function| collector function| th_ajax_tracker function| domain_cmp string| __th_page string| udf string| arg string| _narg string| rf string| truehitsurl_top object| th_img object| th_link object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| PWT object| googletag object| google_optimize function| _UA-8147095-6_sendHitTask function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT string| partnerName string| key function| onYouTubeIframeAPIReady object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| webpackJsonp object| _comscore object| innityDataLayer object| __NEXT_P object| regeneratorRuntime object| __NEXT_DATA__ function| __BUILD_MANIFEST_CB function| __NEXT_PRELOADREADY object| next object| __BUILD_MANIFEST function| udm_ object| ns_p object| COMSCORE object| container undefined| _izAlt object| izConfig function| _izooto boolean| isLottoContent object| __consolidated_events_handlers__ boolean| snBillboardPlaceholder object| _taboola string| DataCollectionObject function| datCol object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| innitytagmgr boolean| bG57b51f2f1c51b15b6d1e8553 object| _innityq object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| billboardRefreshList string| Oe string| Ce string| Ae string| Te string| Ee string| Le string| Ie string| Pe string| Ve string| Me string| Ne string| De string| Re string| He string| Be function| Fe function| $e object| qe function| ze function| Ge function| Xe function| We function| Ue function| Ke boolean| Ze function| Je function| Ye function| Qe function| tn function| en function| nn function| rn function| an function| on object| sn object| cn function| un object| saplugins object| saGlobal boolean| bG5f47736a47e7049801000002 object| _innity_wtl object| _innityoq object| V object| _iampt number| dz function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxIframes object| ampInaboxPendingMessages string| Ct string| At string| cd35 string| cd36 number| time_interval number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult function| calcTime undefined| width undefined| height object| block_url number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size30016status number| size30017status number| size30018status number| size30019status number| size30020status number| size30021status number| size30022status number| size30023status number| size30024status number| size30025status number| size30026status number| size30027status number| size30028status number| size30029status number| size30030status number| size30031status number| size30032status number| size30033status number| size30034status number| size30035status number| size30036status number| size30037status number| size30038status number| size30039status number| size30040status number| size30041status number| size30042status number| size30043status number| size30044status number| size30045status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size6006status number| size6007status number| size6008status number| size60010status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size7286status number| size7287status number| size7288status number| size7289status number| size72810status number| size72811status number| size72812status number| size72813status number| size72814status number| size72815status number| size72816status number| size72817status number| size72818status number| size72819status number| size72820status number| size72821status number| size72822status number| size72823status number| size72824status number| size72825status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9706status number| size9707status number| size9708status number| size9709status number| size97010status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size9702506status number| size9702507status number| size9702508status number| size9702509status number| size97025010status number| size1201status number| size1202status number| size1203status number| size1204status number| size1205status number| size1206status number| size1601status number| size1602status number| size1603status number| size1604status number| size1605status number| size1606status number| size1607status number| size1608status number| size1609status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size3206status number| size3207status number| size3208status number| size3209status number| size32010status number| size32011status number| size32012status number| size32013status number| size32014status number| size32015status number| size32016status number| size32017status number| size32018status number| size32019status number| size32020status number| size32021status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size1006status number| size1007status number| size1008status number| size1009status number| size10010status number| size4681status number| size4682status number| size4683status number| size4684status object| label_adapter object| machine_rules function| isInteger number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy function| myTimer number| myVar function| isVisible number| randomval1 number| network1 number| network2 number| percent1 number| namemc function| bidadjust1 number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| pbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop function| andbeyonddisps function| addListenerMulti boolean| idleStates object| idleTimers object| block_domain_creative string| pathurl12 number| geoindiablock function| callbackand0 function| $ function| jQuery object| adloox_pubint object| ignore number| refreshval number| number5 number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivergptuniversalb2 number| activergptuniversalb2 number| time_refreshunitrgptuniversalb2 number| nextnumberrgptuniversalb2 number| newflag number| diff number| flagnewone number| passivergptbillboard5 number| activergptbillboard5 number| time_refreshunitrgptbillboard5 number| nextnumberrgptbillboard5 number| passivergptSkyscraper3 number| activergptSkyscraper3 number| time_refreshunitrgptSkyscraper3 number| nextnumberrgptSkyscraper3 number| passivergptreca7 number| activergptreca7 number| time_refreshunitrgptreca7 number| nextnumberrgptreca7 number| passivergptrecb4 number| activergptrecb4 number| time_refreshunitrgptrecb4 number| nextnumberrgptrecb4 number| passivergptnative16 number| activergptnative16 number| time_refreshunitrgptnative16 number| nextnumberrgptnative16 object| GoogleGcLKhOms object| google_image_requests object| SanookNotification object| io boolean| WEB_SOCKET_DISABLE_AUTO_INITIALIZATION

0 Cookies

39 Console Messages

Source Level URL
Text
console-api warning URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_pb" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6)
Message:
[GPT] Cannot find targeting attribute "crt_bidid" for "/4899711/www.sanook/desktop/all/indexpage/reca".
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log URL: https://ads.pubmatic.com/AdServer/js/pwt/155976/781/pwt.js(Line 1)
Message:
Calling handler function
console-api log (Line 17564)
Message:
Country1CH
console-api log URL: https://s0.2mdn.net/10855819/1624624602133/35-IWE-GenesisCH_PH1-Billboard-970x250-ServiceMaleGV80_02/main.js(Line 32)
Message:
4.25
console-api log URL: https://s0.2mdn.net/10855819/1624624583265/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-FemaleGV80_GPA/main.js(Line 32)
Message:
3.75
console-api log URL: https://s0.2mdn.net/10855819/1624624585755/27-NZZ-GenesisCH_PH1-MobileMrec-300x250-ServiceMaleGV80/main.js(Line 32)
Message:
3.75

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6b076f7b33253c1d0d8776eeeec77b35.safeframe.googlesyndication.com
8e3da99a142afa20fbecdd994de0358e.safeframe.googlesyndication.com
a.rfihub.com
a.teads.tv
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
api.u1sf.com
avd.innity.com
avd.innity.net
b1sync.zemanta.com
bam.nr-data.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c1.adform.net
casale-match.dotomi.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
code.nytive.com
connect.facebook.net
d5p.de17a.com
dc.sanook.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
global.cloud.netacuity.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.sanook.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img-as.fsanook.com
js-agent.newrelic.com
js-sec.indexww.com
lvs2.truehits.in.th
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
notification.sanook.com
p.adlooxtracking.com
p3.isanook.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb-eu.andbeyond.media
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s.isanook.com
s0.2mdn.net
sal.isanook.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
st.yengo.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
t.pubmatic.com
tencentth-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
um.wbtrk.net
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.sanook.com
x.bidswitch.net
p3.isanook.com
pagead2.googlesyndication.com
um.wbtrk.net
101.33.11.45
101.33.11.88
104.103.92.43
104.108.144.200
104.108.144.214
104.108.145.8
119.81.216.16
13.224.93.76
142.250.184.194
142.250.185.130
142.250.185.226
142.250.185.66
150.109.91.55
151.101.13.27
151.101.14.49
159.65.197.210
162.247.242.21
169.50.137.190
172.217.16.130
173.231.180.197
174.137.133.49
178.250.0.157
178.250.0.163
178.250.2.131
18.156.0.31
18.156.68.186
18.233.75.25
185.29.134.244
185.33.220.244
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.226
185.64.190.80
185.86.137.131
192.132.33.46
193.0.160.128
198.148.27.140
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
203.151.130.71
203.151.133.5
203.151.133.54
203.151.133.6
213.155.156.167
213.19.162.61
23.106.253.167
23.209.68.8
2606:4700:10::6816:1857
2606:4700::6810:125e
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2006
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2004
2a00:1450:400c:c06::9b
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:20::2040
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.125.99.7
34.107.231.31
34.193.59.132
34.249.175.116
34.96.105.8
34.98.64.218
35.157.53.20
35.190.0.66
35.244.174.68
37.157.3.29
51.75.146.200
51.79.83.225
52.209.129.133
52.30.14.23
52.30.92.119
52.46.130.91
52.86.210.192
54.171.219.200
54.209.33.59
61.91.221.32
61.91.93.188
64.202.112.31
66.155.71.25
69.173.144.138
69.173.144.139
76.223.111.131
77.245.57.78
85.114.159.93
88.221.7.65
91.228.74.133
92.122.26.214
019ed424bb2625ab248108e111db35fa2da95fcb6835d22ced14c76d8bc46009
021dc856412f5a7b910ef0137fb3261caf88fb2689ee62b23842aff63204c133
02729899e910c0a0a5fe129ddf1906312da5be7e415b1b2272d216385759b0a8
02fa27e8e6261363e94334173b181f28171a7a408cb675bb6afbdcc4171d2769
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0464387ee82b37e9d2fe2be926c1e42e5a05acf1bf319cbed950509071f16e8f
076d24cbdcf9e0597833fef55d3dca79e6b5fd281e45d85957bea5925473bc6c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf97815cdc9239734a88f22aef7a83c4346401c468e8b790515fab48f5c58a9
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d98f7c47aa7136f264d8ca69558ac9a99357614f68c99df2c77b67188a51b2c
0e2562b7d649b68d058c075e9b1c9cd4b9b33423967df4ac57d9e28197175f81
10b0fce30e085e2132b1450112e66746b7910bf04d62908e3927d00f4953077b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1249d551ebe5ad030b7220b92d2583d482b6a4cd0ea33a4a0ee8456118ae4990
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140582e47785a6324e4440adcd51bc14005892d083eff72f66265b568db5933b
146749d9b86903f6c1fcbfecd5cf7e74ceb111f0d39951b5c90e99cf28d86b7e
15965cd01af1305315401fe00980e1e2a44c19f3321b3107880fb18a92585821
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
180425af28d98940d88774e896fe688dcb33b41df94ac547989b4d41d6925f5c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19dd274fc2f8319a727f0c14e7a80d27c5f9eeec3bd06169be4155fa9d6ae377
1ee95fab5b193f1aefa0f7c0fa8bb2778c90e1935389c5a9cfef8927497e77b1
1f3a1c6c709557abdb6d89dab8b86d8f9a5db9961647ec29dbce164c127031db
202c62154b85f60edb1b14a28a22e83e5a87f97f2c5f8567590cedea75a0cd78
26bd871d831ffb51a378bc72b7d060f1097fa1cb699ad58e84f4f1e31e8c465e
27f6c0723a8c90ef39d2894d0058897f4d95586c19b78567a5fd374f76540756
28bed26bca6f7b3086dbb2fa4de9654411a039ce2e7b163da3e3211e9b4d3651
297034e4fc4bc86e8b391c05b5b01c03bdd551ace36b4ccc8aa29e3a3da53589
2a3fd4a32e1cb9eb6937974e50de565da5b8aee63c7fa202b947dfc741466eb1
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2c3140b46d7335d89224e60f1e12d6257851eb8b99bf4d9e72adbbd564ffb797
2c3282f6361e85f669bc3d248b8693c53dd22f8f06488c99beb57258e6e00f87
2c5306a77509c297d3639e90a840f4fa8cb467c628aed90870545690a2cd081d
2c79f136100e03e374abca6bf96bc12d475dd26b8fa5ba73503ed84b2afbbc27
2ce8d485a178a8068cce921e915cbd68e389b2caa4453a6dd3c7bf401fd0df57
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2ffd4b4a9a876c813d8482f3d9f5ea545a4b8eaa65bfa4593ebffc27ba10ab
2e584655c42356a89cf3ec1059cdd6ce82362711d2c016315e7ee86ddea8c672
31bd8f1d5a0f3fce868b971c7f52603de284a7efe3693a5fdc2f019ab20d965a
3742d5b28f7d0667a9e788a9a6867410194c116b62d93bcd6d256dad386189ad
3750dc9190c5f0f2190e1982999c45a5a64f76be5281139538e2a370a9344b6f
3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7
3d547ef0601715a017405bb2dfeb08267e73b4dbac9fcf9c5774dd10c38c1510
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40fa175491776aaf45eb26574cdb34ca6432219dab4d20fe5b3ec93577acda26
4187ccd35c686f7ee17981362e555d34ecc96f835790ffd0d18bc9383f642f6f
4250a5d715c7b1d241076b9ca29f66d5fed35c68395d1c7f0be6662437eef3fc
436fb2a07d97b6149d0f8f57dc1a962eda55f409157e3450f075f7157d7816a7
43c706b57a501d766c69324658fffe4a4a5ed84bdadb1fecc639ee2892cbc4f7
44a8550a5891e70e072fe307ff01f77c94c89a120117c7aaa82e5e9ac2860436
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e320d7c30bc19b24457e150841c53bedb6b51acc3e792ad0f2a31e3951475e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6517a830207b1c158d471121e399fc3cd7246fabb8ce47390675917b4e17d5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9e2d9cb3a553b04a4f89fa2b40485c31e04dcc0516589f7c1fb9f87a3435c1
4dd109e5b71823810abf407ad41458584d4066b2d038d1c80f2a40732d068e7f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed603a10ee80d79ada66fddaa5fa8eff203e3000608353de6c8497ceb3e7631
4f256d12de75913a1c9f9d402e145dfde8cdf1d8b219d28c7c2fb82aa189e46e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fae7771c6196aa9af014cafb8b988bac37eaf12e6b50780bcfe3923a7be6f16
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
546540b404881d7294e0a9e09c2804240136aaf660471a80b9d6ad9eba4a86ef
556b54759c6cef79505607ce76cb1b45c1ea663582f337599d7c602b46e70a0c
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
56f36534c63fc42b782437937dd71f47ee3fdcdfaa70f1483533ff44c5fde84a
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
59744294205dbaa28a352be3d981d01fad1ffbb0541619f790f5c2325513e13d
5983d8d70fef3d5b1bd8f959351ee514557d58caf587777af8db3bc8844fc6c8
5a44bb0da76356746f2a4720dbdcb4c385e865b5a009f76fb252960532ccad17
5b0a1c9fa55b83f6c2baabc1ff99f48a43294126d03299226c166fb461520305
5c504972d88eab944e441a523cc7be0b4971c917e062c2945b7985e32a40d330
5d42a55971206aa380d7b4e0331bb42f1b5385eea4ed92b6110c0459405349a7
60e0721a3cdf94041a9615341592e4bbf44a51c075e1b14b0d1fe90613f15777
616d170a503f4e7a668bb4b6ccd21cb926059c5c2d0bac657ffbc09f25c0cdb5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62a73f1956665bbc0abb8d399d9f1e16ba4a0b6a9a98526c1cbf7f7d0ae7d388
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
62d8d67fa30964811cfbe1465848a0b0a0436e43d90ff3c330a3ce998d521cc6
635664c62c16fe2ab1476757c43e3018ca1a14e8f83dbad2ca843c08a0ec8898
64f55f3c746a8be7700cefa5766b912e686840b8d58b8c5f31b01fbbb861ff52
652c658744ae19c5d339857c6f5c63171790ffebd88e004304420de09bf859aa
65a2c51a124c9c70ba2658a101e28c00535c64651897577b2ed90693e9aeabd4
65d92e36ac9a058f660398ed713dda9b407854b01e659fe29508f8548f9eb479
683919f7aaba7013ff0166ff39a21ccc1eb71ee0b85a3b449ead469bfe2b0eb8
6981b6361b8b1e8f328b56a811a4f21fc0faef7fd9a1fd1de7f7d735712577bb
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4bba15892a49e00bdfa9197ad03c766040c5d6545da3511b405015a4184f2b
6c566d610177d2a237a3dabd1e256faa9e141b816a37ede338d2328a680757ea
6ea5274cd7904a50beb2ca8615db81748606aa77be6b70443e4df3c6348ec082
7039a31cabdf37972bc95cdd885b69560a1a9353d063d1372d7c8407e846452d
70888bd52108ee4384de6a79bcc2395b7a594f1f3733d2ce04d4b6899e1c28fc
70c43dce4a0660213c91932e6b1b2c2a4370402bdbf51206a877d0b8d92312e2
73852526b4a43c4eaca5dd41bd2fdd0e76592b81d3a0d0d4b1260b3738285f43
74122d6bed0fd8d76af426f4643a54866d666807a69255ac875e5303b6742fed
78279f887bda9593fd3bafa8f13c41f381804ff9a9a739001564a6c000da2f26
7897bc9a4066b2205e3c1ded3a9abebeccdceac176a7caccf3ca3655a3a65a4e
789d1330ad94e742ece74db2e248347186ff8db4d57571c14149c636b53f6580
79e294a7071dc71eebe41f088919fd137441a80f5ba5bd2765b978726ec5ee9d
7abed7595ebbe4b9e6ed39844913ad19b128ec63452e36f55c51ef027d829bb4
7c97733cfcb2cf9c407d64412fa84f3204bd2f7148b0c9dac79153e00e0d808f
7d1e4a5c70c6d44d81ffdcda7e780e82b161181b9bf77345021ccbf3039b0e0c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f90dcd0fba90d90c2bb4b845ecacdfb21873fef07fc57d931fce0a5a43f4a40
8222a809127ce20f5200964cdc7f58c4fc9b386f0cb0591df90a4f10ff6e2011
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fafd02baa879d317f079c9d42e75653fd4966f3851732ff2785a75c3d30715
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852b86933d326a3c493f7f57ea4f3933167223b7bdfd37f3ee82523be4cd731e
86128b9ba700cc30d262ef818d0b1abbf894cac03dc67b1cd5b191363ba9c265
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
873c02bdc7f74e4e47dc9469cad36185102d2bf7a4732cab22c99dad1bc0e67b
87457a622ea97b393a3fc6c5924456324d339fac6853d24c1fba583226f99324
88ca13a1824d18666d986dceab4109c1049526a881b6d720e5a5e643f62ddb3c
899716bfc400834bce5f3eb44c40592045258adb4e2e2007ca29db21a9d3391e
8ca84095025b024952aee1f4000a3ffa5dd0321987688526f57d926d90d179ba
8d33fc9d897a6cb58f1f0d9cc394e70adbb8a1fa6064fa246d6d913047583330
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9ca9a070463bcbe29e90af7f3b2aff78adce09eb1481d5b261af72ef998f28
8f24bc39b121cdd2004a305481b02eee62f616f8ba1bdcd354e0147560c47311
8f3c9fae9b303fb34d7fc193dc9a2307b50dcd43afb767094604a5c48534af41
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
92c943740882d5358be2d836a205ffcf75b8886b0e17fd33356be6d5712d9f8e
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
98aee6ffed92f43d697845c103d37e575ddfaf8db5db86869ef6abc42c60857f
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
9a59c5e5bf506c979d9baf8521375edc46c510007ea428f877717bdf90a81528
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1871a52c377b6ff44b2c86e0e0a7620654212ee38f10bbd1364b80a7ed34b7
9c72aa303d5b14f0eb7289690ebe463b67448d7e61538a442d425e5a11de492b
9d91412f3838ae54c49111850d6eba640acc2cc438202cf1ee73bce728600ad0
a1a9de5eac74e095af7e42b62dffd46475355dce7394be19aabdb25bec786087
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3f3aaff98cef996a5a71b9f0de8750194f863f78c75371eeb6f88b9c4773d24
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dd6d1a338ee6666d4479f8a436bca06fb273c809c21e94f1da92cc0ca4ce06
a531318f14411b60f76e9f1ff557a0624d3d4ae4fabca14fdde110389dcfbcad
a5903995800a43b2a2677fd1c38adfa9578d5b93a97dc7f8f0cb730e9e5b1cf9
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab7a9e1dd7e6c7d5e3fa41ef5ff9c1fd12e0067c2b2875e6eb79a7bc6433658b
ac0d14d8b4a66299b3a84068fc5447d86121c033e665a51bbd3fb23938e00d3f
ad0f0dd6d6e29b33f279524d57d46471b63cf0bfd85001b585afe6b6eefc642b
add959e269a4562dd13010ed646398d5a6156e11db1886292b5eee313b4fb373
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f3544a89ea7b5a6a0d9810c8ae513ef68603141231166a5575ff3aa0927a71
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
b9537dcc795dc796d08d19db5335b17122817000e4ec7cc463f944a59176ec3b
b954d75fe18fc4f434d917c09c8074086ccd126e5af3b9103ab2724a0afe9d30
ba6c7f9cfb8c2fe4d00038491b53c40fe52d17e59910c936779a23fa713d5d61
baba37d2723b7fe15feac903de74bfedccd6953a304e4a11b518884189ed63ec
bbf7e93fd90794c3f5b38f89efdcea6cca757326c79d3f3853f82388729f3f26
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
c09778e8a6f52094885727d8c19f5ebad50b297fe9bc09431f2b04505b6c47b3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28df97cbdf3b633b4cdd09616091087a08ce583709edb1788f0109ce4200f4c
c4435a4fde8104837018873f1e1f3d34444619e2d7215c11e9ac3fa66c372d55
c557b75e0f45a56d474eb1d879ffd3793ab94423f54b1dc7ca93f8187bdb0fda
c6b893e809ad60307bde80e3aefa1731f6fb631552fb0cd5cfb15737fe4a297e
c8c555832866fc44c6671f90cf1b7789d180cece706459e225fd64036124ebe1
cd744f73b46242eef6859bc8dd539ad558f38d87d2dd695e22815f4b4b3fa847
cda8e751c232a6ad5c61a5ea42846abf027f3bf7155b91655a6994837f06467f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7a570e79e856bc6758142010ebf9a1574788828a4e61baf0d55a8ce7e7d823
cfa80a0f28b948ff235be2e348a251844306bd8b9e2fc73b563774a997596be8
d04f1633ccda8b6ae69614d710c26496ba47bd5d475c5b002a4c96c6c0c1cf18
d282b4b30237c9c12f3dfdc0eb87274bcc7c140ac33733c663301d54a57e70bd
d2f6fa607839754794318ead9b1a6680c0eb6904008a1eca281700aafe09c229
d3d234c662434057ebd6fe55270a6c0e7b935a5719344e8e71ebe625afd7222a
d407de092cd008466c2e659bc2bf89e54af2a1dd47f22e6f58b281233e9bd317
d56eab97646b7f1c11ee1e5d79be8e1aeacfa2807dc38ca7d37c28bbd4bc2780
d71a2b99a45d83fe742e77777daf8c55fd4d37ace24dc432e293cde0d3205585
d8405abefbd33ff333e343802dcc12751bd42a8f1b6524846420d09176d348ad
d8f33d6c740d94ec1551930b3c80a059580e9187f8f34cbd400af64e8a3e7c0f
db65126c2d025ea469b1b0a7a0c9da110181ff127649a4894ec35a37338ff3db
dcfe0ebd574786d0d0a01eac1c12a0561382486b8cc8777790f94361c3019ba3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2a0913e005539dec873be4241fec4fb354e263c44cc5277be0e6dd6bf98ec86
e2c1c46b95e76e5aa6f3568f5632db433ed8ff053dddb6698f46c6483413a586
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43457f2ee97cc1168c20dac84650b80b94d1ab7e464acfd07e602ac05c9d24d
e60ac48927d19cd0d094b0cf8975002e16ff724daa8c4911d14e722a6cf61c1b
e80226245d66e241b8313f64e1aa60ed6cd0b224142e626d9afbbde80758b044
e85c484f6c89adb2fa384c6a37acb03f6f9f50bd512cf2701c11922de364aef9
e90840ba8e99975dc53b26b16c56c117f267379efe7207981ec3c63fe991efba
e9a7f88990e25e0fd3d4cc931050b9e17f4ac792808d3fcb35babb4a41a9275d
ea028620c39761801a12dda5a0e3c4ff2e58fcf7a98da530cb3a0610e5a34102
ea72489e4dedb4e925a111a877cfbf6ab169d4b29b9d037bec637c670b32df1d
ebbf3a903c50ba2ddaf6c9959a5a371485a5eea7f36e4c96168f48b25c1fa9a5
ec661b5d4dc72d264f577068c594b27ce38d5fe584110dbb4ef92c163e755a69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dbb7ca43641688ff6f07eb498ba9f69e6722a01b789fa2f33d9a5249618efb
f1c0147936795b9e65ec53f600c4088c7f1ff1c7df80e46c9623b188b6bc73a5
f4f18b9c60d7c7fd6bd906a77def5f79450922b924c3de127922428e28efed7d
f5c2cea9fb4541a86979fdf18bb69f11555678d14a9d0b9be1758b65d180553b
f699d58ae53f35ebeaae462110a4f97bb5430753a9b0df8f766aa13db30b398e
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f7499ace47711e1d551810c1f8125288e98509a74f22065442f9c901ca8b18d5
f76ba127a1d68a303774ec473e346f2c66b932b3c884f403e784658ed9f4978b
f97c54cff7247704dab47f5b2cd44b9111d63985f590432f6d3f9bafa690826c
fa67e4211eade7f314c17000572b6b60865098362d87ca5897a11d9b8d01359e
fac1513b7ed40bbc59f0102c2164689e1ff7ce4505d94f74c4b55b9613b1e4c0
fc11c4b0a709faf866afca7038605816b1ef771453695eba9b964217d2c41609
fc29b5106b5b25458f3d8b90c4613be97c66a641ef62017e02691398d5742d3e
fc5d359705d84854b9d91a3e590b31e8202b5930684d90cf46316c996055c947
fcd56118cd1afc04b23cc3a7087467d4c53f759f69db816996b5b97f63364296
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdebd9e66a987b2c6f5edcbf8419624574a0c49d74c5a30e2ce484a76290988e